allow role to specify access to specific operations#170
Conversation
heskew
force-pushed
the
user-role-select-ops
branch
from
a631587 to
c5434ce
Compare
|
This is looking great! |
| */ | ||
| export const OPERATION_PERMISSION_GROUPS = { | ||
| /** Read-only operations that do not modify data or configuration */ | ||
| read_only: [ |
There was a problem hiding this comment.
Considering the studio, some other ops that might be good here - all component get ops, get config, get logs...
Also, the SQL one is tricky, since it can do more than just read
There was a problem hiding this comment.
Also, the SQL one is tricky, since it can do more than just read
yeah... permissions should fall through to schema defined permissions if the request operation is allowed. could add more tests specifically for that...
Considering the studio, some other ops that might be good here - all component get ops, get config, get logs...
👍
heskew
force-pushed
the
user-role-select-ops
branch
6 times, most recently
from
b909ae8 to
533a7d9
Compare
kriszyp
left a comment
kriszyp
left a comment
There was a problem hiding this comment.
This looks excellent. I think I just have a naming question: Why not operations instead of operation_user?
Just felt like it was a better fit with |
I think that wording makes more for |
so you're saying you'd prefer |
|
@kriszyp |
heskew
force-pushed
the
user-role-select-ops
branch
from
c253151 to
1742b4c
Compare
DavidCockerill
left a comment
DavidCockerill
left a comment
There was a problem hiding this comment.
Looks good! This will be a much needed addition. We’ll just need to make sure we include this new functionality in the v5 docs.
| @@ -0,0 +1,484 @@ | |||
| /** | |||
There was a problem hiding this comment.
should this file be camel case? operationUserRbac.test.ts?
There was a problem hiding this comment.
it looks like the new integration tests have been kebab-case
3 participants
Resolves CORE-2959 and #172