Seperate user and non-user roles #1006
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Changes the access policy tab of various details modals. User roles get displayed in a seperate table from the other roles, with user name and email. This should make it more intuitive to "give someone access to a video/ series". Functionality should not change, the resulting ACLs will look the same as before. Caveat 1: If roles are sanitized, we cannot reliably derive the user from their user role. Therefore, this feature will be disabled if user role sanitization is enabled in Opencast. Caveat 2: I did not find a performant way to query for user information for each and every user. Therefore, if there are upwards of multiple thousands of users, the access policy tab will take several seconds to load.
|
Use Run test server using develop.opencast.org as backend: Specify a different backend like stable.opencast.org: It may take a few seconds for the interface to spin up. |
|
This pull request is deployed at test.admin-interface.opencast.org/1006/2024-12-12_16-23-24/ . |
|
This pull request has conflicts ☹ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #905.
Changes the access policy tab of various details modals. User roles get displayed in a seperate table from the other roles, with user name and email. This should make it more intuitive to "give someone access to a video/ series". Functionality should not change, the resulting ACLs will look the same as before.
Caveat 1: If roles are sanitized, we cannot reliably derive the user from their user role. Therefore, this feature will be disabled if user role sanitization is enabled in Opencast. (The old admin ui allowed for sanitized roles and did some best effort guesswork to derive users from roles. Even though that approach worked for many, I'd rather not reintroduce such brittle code here.)
Caveat 2: I did not find a performant way to query for user information for each and every user. Therefore, if there are upwards of multiple thousands of users, the access policy tab will take several seconds to load.
Requires backend changes. Will break the UI otherwise. opencast/opencast#6382
How to test this patch
As this requires backend changes, the automatically generated stuff from github-actions below will not work.
Install the backend PR in your Opencast. Run this PR against your Opencast, like so
PROXY_TARGET=http://localhost:8080 npm start. Thesanitizeflag can be found in your Opencast configuration files inetc/org.opencastproject.userdirectory.UserIdRoleProvider.cfg.Screenshots:
