hazza/jupyterhub
1
0
Fork 0
mirror of https://github.com/jupyterhub/jupyterhub.git synced 2025-10-18 15:33:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

[pre-commit.ci] auto fixes from pre-commit.com hooks

Browse Source 
for more information, see https://pre-commit.ci
This commit is contained in:
pre-commit-ci[bot]
2022-10-10 17:03:45 +00:00
parent 835fe8be8f
commit 53bf7a18ae
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docs/source/rbac/roles.md
View File

@@ -1,4 +1,5 @@
(roles)= (roles)=
# Roles # Roles
JupyterHub provides four (4) roles that are available by default: JupyterHub provides four (4) roles that are available by default:
@@ -42,6 +43,7 @@ A group does not require any role, and has no roles by default. If a user is a m
A tokens permissions are evaluated based on their owning entity. Since a token is always issued for a user or service, it can never have more permissions than its owner. If no specific scopes are requested for a new token, the token is assigned the scopes of the `token` role. A tokens permissions are evaluated based on their owning entity. Since a token is always issued for a user or service, it can never have more permissions than its owner. If no specific scopes are requested for a new token, the token is assigned the scopes of the `token` role.
(define-role-target)= (define-role-target)=
## Defining Roles ## Defining Roles
Roles can be defined or modified in the configuration file as a list of dictionaries. An example: Roles can be defined or modified in the configuration file as a list of dictionaries. An example:
@@ -110,6 +112,7 @@ If no scopes are defined for _new role_, JupyterHub will raise a warning. Provid
In case the role with a certain name already exists in the database, its definition and scopes will be overwritten. This holds true for all roles except the `admin` role, which cannot be overwritten; an error will be raised if trying to do so. All the role bearers permissions present in the definition will change accordingly. In case the role with a certain name already exists in the database, its definition and scopes will be overwritten. This holds true for all roles except the `admin` role, which cannot be overwritten; an error will be raised if trying to do so. All the role bearers permissions present in the definition will change accordingly.
(overriding-default-roles)= (overriding-default-roles)=
### Overriding Default Roles ### Overriding Default Roles
Role definitions can include those of the "default" roles listed above (admin excluded), Role definitions can include those of the "default" roles listed above (admin excluded),
@@ -150,6 +153,7 @@ c.JupyterHub.load_roles = [
``` ```
(removing-roles-target)= (removing-roles-target)=
## Removing Roles ## Removing Roles
Only the entities present in the role definition in the `jupyterhub_config.py` remain the role bearers. If a user, service or group is removed from the role definition, they will lose the role on the next startup. Only the entities present in the role definition in the `jupyterhub_config.py` remain the role bearers. If a user, service or group is removed from the role definition, they will lose the role on the next startup.