v3.0.0-alpha.4

[LeChatP]

Pull Request for version 3.0.0-alpha.4

Description

This pull request introduces breaking changes to the RootAsRole project.

Changes

Abandonment of XML in favour of JSON

• The project now embraces JSON for configuration management, offering improved flexibility.
• After careful consideration among JSON, YAML, or KDL, JSON emerged as the preferred choice.
  1. chsr is simple enough to avoid direct file manipulation
  2. JSON is the industry's most used and interoperable.
  3. Discouraging text editing because rootasrole.json should be immutable, as using chattr is annoying
  4. Other formats allow comments. These would be deleted each time using chsr tool

Adding new configuration file for storage configuration

As RootAsRole implements the RBAC model, it would be interesting to plan the database integration, such as LDAP for user assignment and SQLite/PostgreSQL/MySQL for role and task definitions.

Rewrite of chsr tool

• The chsr tool has undergone a complete rewrite, eliminating the Text User Interface (TUI).
• Concerns regarding usability inefficiency drove the decision to move away from TUI.
• The new Command-Line Interface (CLI) offers enhanced usability and efficiency in managing roles.
  • Inspired by tools like ip or nftables, the new CLI syntax is intuitive and user-friendly.
  • We developed a grammar pest to enable syntax management like these tools, as clap-rs couldn't suffice.
• Closing RHEL: chsr not working correctly #41

Plugin-based features

RBAC-0 features are now core program features, with the implementation of hierarchical roles moved to an 'API'. This facilitates the addition of new features for the separation of duties.

Other new features

• The sr command now operates in a pty, mitigating tty hijacking risks.
• Enhanced options include:
  • Multiple environment variable management policies for flexibility in handling environment variables.
  • Inheritable option management allows administrators to define general and specific options with inheritance control.
  • Timeout is now an option per-task, providing granular control over task execution.
• Fixes RHEL: capable not working #40

Impact

• Users must migrate their existing XML configuration files to the new JSON format.
• The command-line interface of the chsr tool will require users to adjust their workflow.

Testing

• Unit tests have been updated to validate the behavior of the project with JSON configuration files.
• Integration tests have been performed to verify the functionality of the chsr tool's new command-line interface.
• Some new unit tests added.

Note

This is still an alpha; many features may not be completely tested.

TODO

• Documentation

[codecov]

Codecov Report

Attention: Patch coverage is 13.59060% with 1030 lines in your changes are missing coverage. Please review.

Project coverage is 41.80%. Comparing base (39a7921) to head (8be3959).

Files	Patch %	Lines
src/chsr/cli.rs	13.10%	829 Missing ⚠️
src/config.rs	0.00%	99 Missing ⚠️
src/api.rs	30.57%	84 Missing ⚠️
src/chsr/main.rs	0.00%	18 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main      #42      +/-   ##
==========================================
+ Coverage   40.97%   41.80%   +0.83%     
==========================================
  Files          23       19       -4     
  Lines        6170     4313    -1857     
==========================================
- Hits         2528     1803     -725     
+ Misses       3642     2510    -1132     

Flag	Coverage Δ
unittests	41.80% <13.59%> (+0.83%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.