Improved sharing of servers with OAuth2

[rijnhard]

relates to https://github.com/pgadmin-org/pgadmin4/issues/4639

If I am controlling access with Oauth, then there should be a way to have a server shared for a specific group of users (assuming they do have specifically assigned roles).

Basically what I am trying to avoid is passing around credentials, a user should just be able to login and see what is shared with them. similar to what Grafana does with role_attribute_path or what Portainer does group mappings (albeit a bit poorly documented).

Currently, even with shared servers in the servers.json you are still required to pass around credentials.

side note: this is made worse because there is no effective way for you to use PassFile in a docker container with a docker secret, because of where it reads the file from (storage directory).

[bputt-e]

same problem with webserver auth

[pravesh-sharma]

Hi @rijnhard, You can use shared storage to share passfile and then add a shared server in servers.json. Currently, pgAdmin has only 2 roles- Administrator and User.

[akshay-joshi]

No response from the author, hence closing it.

[deefdragon]

Not the author, but commenting on this. Ive attempted to use the passfile & shared storage method mentioned, but Ive been unable to get it to function such that I only need to sign in the once with SSO. (that said, that is likely a me problem more than anything)

Regardless, I feel like the ability to support different users with different permissions/roles/servers in the pass file, or via some other method, that a user can log into can log into based on OAUTH should be considered. Unsure if that falls into a different issue for "add user defined roles" tho.