mirror of
https://gitlab.com/fabinfra/fabaccess/demos-environments/testenv.git
synced 2025-03-12 06:31:52 +01:00
Fix user manage roles
This commit is contained in:
TheJoKlLa
parent
0880da4707
commit
8e85e0d5e5
@ -73,6 +73,14 @@
|
|||||||
]
|
]
|
||||||
},
|
},
|
||||||
|
|
||||||
|
ManageUsers = {
|
||||||
|
permission = [
|
||||||
|
"bffh.users.info",
|
||||||
|
"bffh.users.manage",
|
||||||
|
"bffh.users.admin"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
|
||||||
ManageA = {
|
ManageA = {
|
||||||
permissions = [ "TestEnv.Manage.A" ]
|
permissions = [ "TestEnv.Manage.A" ]
|
||||||
},
|
},
|
||||||
|
|||||||
@ -1,59 +1,59 @@
|
|||||||
[Admin1]
|
[Admin1]
|
||||||
roles = ["Admin", "bffh.users.info", "bffh.users.manage", "bffh.users.admin"]
|
roles = ["Admin", "ManageUsers"]
|
||||||
passwd = "secret"
|
passwd = "secret"
|
||||||
noot = "noot!"
|
noot = "noot!"
|
||||||
cardkey = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
|
cardkey = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
|
||||||
|
|
||||||
[Admin2]
|
[Admin2]
|
||||||
roles = ["Admin", "bffh.users.info", "bffh.users.manage", "bffh.users.admin"]
|
roles = ["Admin", "ManageUsers"]
|
||||||
passwd = "secret"
|
passwd = "secret"
|
||||||
noot = "noot!"
|
noot = "noot!"
|
||||||
cardkey = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
|
cardkey = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
|
||||||
|
|
||||||
[ManagerA1]
|
[ManagerA1]
|
||||||
roles = ["ManageA", "UseA", "ReadA", "DiscloseA", "bffh.users.info", "bffh.users.manage", "bffh.users.admin"]
|
roles = ["ManageA", "UseA", "ReadA", "DiscloseA", "ManageUsers"]
|
||||||
passwd = "secret"
|
passwd = "secret"
|
||||||
noot = "noot!"
|
noot = "noot!"
|
||||||
cardkey = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
|
cardkey = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
|
||||||
|
|
||||||
[ManagerA2]
|
[ManagerA2]
|
||||||
roles = ["ManageA", "UseA", "ReadA", "DiscloseA", "bffh.users.info", "bffh.users.manage", "bffh.users.admin"]
|
roles = ["ManageA", "UseA", "ReadA", "DiscloseA", "ManageUsers"]
|
||||||
passwd = "secret"
|
passwd = "secret"
|
||||||
noot = "noot!"
|
noot = "noot!"
|
||||||
cardkey = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
|
cardkey = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
|
||||||
|
|
||||||
[ManagerB1]
|
[ManagerB1]
|
||||||
roles = ["ManageB", "UseB", "ReadB", "DiscloseB", "bffh.users.info", "bffh.users.manage", "bffh.users.admin"]
|
roles = ["ManageB", "UseB", "ReadB", "DiscloseB", "ManageUsers"]
|
||||||
passwd = "secret"
|
passwd = "secret"
|
||||||
noot = "noot!"
|
noot = "noot!"
|
||||||
cardkey = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
|
cardkey = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
|
||||||
|
|
||||||
[ManagerB2]
|
[ManagerB2]
|
||||||
roles = ["ManageB", "UseB", "ReadB", "DiscloseB", "bffh.users.info", "bffh.users.manage", "bffh.users.admin"]
|
roles = ["ManageB", "UseB", "ReadB", "DiscloseB", "ManageUsers"]
|
||||||
passwd = "secret"
|
passwd = "secret"
|
||||||
noot = "noot!"
|
noot = "noot!"
|
||||||
cardkey = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
|
cardkey = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
|
||||||
|
|
||||||
[ManagerC1]
|
[ManagerC1]
|
||||||
roles = ["ManageC", "UseC", "ReadC", "DiscloseC", "bffh.users.info", "bffh.users.manage", "bffh.users.admin"]
|
roles = ["ManageC", "UseC", "ReadC", "DiscloseC", "ManageUsers"]
|
||||||
passwd = "secret"
|
passwd = "secret"
|
||||||
noot = "noot!"
