Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
C
config_role_split
Manage
Activity
Members
Labels
Plan
Wiki
Custom issue tracker
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Locked files
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Model registry
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Code review analytics
Insights
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Terms and privacy
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
project
config_role_split
Merge requests
!6
Improved the readability of the README file.
Code
Review changes
Check out branch
Download
Patches
Plain diff
Open
Improved the readability of the README file.
issue/config_role_split-3520263:3520263-typo-in-readme
into
8.x-1.x
Overview
0
Commits
1
Pipelines
0
Changes
1
Open
Nicholas Mangold
requested to merge
issue/config_role_split-3520263:3520263-typo-in-readme
into
8.x-1.x
1 month ago
Overview
0
Commits
1
Pipelines
0
Changes
1
Expand
Closes
#3520263
0
0
Merge request reports
Compare
8.x-1.x
8.x-1.x (HEAD)
and
latest version
latest version
d2c2734a
1 commit,
1 month ago
1 file
+
27
−
20
Inline
Compare changes
Side-by-side
Inline
Show whitespace changes
Show one file at a time
README.md
+
27
−
20
Options
@@ -7,38 +7,45 @@ configuration.
## Status and Weight
The status and weight are used by Config Filter. Only active filters are
applied and they are sorted by weight: Smaller (or negative) weights first
applied
,
and they are sorted by weight: Smaller (or negative) weights first
bigger weights last (they sink to the bottom of the list.)
## Modes
The following modes are currently implemented:
The module supports the following modes for handling role permissions during
configuration synchronization:
### Split
The roles and permissions are removed from the export and maintained only in
the configuration of the role split filter. When importing, the permissions
defined in the role are merged with the ones defined in the filter. When
exporting the permissions are
*split*
and the role will not have the permission
all the while the role in the active configuration will have it.
**Import behavior**
: On import, permissions from both the role and the role
split filter are merged into the active configuration. The active role ends up
with the combined set of permissions, even though the export omits the ones
managed by the filter.
**Export behavior**
: Permissions assigned to roles are removed from the
export and managed exclusively through the role split filter configuration.
This means exported roles will appear to lack those permissions.
### Fork
The permissions defined in the filter configuration are merged when importing.
But when exporting the exported role is cheched first and permissions that
are already exported will not be removed from the export. Permissions that
are active in the sites configuration and defined in the filter but not in
the role in the sync directory are not added to the role in the sync directory.
**Import behavior**
: Permissions defined in the role split filter are merged
into the role during import.
**Export behavior**
: When exporting, existing permissions in the exported
role are preserved. Permissions present in the site's active configuration
and the filter—but not already in the exported role—are not added.
Essentially, only what's already in the sync directory is retained.
### Exclude
The permissions that are attached to a role in the sync directory that are
defined in a exclude filter are removed and will not be part of the active
configuration when importing. When exporting the permissions which have been
exluded will be added back to the role in the sync directory, provided it
already has them there.
**Import behavior**
: Permissions listed in the exclude filter and assigned to
a role in the sync directory are removed during import and won’t be part of
the active configuration.
**Export behavior**
: During export, any previously excluded permissions
that exist in the sync directory's role definition are re-added to the role.
## Roles
Currently the form for entering the role configuration is very crude but works.
Currently
,
the form for entering the role configuration is very crude but works.
The roles configuration should be an array of roles with
a
nd array of
The roles configuration should be an array of roles with n
este
d array
s
of
permissions. Not all the sites roles or all the active permissions need to be
listed, only the ones the filter should interact with.
@@ -51,5 +58,5 @@ authenticated:
-
'
access
user
profiles'
```
The roles should be the id of the role and the permissions should be the same
The roles should be the id of the role
,
and the permissions should be the same
string as the permission id.
Loading