search

siderolabs / omni

SaaS-simple deployment of Kubernetes - on your own hardware.
Other
402 stars 23 forks source link

[feature] User management sync between `omnictl` and Omni's web UI #197

Open ArcherSeven opened 2 months ago

ArcherSeven commented 2 months ago

Problem Description

Users permissions in the Web UI seem largely divorced from their permissions in the CLI, both in practice, and in how they are displayed.

Solution

"Role" should mean the same thing in the UI and in the CLI, and a users full permissions in both contexts should be visible from either context, and ideally editable from either context.

Alternative Solutions

The very hard to understand situation that currently exists is I guess the alternative.

Notes

Assigning RBAC to users / groups / roles today is very convoluted and not the simplest to test, especially with SAML enabled. It would be extremely nice to help mitigate that by at least having terms mean the same thing in the CLI and in the UI, and be able to trivially view them in both places.

https://github.com/siderolabs/omni-feedback/issues/30

Unix4ever commented 1 month ago

Implement user management methods in the CLI: