Add credential checks This change adds authentication/credential checks to sensitive API methods, depending on the access level granted to the authenticated user. It also adds the logic to save the authenticated user to the audit log entries. Note: the protobuf definitions were updated in a backwards-incompatible way (KillSwitchAuthorizedUser.AccessLevel enum). This can be done since this product hasn't yet launched. Fixed: twpowertools:46 Change-Id: I9bf888d6108f463369143610d4bd5b256035b68f

commit: c147b6aac8960a5240803c3d2efd81ab17a5ef41 [log] [tgz]
author: Adrià Vilanova Martínez <me@avm99963.com> Wed Sep 01 17:25:38 2021 +0200
committer: Adrià Vilanova Martínez <me@avm99963.com> Thu Sep 02 13:52:57 2021 +0200
tree: 2a6c47a1857fcd1a744170b8c64e042d405aaa2b
parent: 25e1211395cfecfbccad20f91fa03b9cd715b008 [diff] [blame]
diff --git a/api_proto/kill_switch_objects.proto b/api_proto/kill_switch_objects.proto
index 11c2c16..041291f 100644
--- a/api_proto/kill_switch_objects.proto
+++ b/api_proto/kill_switch_objects.proto

@@ -32,8 +32,8 @@
   string email = 3;
   enum AccessLevel {
     ACCESS_LEVEL_NONE = 0;
-    ACCESS_LEVEL_ACTIVATOR = 1; // The user may enable/disable kill switches.
-    ACCESS_LEVEL_ADMIN = 2; // The user may perform any action.
+    ACCESS_LEVEL_ACTIVATOR = 5; // The user may enable/disable kill switches.
+    ACCESS_LEVEL_ADMIN = 10; // The user may perform any action.
   }
   AccessLevel access_level = 4;
 }
commit	c147b6aac8960a5240803c3d2efd81ab17a5ef41	[log] [tgz]
author	Adrià Vilanova Martínez <me@avm99963.com>	Wed Sep 01 17:25:38 2021 +0200
committer	Adrià Vilanova Martínez <me@avm99963.com>	Thu Sep 02 13:52:57 2021 +0200
tree	2a6c47a1857fcd1a744170b8c64e042d405aaa2b
parent	25e1211395cfecfbccad20f91fa03b9cd715b008 [diff] [blame]