Skip to content

Allow reused MFA for specific admin action endpoints#36830

Merged
Joerger merged 4 commits intomasterfrom
joerger/admin-actions-allow-reuse
Jan 22, 2024
Merged

Allow reused MFA for specific admin action endpoints#36830
Joerger merged 4 commits intomasterfrom
joerger/admin-actions-allow-reuse

Conversation

@Joerger
Copy link
Copy Markdown
Contributor

@Joerger Joerger commented Jan 17, 2024

Part of the implementation for #35185

Follow up PRs: Use reused MFA for...

  • Adding users
  • Inviting cloud users
  • Bulk tctl create actions
  • Updating a saml idp service provider with tctl

Based off #36782

@github-actions github-actions Bot requested review from mdwn and zmb3 January 17, 2024 20:30
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Jan 17, 2024

The PR changelog entry failed validation: Changelog entry not found in the PR body. Please add a "no-changelog" label to the PR, or changelog lines starting with changelog: followed by the changelog entries for the PR.

@Joerger Joerger added no-changelog Indicates that a PR does not require a changelog entry backport/branch/v15 labels Jan 17, 2024
@Joerger Joerger mentioned this pull request Jan 17, 2024
Closed
@Joerger Joerger force-pushed the joerger/scoped-webauthn-server-changes branch from 3cedcff to e1f8d74 Compare January 17, 2024 21:37
@Joerger Joerger force-pushed the joerger/admin-actions-allow-reuse branch from 5ebc037 to 0253bf1 Compare January 17, 2024 21:39
@Joerger Joerger force-pushed the joerger/scoped-webauthn-server-changes branch 2 times, most recently from 2358283 to 08217e1 Compare January 18, 2024 19:27
@Joerger Joerger force-pushed the joerger/admin-actions-allow-reuse branch from 0253bf1 to bfdf2d4 Compare January 18, 2024 19:27
@Joerger Joerger requested a review from rosstimothy January 18, 2024 19:27
rosstimothy
rosstimothy reviewed Jan 18, 2024
View reviewed changes
Copy link
Copy Markdown
Contributor

@rosstimothy rosstimothy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It looks like this might have broken a few existing tests

@Joerger Joerger force-pushed the joerger/scoped-webauthn-server-changes branch from 08217e1 to 3cb9d1f Compare January 18, 2024 20:44
@Joerger Joerger force-pushed the joerger/admin-actions-allow-reuse branch 2 times, most recently from 21a9145 to ad770eb Compare January 18, 2024 21:26
rosstimothy
rosstimothy approved these changes Jan 18, 2024
View reviewed changes
Comment thread lib/authz/permissions.go Outdated
@public-teleport-github-review-bot public-teleport-github-review-bot Bot removed the request for review from zmb3 January 18, 2024 22:13
@Joerger Joerger force-pushed the joerger/scoped-webauthn-server-changes branch from a651395 to 96d7b0a Compare January 19, 2024 19:54
@Joerger Joerger force-pushed the joerger/admin-actions-allow-reuse branch from 5798593 to 114e0e7 Compare January 19, 2024 19:55
@Joerger Joerger mentioned this pull request Jan 19, 2024
Merged
@Joerger Joerger force-pushed the joerger/scoped-webauthn-server-changes branch from 96d7b0a to d7b053f Compare January 20, 2024 01:01
@Joerger Joerger force-pushed the joerger/admin-actions-allow-reuse branch from 114e0e7 to cf9c4d6 Compare January 21, 2024 21:28
Base automatically changed from joerger/scoped-webauthn-server-changes to master January 22, 2024 19:11
@Joerger Joerger force-pushed the joerger/admin-actions-allow-reuse branch from ff193b0 to 12165a1 Compare January 22, 2024 19:19
@Joerger Joerger enabled auto-merge January 22, 2024 19:36
@Joerger Joerger added this pull request to the merge queue Jan 22, 2024
Merged via the queue into master with commit 7f5e233 Jan 22, 2024
@Joerger Joerger deleted the joerger/admin-actions-allow-reuse branch January 22, 2024 20:22
@public-teleport-github-review-bot
Copy link
Copy Markdown

public-teleport-github-review-bot Bot commented Jan 22, 2024

@Joerger See the table below for backport results.

Branch Result
branch/v15 Failed

@Joerger Joerger mentioned this pull request Jan 23, 2024
Merged
Joerger added a commit that referenced this pull request Jan 23, 2024
@Joerger
Allow reused MFA for specific admin action endpoints (#36830)
7bd11e6 
* Allow reused MFA for specific admin action endpoints.

* Add godoc.

* Fix IsMFARequire_AdminAction and add test.
github-merge-queue Bot pushed a commit that referenced this pull request Jan 24, 2024
@Joerger
Allow reused MFA for specific admin action endpoints (#36830) (#37065)
df3e711 
* Allow reused MFA for specific admin action endpoints.

* Add godoc.

* Fix IsMFARequire_AdminAction and add test.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@rosstimothy rosstimothy rosstimothy approved these changes

+1 more reviewer

@mdwn mdwn mdwn approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

no-changelog Indicates that a PR does not require a changelog entry size/md

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@Joerger @mdwn @rosstimothy