MM-65674 - add channel admin abac docs #8372
Conversation
* Update SAML encryption documentation for AES-256-GCM support - Add clarification that AES-256-GCM encryption support was introduced in v10.9 and backported to v10.6.5 - Include backwards compatibility messaging that existing SAML integrations continue working without changes - Note that only customers wanting to use AES-256-GCM keys need to update their configuration - Update main SAML SSO documentation to reference new encryption support - Update technical documentation to include version information Resolves #8349 🤖 Generated with [Claude Code](https://claude.ai/code) Co-authored-by: Carrie Warner (Mattermost) <cwarnermm@users.noreply.github.com> * Update source/administration-guide/onboard/sso-saml-technical.rst Co-authored-by: Ben Schumacher <ben.schumacher@mattermost.com> * Update source/administration-guide/onboard/sso-saml.rst Co-authored-by: Ben Schumacher <ben.schumacher@mattermost.com> * Update source/deployment-guide/encryption-options.rst * Update source/deployment-guide/encryption-options.rst * Minor updates based on reviewer feedback --------- Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com> Co-authored-by: Carrie Warner (Mattermost) <cwarnermm@users.noreply.github.com> Co-authored-by: Ben Schumacher <ben.schumacher@mattermost.com>
* Add references to Azure Local * Editorial review updates --------- Co-authored-by: Carrie Warner (Mattermost) <74422101+cwarnermm@users.noreply.github.com>
pvev
added
the
Do Not Merge/Awaiting Next Release
|
Newest code from mattermost has been published to preview environment for Git SHA 91c647b |
* docs: Update v10.5.11 dot release documentation - Added v10.5.11 changelog entry with security fixes notice - Updated server releases table to reference v10.5.11 downloads and SBOMs - Updated version archive for both Enterprise and Team editions 🤖 Generated with [Claude Code](https://claude.ai/code) Co-authored-by: Amy Blais <amyblais@users.noreply.github.com> * Update mattermost-v10-changelog.md * Update version-archive.rst --------- Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com> Co-authored-by: Amy Blais <amyblais@users.noreply.github.com> Co-authored-by: Carrie Warner (Mattermost) <74422101+cwarnermm@users.noreply.github.com>
cwarnermm
added
1: Dev Review
|
Newest code from mattermost has been published to preview environment for Git SHA 7b07dba |
* Update docs for Desktop v5.13.1 release - Updated download links and version references from v5.13.0 to v5.13.1 - Added v5.13.1 changelog entry as patch release - Updated installation instructions for all platforms 🤖 Generated with [Claude Code](https://claude.ai/code) Co-authored-by: Amy Blais <amyblais@users.noreply.github.com> * Update desktop-app-changelog.md * Update desktop-msi-installer-and-group-policy-install.rst * Update desktop-msi-installer-and-group-policy-install.rst * Update desktop-app-changelog.md * Update desktop-app-changelog.md * Update desktop-app-changelog.md --------- Co-authored-by: claude[bot] <209825114+claude[bot]@users.noreply.github.com> Co-authored-by: Amy Blais <amyblais@users.noreply.github.com>
* Update deprecated-features.rst * Update deprecated-features.rst * Update deprecated-features.rst * Update deprecated-features.rst * Update source/product-overview/deprecated-features.rst * Update source/product-overview/deprecated-features.rst Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com> --------- Co-authored-by: Carrie Warner (Mattermost) <74422101+cwarnermm@users.noreply.github.com> Co-authored-by: Alejandro García Montoro <alejandro.garciamontoro@gmail.com>
| ------------------ | ||
|
|
||
| Attribute-based access controls require defined user attributes that are either synchronized from an external system (such as LDAP or SAML) or manually configured and enabled on your Mattermost server. You'll need to :doc:`configure user attributes </administration-guide/manage/admin/user-attributes>` in the System Console first befopre creating access policies. | ||
| Attribute-based access controls require defined user attributes that are either synchronized from an external system (such as LDAP or SAML) or manually configured and enabled on your Mattermost server. You'll need to :doc:`configure user attributes </administration-guide/manage/admin/user-attributes>` in the System Console first before creating access policies. |
There was a problem hiding this comment.
It's not necessarily required to be LDAP, SAML. We are introducing admin managed attributes. Maybe worth mentioning here.
There was a problem hiding this comment.
@isacikgoz but do you want to mention it now as part of this change, or perhaps create a ticket to update the docs once the admin managed attrs are ready?
|
|
||
| A: During the next synchronization (every 30 minutes), users who no longer match the access rules will be removed from the channel, and new users who now match will be added (if auto-sync is enabled). | ||
|
|
||
| **Q: Do guest users work with ABAC channels?** |
There was a problem hiding this comment.
We might also tell group-sync channels are also can't be ABAC
There was a problem hiding this comment.
good additions, missed that. Thanks for the feedback!
There was a problem hiding this comment.
Thanks, @pvev! This is a great docs update! The channel rule additions to the ABAC page creates a really long docs page for admins, so I've split out system-wide and channel rules from the main ABAC page, and added links between the pages for easy navigation. Please review to ensure I haven't inadvertently diverted from your original intentions.
cwarnermm
added
3: Reviews Complete
|
Newest code from mattermost has been published to preview environment for Git SHA 18a7213 |
thanks @cwarnermm , checking now and will let you know 🚀 |
|
Newest code from mattermost has been published to preview environment for Git SHA c255768 |
|
Newest code from mattermost has been published to preview environment for Git SHA 96ed969 |
|
Newest code from mattermost has been published to preview environment for Git SHA dab7566 |
|
hey @cwarnermm the changes you made to reorganize the information make a lot of sense. The only thing I notice in the PR is that there are other changes related to Desktop MSI installer and group policy guide and some other changes also being included as part of the PR. Is that intended? |
|
Newest code from mattermost has been published to preview environment for Git SHA ab3dbb3 |
|
Hi @pvev! Great question and yes, those files are intended and fine to include. This PR has been moved into the |
cwarnermm
removed
the
Do Not Merge/Awaiting Next Release
Summary
This PR adds the channel admin abac docs. It describes the new feature, how should it be configured, how affects users, etc.
This is the epic link: https://mattermost.atlassian.net/browse/MM-63953 .
UX specifications: https://mattermost.atlassian.net/wiki/spaces/DES/pages/3664216076/UX+Spec+ABAC+Phase+2+Channel+Admin+Controls
Ticket Link
https://mattermost.atlassian.net/browse/MM-65674