codechecker icon indicating copy to clipboard operation
codechecker copied to clipboard

Published 20 hours ago verified publisher icon Ericsson

CodeChecker internal group membership handling

Open dkrupp opened this issue 6 months ago • 0 comments

This is the phase II authorization part of the oauth based authentication #4160

Requirements:

Group adminisration should be only possible with SUPERUSER global permission. See https://github.com/Ericsson/codechecker/blob/master/docs/web/permissions.md#superuser

It should be possible to add users (by an admin) in the web GUI of CodeChecker. It should be possible to add groups too. It should be possible to assign users to groups. group memberships shoudl be stored in the database It should be possible to list group memberships. It should be possible to list users with the last login date.

The user can define a list of groups of which the users must be a member of to log in in server_config.json :

  "authentication": {
    "enabled" : true,
    "realm_name" : "CodeChecker Privileged server",
    "realm_error" : "Access requires valid credentials.",
    "session_lifetime" : 300,
    "refresh_time" : 60,
    "logins_until_cleanup" : 30,
    "allowed_groups" : ["users","admins"]

If the list is empty, all users are allowed to log in.

Minimum required fields for user addition to a group: Email address (unique identifier of a user)

dkrupp avatar Jul 31 '24 12:07 dkrupp