-
Notifications
You must be signed in to change notification settings - Fork 11.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Actionsets: cfg to only allow for actionsets as actions #87973
Actionsets: cfg to only allow for actionsets as actions #87973
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the check here is in the right place. But I think instead of adding an onlyActionSets
field to options for each resource, it might be better to just read that value form the config, and check if permission
has prefix dashboards
or folders
before deciding whether to write the fine grained permissions or not.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Left some questions/suggestions about the logic in comments.
closing in favor of PR - #88367 this branch was not able to build enterprise properly |
why
This is an ongoing effort to have a option to only allow for actionsets to be written as part of the actionset work
This is to be able to test out actionsets as the only permissions to be set and used during expansion
what
OnlyAccessActionSets
to send through to thesetPermissionsQuery
onlyactionsetstored.mov