search

WeblateOrg / weblate

Web based localization tool with tight version control integration.
https://weblate.org/
GNU General Public License v3.0
4.45k stars 984 forks source link

Map OIDC roles/groups to weblate groups #11286

Open sebastianbuechler opened 4 months ago

sebastianbuechler commented 4 months ago

Describe the problem

Weblate has already an extensive role-based access management. However, it seems that currently it's not possible to map roles or groups coming from an OIDC provider to internal ones.

Describe the solution you would like

Other tools with OIDC provide the functionality of mappers like for example here in the ArgoCD documentation: https://argo-cd.readthedocs.io/en/stable/operator-manual/user-management/zitadel/#argocd-rbac-cmyaml and https://argo-cd.readthedocs.io/en/stable/operator-manual/rbac/#policy-csv-composition

It should have a configuration option to specify relations between a role/group of OIDC so on registration (and maybe even on subsequent logins) the user will get the corresponding weblate group automatically.

Also, an option should be considered that if no role is matched the access should be prevented.

Describe alternatives you have considered

No response

Screenshots

No response

Additional context

No response

github-actions[bot] commented 4 months ago

This issue has been added to the backlog. It is not scheduled on the Weblate roadmap, but it eventually might be implemented.

In case you need this feature soon, please consider helping or push it by funding the development.