Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

make the default settings bundles part of the config #5589

Merged
merged 4 commits into from
Feb 16, 2023
Merged

make the default settings bundles part of the config #5589

merged 4 commits into from
Feb 16, 2023

Conversation

micbar
Copy link
Contributor

@micbar micbar commented Feb 16, 2023
edited
Loading

Description

This adds the settings bundles to the config. The default roles are still unchanged. You can now override the defaults by replacing the whole bundles list via the yaml config files. An example can be found in the Service Configuration documentation.

@mmattel This is currently only possible via the .yaml file and undocumented on purpose. We need to iterate further before we expose it in the product.

Example

# Autogenerated
# Filename: settings-config-example.yaml

tracing:
  enabled: false
  type: ""
  endpoint: ""
  collector: ""
log:
  level: ""
  pretty: false
  color: false
  file: ""
debug:
  addr: 127.0.0.1:9194
  token: ""
  pprof: false
  zpages: false
http:
  addr: 127.0.0.1:9190
  tls:
    enabled: false
    cert: ""
    key: ""
  root: /
  cors:
    allow_origins:
    - '*'
    allow_methods:
    - GET
    - POST
    - PUT
    - PATCH
    - DELETE
    - OPTIONS
    allow_headers:
    - Authorization
    - Origin
    - Content-Type
    - Accept
    - X-Requested-With
    allow_credentials: true
grpc:
  addr: 127.0.0.1:9191
  tls:
    enabled: false
    cert: ""
    key: ""
grpc_client_tls:
  mode: ""
  cacert: ""
store_type: metadata
data_path: ~/.ocis/settings
metadata_config:
  gateway_addr: 127.0.0.1:9215
  storage_addr: 127.0.0.1:9215
  system_user_id: ""
  system_user_idp: internal
  system_user_api_key: ""
bundles:
- id: 71881883-1768-46bd-a24d-a356a2afdf7f
  name: admin
  type: 2
  extension: ocis-roles
  display_name: Admin
  settings:
  - id: a53e601e-571f-4f86-8fec-d4576ef49c62
    name: role-management
    display_name: Role Management
    description: This permission gives full access to everything that is related to
      role management.
    value:
      permission_value:
        operation: 6
        constraint: 3
    resource:
      type: 6
      id: all
  - id: 3d58f441-4a05-42f8-9411-ef5874528ae1
    name: settings-management
    display_name: Settings Management
    description: This permission gives full access to everything that is related to
      settings management.
    value:
      permission_value:
        operation: 6
        constraint: 3
    resource:
      type: 6
      id: all
  - id: 7d81f103-0488-4853-bce5-98dcce36d649
    name: language-readwrite
    display_name: Permission to read and set the language (anyone)
    description: ""
    value:
      permission_value:
        operation: 6
        constraint: 3
    resource:
      type: 4
      id: aa8cfbe5-95d4-4f7e-a032-c3c01f5f062f
  - id: 8e587774-d929-4215-910b-a317b1e80f73
    name: account-management
    display_name: Account Management
    description: This permission gives full access to everything that is related to
      account management.
    value:
      permission_value:
        operation: 6
        constraint: 3
    resource:
      type: 6
      id: all
  - id: 522adfbe-5908-45b4-b135-41979de73245
    name: group-management
    display_name: Group Management
    description: This permission gives full access to everything that is related to
      group management.
    value:
      permission_value:
        operation: 6
        constraint: 3
    resource:
      type: 7
      id: all
  - id: 4e6f9709-f9e7-44f1-95d4-b762d27b7896
    name: set-space-quota
    display_name: Set Space Quota
    description: This permission allows to manage space quotas.
    value:
      permission_value:
        operation: 6
        constraint: 3
    resource:
      type: 1
      id: ""
  - id: 79e13b30-3e22-11eb-bc51-0b9f0bad9a58
    name: create-space
    display_name: Create Space
    description: This permission allows to create new spaces.
    value:
      permission_value:
        operation: 6
        constraint: 3
    resource:
      type: 1
      id: ""
  - id: 016f6ddd-9501-4a0a-8ebe-64a20ee8ec82
    name: list-all-spaces
    display_name: List All Spaces
    description: This permission allows list all spaces.
    value:
      permission_value:
        operation: 2
        constraint: 3
    resource:
      type: 1
      id: ""
  - id: 5de9fe0a-4bc5-4a47-b758-28f370caf169
    name: delete-all-home-spaces
    display_name: Delete All Home Spaces
    description: This permission allows to delete home spaces.
    value:
      permission_value:
        operation: 4
        constraint: 3
    resource:
      type: 1
      id: ""
  - id: fb60b004-c1fa-4f09-bf87-55ce7d46ac61
    name: delete-all-spaces
    display_name: Delete AllSpaces
    description: This permission allows to delete all spaces.
    value:
      permission_value:
        operation: 4
        constraint: 3
    resource:
      type: 1
      id: ""
  resource:
    type: 1
    id: ""
- id: d7beeea8-8ff4-406b-8fb6-ab2dd81e6b11
  name: user
  type: 2
  extension: ocis-roles
  display_name: User
  settings:
  - id: 640e00d2-4df8-41bd-b1c2-9f30a01e0e99
    name: language-readwrite
