[WIP]RAINCATCH-1156 Adding role based check to login #125
Conversation
|
Changes Unknown when pulling a347dca on witmicko:RAINCATCH-1156_login_roles_check into ** on feedhenry-raincatcher:master**. |
| @@ -12,14 +12,16 @@ var config = { | |||
| "security": { | |||
| "adminRole": "admin", | |||
| "userRole": "user", | |||
| "allowedRoles": ["adminRole"], | |||
There was a problem hiding this comment.
-1. Roles can be specified directly in the places we need them.
Why we need this in the server?
There was a problem hiding this comment.
would you agree to rename this to say portalAllowedRoles? I think we should avoid adding this to the client side.
|
@witmicko - We cannot have it this way as we provide role based support on top of the client application. We will need to move from admin and user roles fairly soon. This means that users will need to use role based check - using our AuthService in the portal client to show dialog if user do not have permission as was suggested in the ticket. This aproach works but it's not using parts of our framework which we want others to use. ping @JameelB |
It does exactly, that. Not sure what is the problem here, pull changes locally and try this. from what I saw so far passport and keycloak differ a lot in implementation. |
They using single interface that it should be used. If that's not possible then that is a bug as PRD clearly states that this should be possible. |
|
Closing for now in favour of client-side filtering (server side is still protected) |
Motivation
https://issues.jboss.org/browse/RAINCATCH-1156
Description
Added allowed roles to the server config and cross check them with user roles (intersection of both size > 0)
Progress
Additional Notes