tim-allen-ck
commented
1 month ago Would be good to get this for the main TRE too, not just a workspace
Open marrobi opened 1 month ago
tim-allen-ck
commented
1 month ago Would be good to get this for the main TRE too, not just a workspace
marrobi
commented
1 month ago Thoughts? Should it be Users or Members? On the left menu, or maybe somewhere else.
@jonnyry @TonyWildish-BH @tim-allen-ck thoughts?
I will try do a PR, as code is written, and people can test and comment as feel fit.
TonyWildish-BH
commented
1 month ago this looks useful, yes. It's a little confusing to put it under 'shared services', since it's not a service, just config information. Is it easy to add an extra section on the left, 'config', where this can go?
Eventually, we may want to implement further features, such as allowing the Workspace Owner to allow/disallow certain workspace service templates, and this would then be a great place to put it.
marrobi
commented
1 month ago Ah, it's not actually under shared services, that's the React component being confusing...
But agree, a section called Configuration or Administration. Wording is another discussion.
tim-allen-ck
commented
1 month ago Thoughts? Should it be Users or Members? On the left menu, or maybe somewhere else.
@jonnyry @TonyWildish-BH @tim-allen-ck thoughts?
I will try do a PR, as code is written, and people can test and comment as feel fit.
Users makes sense, but looks good. Is this just to view the users or configure them as well?
marrobi
commented
1 month ago This PR is to view, we could add configuration options. I just wanted something interesting to give a go with Copilot Workspaces. Was probably 50% AI...
jonnyry
commented
1 month ago
Thoughts? Should it be Users or Members? On the left menu, or maybe somewhere else.
@jonnyry @TonyWildish-BH @tim-allen-ck thoughts?
I will try do a PR, as code is written, and people can test and comment as feel fit.
This would be handy for us. I think users is marginally clearer.
marrobi
commented
1 month ago Draft PR above, welcome anybody who is able to test with larger numbers of users/groups than I have in my demo environment.
@TonyWildish-BH if/when we get more admin/config settings we can create a separate section.
TRE Admins and all workspace users should be able to retrieve which users are assigned to a workspace.
This can be done by adding an additional route to
workspaces_shared_router, for example:/api/workspaces/{workspace_id}/users/.The MS Graph API should be used to retrieve roles from the Enterprise Application. This can be done using the call described here - https://learn.microsoft.com/en-us/graph/api/serviceprincipal-list-approleassignedto?view=graph-rest-1.0&tabs=http ,
GET /servicePrincipals(appId='{appId}')/appRoleAssignedToThis needs to appear in the Workspace Swagger docs under a section Users.
The API response should return a list of users, including their name (principalDisplayName), email (derived from another graph call using principalId), and the app roles assigned to the user.
The user interface needs a new section on the left hand menu under Airlock, called Users. This should display a list of users including their name, email and role(s).