    display_name: Permission to read and set the language (self)
    description: ""
    value:
      permission_value:
        operation: 6
        constraint: 1
    resource:
      type: 4
      id: aa8cfbe5-95d4-4f7e-a032-c3c01f5f062f
  - id: e03070e9-4362-4cc6-a872-1c7cb2eb2b8e
    name: self-management
    display_name: Self Management
    description: This permission gives access to self management.
    value:
      permission_value:
        operation: 6
        constraint: 1
    resource:
      type: 6
      id: me
  - id: 79e13b30-3e22-11eb-bc51-0b9f0bad9a58
    name: create-space
    display_name: Create own Space
    description: This permission allows to create a space owned by the current user.
    value:
      permission_value:
        operation: 1
        constraint: 1
    resource:
      type: 1
      id: ""
  resource:
    type: 1
    id: ""
- id: 38071a68-456a-4553-846a-fa67bf5596cc
  name: guest
  type: 2
  extension: ocis-roles
  display_name: Guest
  settings:
  - id: ca878636-8b1a-4fae-8282-8617a4c13597
    name: language-readwrite
    display_name: Permission to read and set the language (self)
    description: ""
    value:
      permission_value:
        operation: 6
        constraint: 1
    resource:
      type: 4
      id: aa8cfbe5-95d4-4f7e-a032-c3c01f5f062f
  resource:
    type: 1
    id: ""
- id: 2a506de7-99bd-4f0d-994e-c38e72c28fd9
  name: profile
  type: 1
  extension: ocis-accounts
  display_name: Profile
  settings:
  - id: aa8cfbe5-95d4-4f7e-a032-c3c01f5f062f
    name: language
    display_name: Language
    description: User language
    value:
      single_choice_value:
        options:
        - value:
            option:
              string_value: cs
          default: false
          display_value: Czech
        - value:
            option:
              string_value: de
          default: false
          display_value: Deutsch
        - value:
            option:
              string_value: en
          default: true
          display_value: English
        - value:
            option:
              string_value: es
          default: false
          display_value: Español
        - value:
            option:
              string_value: fr
          default: false
          display_value: Français
        - value:
            option:
              string_value: gl
          default: false
          display_value: Galego
        - value:
            option:
              string_value: it
          default: false
          display_value: Italiano
    resource:
      type: 6
      id: ""
  resource:
    type: 1
    id: ""
- id: 2aadd357-682c-406b-8874-293091995fdd
  name: spaceadmin
  type: 2
  extension: ocis-roles
  display_name: Space Admin
  settings:
  - id: b44b4054-31a2-42b8-bb71-968b15cfbd4f
    name: Drive.ReadWrite
    display_name: Manage space properties
    description: This permission allows to manage space properties such as name and
      description.
    value:
      permission_value:
        operation: 6
        constraint: 3
    resource:
      type: 1
      id: ""
  - id: cf3faa8c-50d9-4f84-9650-ff9faf21aa9d
    name: Drive.ReadWriteEnabled
    display_name: Space ability
    description: This permission allows to enable and disable spaces.
    value:
      permission_value:
        operation: 6
        constraint: 3
    resource:
      type: 1
      id: ""
  - id: 4e6f9709-f9e7-44f1-95d4-b762d27b7896
    name: set-space-quota
    display_name: Set Space Quota
    description: This permission allows to manage space quotas.
    value:
      permission_value:
        operation: 6
        constraint: 3
    resource:
      type: 1
      id: ""
  - id: 79e13b30-3e22-11eb-bc51-0b9f0bad9a58
    name: create-space
    display_name: Create Space
    description: This permission allows to create new spaces.
    value:
      permission_value:
        operation: 6
        constraint: 3
    resource:
      type: 1
      id: ""
  - id: 016f6ddd-9501-4a0a-8ebe-64a20ee8ec82
    name: list-all-spaces
    display_name: List All Spaces
    description: This permission allows list all spaces.
    value:
      permission_value:
        operation: 2
        constraint: 3
    resource:
      type: 1
      id: ""
  - id: 640e00d2-4df8-41bd-b1c2-9f30a01e0e99
    name: language-readwrite
    display_name: Permission to read and set the language (self)
    description: ""
    value:
      permission_value:
        operation: 6
        constraint: 1
    resource:
      type: 4
      id: aa8cfbe5-95d4-4f7e-a032-c3c01f5f062f
  - id: e03070e9-4362-4cc6-a872-1c7cb2eb2b8e
    name: self-management
    display_name: Self Management
    description: This permission gives access to self management.
    value:
      permission_value:
        operation: 6
        constraint: 1
    resource:
      type: 6
      id: me
  - id: 79e13b30-3e22-11eb-bc51-0b9f0bad9a58
    name: create-space
    display_name: Create own Space
    description: This permission allows to create a space owned by the current user.
    value:
      permission_value:
        operation: 1
        constraint: 1
    resource:
      type: 1
      id: ""
  resource:
    type: 1
    id: ""
admin_user_id: ""
token_manager:
  jwt_secret: ""
set_default_assignments: false

