Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use service user for role assignment and autoprovisioning #7240

Merged
merged 4 commits into from
Sep 7, 2023
Merged

Use service user for role assignment and autoprovisioning #7240

merged 4 commits into from
Sep 7, 2023

Conversation

rhafer
Copy link
Contributor

@rhafer rhafer commented Sep 6, 2023

This gets us a rid of the need to configure the reva jwt secret in the proxy. Also we no longer need to fake an internal admin user for autoprovsioning user and/or assigning the roles to users from oidc claims.

@rhafer rhafer requested a review from kobergj September 6, 2023 13:25
@rhafer rhafer self-assigned this Sep 6, 2023
@rhafer rhafer force-pushed the proxy-service-account branch 2 times, most recently from ac3439b to fb1ef3b Compare September 6, 2023 13:26
kobergj
kobergj requested changes Sep 6, 2023
View reviewed changes
Copy link
Collaborator

@kobergj kobergj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Awesome 👍 Just small question

services/proxy/pkg/user/backend/cs3.go Outdated Show resolved Hide resolved
@rhafer rhafer requested a review from kobergj September 7, 2023 08:51
kobergj
kobergj approved these changes Sep 7, 2023
View reviewed changes
Copy link
Collaborator

@kobergj kobergj left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@rhafer rhafer force-pushed the proxy-service-account branch 2 times, most recently from 63bc3e0 to 9417a3b Compare September 7, 2023 14:35
@rhafer
Use service user for role assignment and autoprovisioning
8a8c760 
This gets us a rid of the need to configure the reva jwt secret in the
proxy. Also we no longer need to fake an internal admin user for
autoprovsioning user and/or assigning the roles to users from oidc
claims.
@rhafer
ocis init: Add service account settings for proxy
5f87d7d
@rhafer
ocis init: Add service accountid to settings config
a7b28d6
@rhafer
graph: debug logging for requireadmin middleware
dadb1f4
@sonarcloud
Copy link

sonarcloud bot commented Sep 7, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

0.0% 0.0% Coverage
0.0% 0.0% Duplication

@rhafer rhafer merged commit a01f5d9 into owncloud:master Sep 7, 2023
1 check passed
@micbar micbar mentioned this pull request Dec 12, 2023
Merged
12 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kobergj kobergj kobergj approved these changes

Assignees

@rhafer rhafer

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@rhafer @kobergj