Closed OmarIthawi closed 2 years ago
app_metadata
When registering a new user, add the following app_metadata:
Admins: {"organization": "org_xyz123", "role": "administrator"}
{"organization": "org_xyz123", "role": "administrator"}
Learners {"organization": "org_xyz123", "role": "learner"}
{"organization": "org_xyz123", "role": "learner"}
If the role equals to administrator, then add the UserOrganizationMapping with is_admin=True:
role
administrator
UserOrganizationMapping
is_admin=True
https://github.com/appsembler/tahoe-auth0/blob/f8ae20bbbae640c0b9c4a55bacf06ba2bbab4ff0/tahoe_auth0/backend.py#L93-L111
OrganizationAdmin
The old proposal was:
TahoeAuth0OAuth2 backend should tell if this user has the OrganizationAdmin Auth0 Role as described in the Known TahoeAuth0OAuth2 customizations section of the Open edX with Auth0 (OAuth 2.0 prposal) doc. The tahoe_auth0/backend.py should add a something like the following code: user_details['auth0_organization_admin'] = 'OrganizationAdmin' in auth0_api.get_roles() Then Open edX should use the information to add proper UserOrganizationMapping with is_amc_admin = True in the Auth pipeline.
TahoeAuth0OAuth2 backend should tell if this user has the OrganizationAdmin Auth0 Role as described in the Known TahoeAuth0OAuth2 customizations section of the Open edX with Auth0 (OAuth 2.0 prposal) doc.
The tahoe_auth0/backend.py should add a something like the following code:
user_details['auth0_organization_admin'] = 'OrganizationAdmin' in auth0_api.get_roles()
Then Open edX should use the information to add proper UserOrganizationMapping with is_amc_admin = True in the Auth pipeline.
is_amc_admin = True
Closed by #22
Current method
app_metadata
Registration / Invitation
When registering a new user, add the following
app_metadata
:Admins:
{"organization": "org_xyz123", "role": "administrator"}
Learners
{"organization": "org_xyz123", "role": "learner"}
OAuth 2.0 backend login
If the
role
equals toadministrator
, then add theUserOrganizationMapping
withis_admin=True
:https://github.com/appsembler/tahoe-auth0/blob/f8ae20bbbae640c0b9c4a55bacf06ba2bbab4ff0/tahoe_auth0/backend.py#L93-L111
Old method:
OrganizationAdmin
The old proposal was: