search

artefactual-sdps / enduro

A tool to support ingest and automation in digital preservation workflows
https://enduro.readthedocs.io/
Apache License 2.0
4 stars 3 forks source link

Add ABAC roles mapping configuration #1044

Closed jraddaoui closed 1 month ago

jraddaoui commented 1 month ago

Allows to configure a role mapping to map roles included in the access token to Enduro attributes for access control.

Refs #1035.

codecov[bot] commented 1 month ago

Codecov Report

Attention: Patch coverage is 81.81818% with 4 lines in your changes missing coverage. Please review.

Project coverage is 55.52%. Comparing base (7d5bfb8) to head (29f7053). Report is 1 commits behind head on main.

Files with missing lines Patch % Lines
internal/api/auth/config.go 0.00% 1 Missing and 1 partial :warning:
internal/config/config.go 81.81% 1 Missing and 1 partial :warning:
Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #1044 +/- ## ========================================== + Coverage 55.48% 55.52% +0.03% ========================================== Files 103 103 Lines 6021 6039 +18 ========================================== + Hits 3341 3353 +12 - Misses 2431 2433 +2 - Partials 249 253 +4 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

jraddaoui commented 1 month ago

Thanks @djjuhasz!

I noted the option to exclude attributes at the bottom of the issue description but never got to implement it. The attributes included in this PR are just examples and for testing purposes, they are based on a list provided by Dan (see the Keycloack configuration), I just removed the storage attributes to simplify.