|
noot = "noot!"
|
||||||
cardkey = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
|
cardkey = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
|
||||||
|
|
||||||
[ManagerC2]
|
[ManagerC2]
|
||||||
roles = ["ManageC", "UseC", "ReadC", "DiscloseC", "bffh.users.info", "bffh.users.manage", "bffh.users.admin"]
|
roles = ["ManageC", "UseC", "ReadC", "DiscloseC", "ManageUsers"]
|
||||||
passwd = "secret"
|
passwd = "secret"
|
||||||
noot = "noot!"
|
noot = "noot!"
|
||||||
cardkey = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
|
cardkey = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
|
||||||
|
|
||||||
[ManagerABC1]
|
[ManagerABC1]
|
||||||
roles = ["ManageA", "UseA", "ReadA", "DiscloseA", "ManageB", "UseB", "ReadB", "DiscloseB", "ManageC", "UseC", "ReadC", "DiscloseC", "bffh.users.info", "bffh.users.manage", "bffh.users.admin"]
|
roles = ["ManageA", "UseA", "ReadA", "DiscloseA", "ManageB", "UseB", "ReadB", "DiscloseB", "ManageC", "UseC", "ReadC", "DiscloseC", "ManageUsers"]
|
||||||
passwd = "secret"
|
passwd = "secret"
|
||||||
noot = "noot!"
|
noot = "noot!"
|
||||||
cardkey = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
|
cardkey = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
|
||||||
|
|
||||||
[ManagerABC2]
|
[ManagerABC2]
|
||||||
roles = ["ManageA", "UseA", "ReadA", "DiscloseA", "ManageB", "UseB", "ReadB", "DiscloseB", "ManageC", "UseC", "ReadC", "DiscloseC", "bffh.users.info", "bffh.users.manage", "bffh.users.admin"]
|
roles = ["ManageA", "UseA", "ReadA", "DiscloseA", "ManageB", "UseB", "ReadB", "DiscloseB", "ManageC", "UseC", "ReadC", "DiscloseC", "ManageUsers]
|
||||||
passwd = "secret"
|
passwd = "secret"
|
||||||
noot = "noot!"
|
noot = "noot!"
|
||||||
cardkey = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
|
cardkey = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
|
||||||
|
|||||||
@ -9,14 +9,14 @@ services:
|
|||||||
# - "./config/dnsrobocert:/etc/dnsrobocert"
|
# - "./config/dnsrobocert:/etc/dnsrobocert"
|
||||||
|
|
||||||
bffh:
|
bffh:
|
||||||
image: registry.gitlab.com/fabinfra/fabaccess/bffh:v0.3-pre
|
image: registry.gitlab.com/fabinfra/fabaccess/bffh:v0.3.1-pre
|
||||||
pull_policy: always
|
pull_policy: always
|
||||||
restart: always
|
restart: always
|
||||||
ports:
|
ports:
|
||||||
- "59666:59661"
|
- "59666:59661"
|
||||||
entrypoint: ["sh", "-c", "bffhd -c /etc/bffh/bffh.dhall --load=/etc/bffh/users.toml; bffhd -c /etc/bffh/bffh.dhall"]
|
entrypoint: ["sh", "-c", "bffhd -c /etc/bffh/bffh.dhall --load=/etc/bffh/users.toml; bffhd -c /etc/bffh/bffh.dhall"]
|
||||||
environment:
|
environment:
|
||||||
- "RUST_LOG=debug"
|
- "BFFH_LOG=trace"
|
||||||
volumes:
|
volumes:
|
||||||
# generate a sample config.toml by running "docker run registry.gitlab.com/fabinfra/fabaccess/bffh:dev-latest --print-default > examples/config.toml" from the project root. You may have to delete the ipv6 listen section.
|
# generate a sample config.toml by running "docker run registry.gitlab.com/fabinfra/fabaccess/bffh:dev-latest --print-default > examples/config.toml" from the project root. You may have to delete the ipv6 listen section.
|
||||||
- "./config/bffh:/etc/bffh"
|
- "./config/bffh:/etc/bffh"
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user