-
Feature
-
Resolution: Unresolved
-
Normal
-
None
-
M
-
False
-
-
False
-
33% To Do, 33% In Progress, 33% Done
-
-
- Workspace
rbac
π Description
I am trying to manage permissions to create new RBAC policies.
To do this I gave catalog permissions to all employees - but 'denied' all other permissions
In a seperate group ('admins') I gave ALL permissions.
However I am in both the 'admins' group and 'all-employees' group - but I only seem to get the permissions of the 'all-employees' group.
Its not clear if / how I can assign permissions based on the role - where some users roles provide elevated permissions over the base 'all-employees' group.
Or have I missed a step
π Expected behavior
I think members of the 'admins' group should have elevated permissions over the 'all-employees' group. Based on the heirarchy of groups (i.e admins is loaded after all-employees)
π Actual Behavior with Screenshots
Members of the admins group are given the roles assigned the all-employees (as they are also a member of that group).
π Reproduction steps
I created a group in an `RBAC CSV file' and gave permissions, and then in the same CSV file specified the admins group roles.
π Provide the context for the Bug.
No response
π Have you spent some time to check if this bug has been raised before?
- Β
I checked and didn't find similar issue
Β
π’ Have you read the Code of Conduct?
- Β
I have read theΒ Code of Conduct
Β
Are you willing to submit PR?
No, I don't have time to work on this right now
Create sub-issue
Β
Β
Upstream link: https://github.com/backstage/community-plugins/issues/3206
Related upstream issue: https://github.com/backstage/community-plugins/issues/2190
Β
