1. Put the API access control checks in the frontend service to the access control service; 2. Use casbin as the access control engine; 3. Remove the mesapy-based access control engine as mesapy is no longer maintained.
## Description Please include a summary of the change and which issue is fixed. Please also include relevant motivation and context. Fixes #700 ## Type of change (select or add applied and delete the others) - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [X] Breaking change (fix or feature that would cause existing functionality to not work as expected) - [ ] API change with a documentation update - [X] Additional test coverage - [ ] Code cleanup or just sync with upstream third-party crates ## How has this been tested? ## Checklist - [ ] Fork the repo and create your branch from `master`. - [ ] If you've added code that should be tested, add tests. - [ ] If you've changed APIs, update the documentation. - [ ] Ensure the tests pass (see CI results). - [ ] Make sure your code lints/format. You can view, comment on, or merge this pull request online at: https://github.com/apache/incubator-teaclave/pull/704 -- Commit Summary -- * Enable access control service -- File Changes -- M .github/workflows/doc.yml (4) M .github/workflows/ubuntu2004-test.yml (17) M CMakeLists.txt (40) M LICENSE (1) M cmake/scripts/sgx_link_sign.sh (2) M cmake/scripts/test.sh (34) M cmake/tomls/Cargo.sgx_trusted_lib.lock (545) M cmake/tomls/Cargo.sgx_trusted_lib.toml (2) M cmake/tomls/Cargo.sgx_untrusted_app.lock (413) M cmake/tomls/Cargo.unix_app.lock (448) M config/build.config.toml (14) M docs/service-internals.md (4) M examples/rust/builtin_ordered_set_intersect/src/main.rs (27) M services/access_control/enclave/Cargo.toml (2) M services/access_control/enclave/src/acs.rs (410) M services/access_control/enclave/src/lib.rs (20) M services/access_control/enclave/src/service.rs (287) M services/access_control/model.conf (34) A services/access_control/policy.csv (28) D services/access_control/python/acs_engine.py (648) D services/access_control/python/acs_engine_test.py (100) D services/access_control/python/acs_py_enclave.c (3191) D services/access_control/python/ffi.py (33) M services/frontend/enclave/src/lib.rs (43) M services/frontend/enclave/src/service.rs (277) M services/proto/src/proto/teaclave_access_control_service.proto (42) M services/proto/src/teaclave_access_control_service.rs (51) M services/utils/service_enclave_utils/src/lib.rs (4) M tests/functional/enclave/src/access_control_service.rs (140) M tests/functional/enclave/src/end_to_end/mod.rs (2) M third_party/rust-sgx-sdk (2) -- Patch Links -- https://github.com/apache/incubator-teaclave/pull/704.patch https://github.com/apache/incubator-teaclave/pull/704.diff -- Reply to this email directly or view it on GitHub: https://github.com/apache/incubator-teaclave/pull/704 You are receiving this because you are subscribed to this thread. Message ID: <apache/incubator-teaclave/pull/7...@github.com>
