Skip to content

Commit

Permalink
[release-1.4] RHIDP-4490: Introduce pluginsWithPermission informati…
Browse files Browse the repository at this point in the history 
…on (#823)

Co-authored-by: Fabrice Flore-Thébault <ffloreth@redhat.com>
Co-authored-by: Oleksandr Andriienko <oandriie@redhat.com>
Co-authored-by: Dominika Zemanovicova <dzemanov@redhat.com>
Co-authored-by: Dominika Zemanovicova <36102317+dzemanov@users.noreply.github.com>
  • Loading branch information
@openshift-cherrypick-robot @themr0c
@AndrienkoAleksandr @dzemanov
5 people authored Dec 20, 2024
1 parent edebdf1 commit 2a24611
Show file tree
Hide file tree
Showing 3 changed files with 20 additions and 2 deletions.
18 changes: 18 additions & 0 deletions modules/authorization/proc-enabling-the-rbac-plugin.adoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,24 @@ permission:
users:
- name: user:default/__<your_policy_administrator_name>__
----
. In order for the {product-short} Web UI to display available permissions provided by installed plugins, add the corresponding plugin IDs to link:{configuring-book-url}[your custom `{my-app-config-file}` {product-short} configuration file].
+
To display available permissions in RBAC UI, edit your custom {product-short} ConfigMap, such as `app-config-rhdh`, and add following code to the `{my-app-config-file}` content:
+
.`{my-app-config-file}` fragment
[source,yaml,subs=+quotes]
----
permission:
enabled: true
rbac:
admin:
users:
- name: user:default/__<your_policy_administrator_name>__
pluginsWithPermission:
- catalog
- scaffolder
- permission
----

.Verification
. Sign out from the existing {product} session and log in again using the declared policy administrator account.
Expand Down
2 changes: 1 addition & 1 deletion modules/authorization/proc-rbac-ui-create-role.adoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
You can create a role in the {product} using the Web UI.

.Prerequisites
* You xref:enabling-and-giving-access-to-rbac[have enabled RBAC and have a policy administrator role in {product-short}].
* You xref:enabling-and-giving-access-to-rbac[have enabled RBAC, have a policy administrator role in {product-short}, and have added plugins with permission].

.Procedure

Expand Down
2 changes: 1 addition & 1 deletion modules/authorization/proc-rbac-ui-edit-role.adoc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ The policies generated from a `policy.csv` or ConfigMap file cannot be edited or
====

.Prerequisites
* You xref:enabling-and-giving-access-to-rbac[have enabled RBAC and have a policy administrator role in {product-short}].
* You xref:enabling-and-giving-access-to-rbac[have enabled RBAC, have a policy administrator role in {product-short}, and have added plugins with permission].
* The role that you want to edit is created in the {product-short}.

.Procedure
Expand Down

0 comments on commit 2a24611

Please sign in to comment.