Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.Sign up
Feature/role support #199
The idea behind this PR is to allow setting roles (SAML for now) in the credential metadata which would allow a user with correct role settings read-only or write access to certain credentials.
A list of features.
How to use:
role_ro = read only
So in the above example, the user has read-only access and the engineer and engineer-manager have read-write access
N/B There is an Admin role which allows full access to all credentials. This can be set with the ADMIN_ROLE environment variable.
* Added new "get_logged_in_user_role()" and "current_role()" functions * Added new "require_role()" function does all the heavy work checking if user is allowed to veiw/edit creds * Updated endpoint /v1/user/email to be /v1/user/info which contains the user email and role, this is used in the index.html file to show details in top right corner * Added settings for role support (enable/disable, property names etc)