How Has This Been Tested?

  • test environment:
  • test case 1:
  • test case 2:
  • ...

Screenshots (if appropriate):

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Technical debt
  • Tests only (no source changes)

Checklist:

  • Code changes
  • Unit tests added
  • Acceptance tests added
  • Documentation ticket raised:

@update-docs
Copy link

update-docs bot commented Feb 16, 2023

Thanks for opening this pull request! The maintainers of this repository would appreciate it if you would create a changelog item based on your changes.

@micbar micbar marked this pull request as ready for review February 16, 2023 12:30
@micbar micbar requested review from butonic and C0rby February 16, 2023 12:32
@mmattel
Copy link
Contributor

mmattel commented Feb 16, 2023

This is currently only possible via the .yaml file and undocumented on purpose.

At the moment where you have it in the yaml example file, it is visible due to the automated doc process...

butonic
butonic reviewed Feb 16, 2023
View reviewed changes
services/settings/Makefile Outdated Show resolved Hide resolved
@sonarcloud
Copy link

sonarcloud bot commented Feb 16, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

100.0% 100.0% Coverage
0.0% 0.0% Duplication

@micbar micbar merged commit eb2347e into master Feb 16, 2023
@delete-merged-branch delete-merged-branch bot deleted the settings-roles branch February 16, 2023 15:05
ownclouders pushed a commit that referenced this pull request Feb 16, 2023
@micbar
commit eb2347e
4303f11 
Merge: e21ca81 552f3b3
Author: Michael Barz <[email protected]>
Date:   Thu Feb 16 16:05:29 2023 +0100

    Merge pull request #5589 from owncloud/settings-roles

    make the default settings bundles part of the config
@micbar micbar mentioned this pull request May 3, 2023
Closed
89 tasks
@ScharfViktor ScharfViktor mentioned this pull request May 4, 2023
Closed
86 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@butonic butonic butonic approved these changes

@kulmann kulmann Awaiting requested review from kulmann kulmann is a code owner

@lookacat lookacat Awaiting requested review from lookacat

@C0rby C0rby Awaiting requested review from C0rby

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@micbar @mmattel @butonic