Actions
User story #22206
openAllow user to define custom roles in rudder-user.xml
Status:
Pending release
Priority:
N/A
Assignee:
Category:
System integration
Target version:
User visibility:
Effort required:
Regression:
No
Description
The idea is to be able to have new roles defined from system roles (atomic permissions or plugin roles).
The general (that will be documented at the end of the implementation) would looks like:
<authentications> <custom-roles> <role name="role_a0" roles="node_read,node_write,configuration" /> <!-- node_read,node_write,config_*,parameter_*,technique_*,directive_*,rule_* --> <role name="role_a1" roles="role_a0" /> <!-- node_read,node_write,config_*,parameter_*,technique_*,directive_*,rule_* --> <role name="role_b0" roles="inventory" /> <!-- node_read --> <role name="role_c0" roles="node" /> <!-- node_* --> <role name="role_d0" roles="role_a1,role_b0" /> <!-- node_*,config_*,parameter_*,technique_*,directive_*,rule_* --> <role name="inventory" roles="....." /> <!-- empty list - already defined --> </custom-roles> <user password="..." name="user_a0" roles="node_read,node_write,configuration" /> <!-- node_read,node_write,config_*,parameter_*,technique_*,directive_*,rule_* --> <user password="..." name="user_a1" roles="role_a" /> <!-- node_read,node_write,config_*,parameter_*,technique_*,directive_*,rule_* --> <!-- same behavior than for roles --> </authentications>
Actions