Open joepavitt opened 9 months ago
The current code uses the/api/v1/user
endpoint to get the user profile information. This is outside the scope of an individual team/instance so cannot include role information.
We do have the ability to make a second request (added here) to do the necessary lookup - but we'll require the team/instance information.
To get that info, we'll need to update runtimeSettings to pass the team/instance ids through the options object to the auth middleware.
Then we'll be able to get the user's role for the team.
That said, I'm aware we have finer-grained RBAC in the plan fairly soon. We should give that a bit of consideration as it will allow a user to a role for the instance which isn't necessarily the same as their role in the team.
Thanks Nick - no rush on this feature btw - it's not blocking anything - just a very nice to have at some point.
Description
It would be great if we could also include the underlying FF User's "role" within the returned
session.user
object when authenticating with FF.