search

FlowFuse / nr-launcher

A Laucher for Node-RED that allows settings to be loaded at startup.
Apache License 2.0
5 stars 6 forks source link

Include .role in session.user object #200

Open joepavitt opened 9 months ago

joepavitt commented 9 months ago

Description

It would be great if we could also include the underlying FF User's "role" within the returned session.user object when authenticating with FF.

knolleary commented 9 months ago

The current code uses the/api/v1/user endpoint to get the user profile information. This is outside the scope of an individual team/instance so cannot include role information.

We do have the ability to make a second request (added here) to do the necessary lookup - but we'll require the team/instance information.

To get that info, we'll need to update runtimeSettings to pass the team/instance ids through the options object to the auth middleware.

Then we'll be able to get the user's role for the team.

That said, I'm aware we have finer-grained RBAC in the plan fairly soon. We should give that a bit of consideration as it will allow a user to a role for the instance which isn't necessarily the same as their role in the team.

joepavitt commented 9 months ago

Thanks Nick - no rush on this feature btw - it's not blocking anything - just a very nice to have at some point.