hazza/jupyterhub
1
0
Fork 0
mirror of https://github.com/jupyterhub/jupyterhub.git synced 2025-10-08 10:34:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
3cfb14b9e5ae272be85fa1ca75ee53e4654716e6
jupyterhub/docs/source/rbac
History
Min RK 7e22614a4e [squash me] token progress 
tokens have scopes

    instead of roles, which allow tokens to change permissions over time

    This is mostly a low-level change,
    with little outward-facing effects.

    - on upgrade, evaluate all token role assignments to their current scopes,
      and store those scopes on the tokens
    - assigning roles to tokens still works, but scopes are evaluated and validated immediately,
      rather than lazily stored as roles
    - no longer need to check for role permission changes on startup, because token permissions aren't affected
    - move a few scope utilities from roles to scopes
    - oauth allows specifying scopes, not just roles.
      But these are still at the level specified in roles,
      not fully-resolved scopes.
    - more granular APIs for working with scopes and roles

    Still to do later:

    - expose scopes config for Spawner/service
    - compute 'full' intersection of requested scopes, rather than on the 'raw' scope list in roles
2022-03-24 15:05:50 +01:00
..
generate-scope-table.py
Make the generate-scope-table script autoformat its output
2022-01-10 10:48:01 +01:00
index.md
Refactored scope names and updated docs to reflect this
2021-06-15 13:00:15 +02:00
roles.md
[squash me] token progress
2022-03-24 15:05:50 +01:00
scopes.md
improve custom scope docstrings
2022-03-16 08:44:52 +01:00
tech-implementation.md
[squash me] token progress
2022-03-24 15:05:50 +01:00
upgrade.md
Update upgrade section
2021-06-23 11:44:40 +02:00
use-cases.md
Refactored scope names and updated docs to reflect this
2021-06-15 13:00:15 +02:00