Skip to content

Add dynamic permissions example #739

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
colmenero merged 13 commits into from
Jul 1, 2025
Merged

Add dynamic permissions example #739

colmenero merged 13 commits into from
Jul 1, 2025

Conversation

@colmenero
Copy link
Contributor

@colmenero colmenero commented Jun 10, 2025
edited
Loading

Summary

Add an example that showcases dynamic permissions. This example is based on the one that codegen generates, with small modifications. First, the QoS configures security. Then, the publisher examples updates a QoS property (the Permissions Docuemnt) after some samples.

Details and comments

This PR also:

  • Includes a CMake script to be able to generate a Permissions Document that expires in 1 minute.
  • Modifies ConnextDdsGenerateSecurityArtifacts.cmake to work with OpenSSL 3. The new version requires configuring the CA certificate as a CA (CA_EXTENSION v3_ca).
  • Add the enable_key_revision to the general Governance Document.

Checks

  • I have updated the documentation accordingly.
  • I have read the CONTRIBUTING document.
  • I have added a new C/C++ example and updated examples/connext_dds/CMakeList.txt accordingly.

This comment was marked as outdated.

Sign in to view

@colmenero colmenero marked this pull request as ready for review June 10, 2025 10:58
luisrg-rti
luisrg-rti reviewed Jun 16, 2025
View reviewed changes
@colmenero colmenero requested review from Copilot and luisrg-rti June 24, 2025 10:16
Copilot AI reviewed Jun 24, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds a dynamic permissions example that demonstrates how to update a Permissions Document after it expires, modifying both security configuration files and build scripts. Key changes include:

  • Updating the Governance XML schema and adding key revision support.
  • Modifying CMake modules to work with OpenSSL 3, including certificate configuration changes.
  • Adding a new C++11 dynamic permissions example (publisher and subscriber) along with supporting IDL and application files.

Reviewed Changes

Copilot reviewed 12 out of 12 changed files in this pull request and generated no comments.

Show a summary per file
File Description
resources/security/xml/Governance.xml Updates schema version and enables key revision.
resources/cmake/Modules/ConnextDdsGenerateSecurityArtifacts.cmake Adjusts file path usage and adds CA_EXTENSION configuration.
examples/connext_secure/dynamic_permissions/c++11/modify_permissions.cmake Introduces a script to update the permissions file timestamp.
examples/connext_secure/dynamic_permissions/c++11/dynamic_permissions_subscriber.cxx Implements a subscriber for the dynamic permissions example.
examples/connext_secure/dynamic_permissions/c++11/dynamic_permissions_publisher.cxx Implements a publisher that updates its Permissions Document after a set sample count.
examples/connext_secure/dynamic_permissions/c++11/dynamic_permissions.idl Defines the DynamicPermissions structure.
examples/connext_secure/dynamic_permissions/c++11/application.hpp, application.h Provide application helper functions and argument parsing for the examples.
examples/connext_secure/dynamic_permissions/c++11/USER_QOS_PROFILES.xml Configures QoS profiles for the dynamic permissions example.
examples/connext_secure/dynamic_permissions/c++11/CMakeLists.txt Defines build rules for the dynamic permissions example.
examples/connext_secure/dynamic_permissions/README.md Documents the example usage and builds instructions.
examples/connext_secure/CMakeLists.txt Integrates the new dynamic permissions example into the secure examples set.
Comments suppressed due to low confidence (1)

examples/connext_secure/dynamic_permissions/README.md:48

  • The subscriber command in the README appears to have a typo ('sh.' prefix). It should probably be updated to simply './dynamic_permissions_subscriber' to avoid confusion.
sh./dynamic_permissions_subscriber

luisrg-rti
luisrg-rti previously approved these changes Jun 24, 2025
View reviewed changes
krd-rti
krd-rti previously approved these changes Jun 24, 2025
View reviewed changes
@colmenero @krd-rti
update schema version of the Governance
0a945c1 
The file doesn't exist yet, but it should exist once the release is out.

Co-authored-by: krd-rti <[email protected]>
@colmenero colmenero dismissed stale reviews from krd-rti and luisrg-rti via 0a945c1 June 25, 2025 17:47
luisrg-rti
luisrg-rti previously approved these changes Jul 1, 2025
View reviewed changes
krd-rti
krd-rti approved these changes Jul 1, 2025
View reviewed changes
@colmenero colmenero merged commit 185c229 into rticommunity:master Jul 1, 2025
0 of 2 checks passed
@colmenero colmenero deleted the feature/dynamic_permissions branch July 1, 2025 21:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@lulivi lulivi lulivi approved these changes

@krd-rti krd-rti krd-rti approved these changes

@luisrg-rti luisrg-rti luisrg-rti left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@colmenero @lulivi @luisrg-rti @krd-rti