Closed jeffpatzer closed 5 months ago
@xgp Can you confirm which roles one needs to have in order to view and access the wizard? I've got a few places that just check for admin access. That needs to be tweaked slightly based on role access at a higher app level in order to avoid a flash.
The roles required are in src/app/hooks/useRoleAccess.ts
.
For "resource" roles, meaning the ones in the token in the realm-management
or foo-realm
part of the resource_access
claim:
const requiredResourceRoles = [
"manage-identity-providers",
"view-identity-providers",
"query-users",
"view-users",
"view-events",
"view-realm",
"manage-realm",
];
For "organization" roles, meaning the ones from each organization in the organizations
claim:
const requiredOrganizationRoles = [
"view-organization",
"manage-organization",
"view-identity-providers",
"manage-identity-providers",
];
If they have either complete set of those (or both), they have access to the wizard.
If someone doesn't have the right role, make sure that the page doesn't flash, but shows a loader until the access is cleared. Really only and issue on a first page load.