Loading...

XML

Word

Printable

Type: Task
Resolution: Done
Priority: Undefined
Fix Version/s: hms-0.6
Affects Version/s: None
Component/s: Content
Labels:
None

Epic Link:
RBAC permission integration

API integration is handled through calling RBAC’s GET List API as follows:
<selected environment>/access/?application=<app> , resulting in the following response:

{
   "meta": {...},
   "links":  {...},
   "data": [
      {
         "permission": "<app>:<resource0>:*",
         "resourceDefinitions": []
      },
      {
         "permission": "<app>:<resource1>:write",
         "resourceDefinitions": []
      }
   ]
}

See the RBAC role API documentation here.

Further discussion around how often we call said api (every api call?) and caching needs to be discussed for implementation.

avisiedo@redhat.com has also suggested that we consider maybe creating a middleware, similar to what is seen here and here in the playbook-dispatcher app.

To quote avisiedo@redhat.com, "The middleware should allow us to centralize in one component, so RBAC would have almost zero impact on the backend handlers"

Go library for get access here

Reference to turning RBAC on or off example.

is blocked by

HMS-469 Add HMS-Content permissions to rbac-config repo

Closed

relates to

HMS-656 refactor mock_rbac to extract it in a new repository

Closed

mentioned on

Merge request - Draft: content-sources:add value for new CLIENTS_RBAC_BASE_URL parameter in ephemeral and stage environment

Assignee:: Alejandro Visiedo

Reporter:: Andrew Dewar (Inactive)

Contributors:: Justin Sherrill, Ryan Verdile

QA Contact:: None

Doc Contact:: None

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Created:: 2022/10/21 8:11 PM

Updated:: 2023/03/15 6:49 PM

Resolved:: 2023/02/27 8:00 PM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates