hazza/jupyterhub
1
0
Fork 0
mirror of https://github.com/jupyterhub/jupyterhub.git synced 2025-10-17 23:13:00 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'rbac' into fix_role_init

Browse Source
This commit is contained in:
0mar
2021-05-05 16:01:03 +02:00
parent c61b8e60c2 3d3c84a2b3
commit bbf251ed13
2 changed files with 19 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
jupyterhub/roles.py
View File

@@ -23,13 +23,9 @@ def get_default_roles():
'name': 'admin', 'name': 'admin',
'description': 'Admin privileges (currently can do everything)', 'description': 'Admin privileges (currently can do everything)',
'scopes': [ 'scopes': [
'all',
'users',
'users:servers',
'users:tokens',
'admin:users', 'admin:users',
'admin:users:servers', 'admin:users:servers',
'groups', 'users:tokens',
'admin:groups', 'admin:groups',
'read:services', 'read:services',
'read:hub', 'read:hub',
@@ -87,6 +83,7 @@ def _get_scope_hierarchy():
scopes = { scopes = {
'self': None, 'self': None,
'all': None, 'all': None,
'admin:users': ['admin:users:auth_state', 'users'],
'users': ['read:users', 'users:activity'], 'users': ['read:users', 'users:activity'],
'read:users': [ 'read:users': [
'read:users:name', 'read:users:name',
@@ -95,12 +92,11 @@ def _get_scope_hierarchy():
], ],
'users:activity': ['read:users:activity'], 'users:activity': ['read:users:activity'],
'users:tokens': ['read:users:tokens'], 'users:tokens': ['read:users:tokens'],
'admin:users': ['admin:users:auth_state'], 'admin:users:servers': ['admin:users:server_state', 'users:servers'],
'admin:users:servers': ['admin:users:server_state'],
'groups': ['read:groups'],
'users:servers': ['read:users:servers'], 'users:servers': ['read:users:servers'],
'read:users:servers': ['read:users:name'], 'read:users:servers': ['read:users:name'],
'admin:groups': None, 'admin:groups': ['groups'],
'groups': ['read:groups'],
'read:services': None, 'read:services': None,
'read:hub': None, 'read:hub': None,
'proxy': None, 'proxy': None,

15
jupyterhub/tests/test_roles.py
View File

@@ -177,6 +177,19 @@ def test_orm_roles_delete_cascade(db):
@mark.parametrize( @mark.parametrize(
"scopes, subscopes", "scopes, subscopes",
[ [
(
['admin:users'],
{
'admin:users',
'admin:users:auth_state',
'users',
'read:users',
'users:activity',
'read:users:name',
'read:users:groups',
'read:users:activity',
},
),
( (
['users'], ['users'],
{ {
@@ -198,7 +211,7 @@ def test_orm_roles_delete_cascade(db):
}, },
), ),
(['read:users:servers'], {'read:users:servers', 'read:users:name'}), (['read:users:servers'], {'read:users:servers', 'read:users:name'}),
(['admin:groups'], {'admin:groups'}), (['admin:groups'], {'admin:groups', 'groups', 'read:groups'}),
( (
['users:tokens!group=hobbits'], ['users:tokens!group=hobbits'],
{'users:tokens!group=hobbits', 'read:users:tokens!group=hobbits'}, {'users:tokens!group=hobbits', 'read:users:tokens!group=hobbits'},