Skip to content

Commit

Permalink
Finishing manual merge
Browse files Browse the repository at this point in the history
  • Loading branch information
mtesseract committed Aug 8, 2022
1 parent a70feee commit 0ef0ea3
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 7 deletions.
9 changes: 9 additions & 0 deletions dev/env/manifests/shared/03-configmap-config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -232,6 +232,11 @@ data:
roles:
- "acs-general-engineering" # Will include all of ACS engineering. Available also within staging environment.
- "acs-fleet-manager-admin-full" # Prod rover group, will only include selected members + SREs.
- method: POST
roles:
- "acs-general-engineering" # Will include all of ACS engineering. Available also within staging environment.
- "acs-fleet-manager-admin-full" # Prod rover group, will only include selected members + SREs.
- "acs-fleet-manager-admin-write" # Prod rover group, will only include selected members + SREs.
admin-authz-roles-prod.yaml: |-
---
- method: GET
Expand All @@ -246,6 +251,10 @@ data:
- method: DELETE
roles:
- "acs-fleet-manager-admin-full" # Prod rover group, will only include selected members + SREs.
- method: POST
roles:
- "acs-fleet-manager-admin-full" # Prod rover group, will only include selected members + SREs.
- "acs-fleet-manager-admin-write" # Prod rover group, will only include selected members + SREs.
kind: ConfigMap
metadata:
name: config
Expand Down
7 changes: 0 additions & 7 deletions internal/dinosaur/pkg/routes/route_loader.go
Original file line number Diff line number Diff line change
Expand Up @@ -211,13 +211,6 @@ func (s *options) buildAPIBaseRouter(mainRouter *mux.Router, basePath string, op

adminDinosaurHandler := handlers.NewAdminDinosaurHandler(s.Dinosaur, s.AccountService, s.ProviderConfig)
adminRouter := apiV1Router.PathPrefix("/admin").Subrouter()
// TODO(ROX-11683): For now using RH SSO issuer for the admin API, but needs to be re-visited within this ticket.
// rolesMapping := map[string][]string{
// http.MethodGet: {auth.FleetManagerAdminReadRole, auth.FleetManagerAdminWriteRole, auth.FleetManagerAdminFullRole},
// http.MethodPost: {auth.FleetManagerAdminWriteRole, auth.FleetManagerAdminFullRole},
// http.MethodPatch: {auth.FleetManagerAdminWriteRole, auth.FleetManagerAdminFullRole},
// http.MethodDelete: {auth.FleetManagerAdminFullRole},
// }

// TODO(ROX-11683): For now using RH SSO issuer for the admin API, but needs to be re-visited within this ticket.
adminRouter.Use(auth.NewRequireIssuerMiddleware().RequireIssuer(
Expand Down

0 comments on commit 0ef0ea3

Please sign in to comment.