Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

接入管理类接口支持超管角色下进行使用 #2264

Closed
Canway-shiisa opened this issue Sep 11, 2023 · 4 comments
Closed

接入管理类接口支持超管角色下进行使用 #2264

Canway-shiisa opened this issue Sep 11, 2023 · 4 comments
Assignees
@zhu327 @Xmandon
Labels
accepted doing 已经接受处理,正在开发实施

Comments

@Canway-shiisa
Copy link
Collaborator

Canway-shiisa commented Sep 11, 2023
edited
Loading

BUG反馈还是需求提交(Is this a BUG REPORT or FEATURE REQUEST)? (choose one):
需求提交

bk-iam-saas SaaS版本/bk-iam后台版本(The versions used):
最新版本仍旧未支持该功能

目前状况:
当前接入管理类接口(https://bk.tencent.com/docs/markdown/ZH/IAM/IntegrateGuide/Reference/API/10-Management/00-API.md )需要通过该类接口先新建分级管理员后进行使用

需求场景:
很多客户环境不允许随意在系统中有新建的动作(包括分级管理员),也存在客户在使用权限中心的时候不需要分级管理员的概念=》由此,客户在使用接入管理类接口的时候就会存在障碍=》需要权限中心开放超管角色调用接入管理类接口
@Xmandon
Copy link
Collaborator

Xmandon commented Sep 27, 2023

@zhu327 tinyi评估下,超管也是特殊的管理空间,感觉是可以放开的。

@Canway-shiisa Canway-shiisa added doing 已经接受处理,正在开发实施 accepted labels Dec 13, 2023
@Canway-shiisa
Copy link
Collaborator Author

Canway-shiisa commented Dec 19, 2023
edited
Loading

方案:

  • 现有的所有接入管理类接口都可以集成到超级管理员下, 由于超管可以授权管理所有的系统, 所以不能归类到管理类接口 =》新增一个 admin/super_managers/xxx 的接口前缀
  • 这部分接口需要走admin白名单校验
  • 由于目前esb将不再维护更新,新增的这部分接口将会对接到ApiGateway

Canway-shiisa added a commit to Canway-shiisa/bk-iam-saas that referenced this issue Mar 21, 2024
@Canway-shiisa
feat: 接入管理类接口支持超管角色 TencentBlueKing#2264
ff3b04f
@Canway-shiisa Canway-shiisa mentioned this issue Mar 21, 2024
Closed
Canway-shiisa added a commit to Canway-shiisa/bk-iam-saas that referenced this issue Mar 21, 2024
@Canway-shiisa
feat: 接入管理类接口支持超管角色 TencentBlueKing#2264
0825619
@Canway-shiisa
Copy link
Collaborator Author

原始需求:
image

Canway-shiisa added a commit to Canway-shiisa/bk-iam-saas that referenced this issue Apr 9, 2024
@Canway-shiisa
feat: 超管接口支持创建、更新、删除用户组 TencentBlueKing#2264
c6e8e8b
@Canway-shiisa Canway-shiisa mentioned this issue Apr 9, 2024
Merged
Canway-shiisa added a commit to Canway-shiisa/bk-iam-saas that referenced this issue Apr 10, 2024
@Canway-shiisa
feat: 超管接口支持创建、更新、删除用户组 TencentBlueKing#2264
2c06a37
Canway-shiisa added a commit to Canway-shiisa/bk-iam-saas that referenced this issue Apr 10, 2024
@Canway-shiisa
feat: 超管接口支持创建、更新、删除用户组 TencentBlueKing#2264
3dbdb14
zhu327 pushed a commit that referenced this issue Apr 25, 2024
@Canway-shiisa
feat: 超管接口支持创建、更新、删除用户组 #2264 (#2605)
730624c 
* feat: 超管接口支持创建、更新、删除用户组 #2264

* feat: 超管接口支持创建、更新、删除用户组 #2264

* feat:超管类API增加授权工具接口 #2409
@Canway-shiisa
Copy link
Collaborator Author

原始需求: image

已实现于 V1.10.27

@Canway-shiisa Canway-shiisa mentioned this issue May 10, 2024
Closed
@Canway-shiisa Canway-shiisa mentioned this issue Jun 27, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@zhu327 zhu327

@Xmandon Xmandon

Labels
accepted doing 已经接受处理,正在开发实施
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@zhu327 @Xmandon @Canway-shiisa