status-im
/
spiff-arena
mirror of https://github.com/status-im/spiff-arena.git
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into task_json

This commit is contained in:
Jon Herron 2022-11-25 15:08:37 -05:00
parent 14950a0de6 813c1176e6
commit 89ff665ac8
3 changed files with 83 additions and 139 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
spiffworkflow-backend/bin/start_keycloak
View File

@ -27,7 +27,7 @@ docker run \
-e KEYCLOAK_LOGLEVEL=ALL \ -e KEYCLOAK_LOGLEVEL=ALL \
-e ROOT_LOGLEVEL=ALL \ -e ROOT_LOGLEVEL=ALL \
-e KEYCLOAK_ADMIN=admin \ -e KEYCLOAK_ADMIN=admin \
-e KEYCLOAK_ADMIN_PASSWORD=admin quay.io/keycloak/keycloak:19.0.3 start-dev \ -e KEYCLOAK_ADMIN_PASSWORD=admin quay.io/keycloak/keycloak:20.0.1 start-dev \
-Dkeycloak.profile.feature.token_exchange=enabled \ -Dkeycloak.profile.feature.token_exchange=enabled \
-Dkeycloak.profile.feature.admin_fine_grained_authz=enabled -Dkeycloak.profile.feature.admin_fine_grained_authz=enabled

120
spiffworkflow-backend/src/spiffworkflow_backend/config/permissions/development.yml
View File

@ -58,28 +58,33 @@ groups:
lead1, lead1,
] ]
demo:
users:
[
core,
fin,
fin1,
lead,
lead1
]
core-contributor: core-contributor:
users: [core] users: [core]
permissions: permissions:
admin:
groups: [admin]
users: []
allowed_permissions: [create, read, update, delete]
uri: /*
tasks-crud: tasks-crud:
groups: [everybody] groups: [everybody]
users: [] users: []
allowed_permissions: [create, read, update, delete] allowed_permissions: [create, read, update, delete]
uri: /v1.0/tasks/* uri: /v1.0/tasks/*
admin: # read all for everybody
groups: [admin]
users: []
allowed_permissions: [create, read, update, delete, list, instantiate]
uri: /*
read-all:
groups: ["Finance Team", "Project Lead", admin]
users: []
allowed_permissions: [read]
uri: /*
read-all-process-groups: read-all-process-groups:
groups: [everybody] groups: [everybody]
users: [] users: []
@ -90,17 +95,18 @@ permissions:
users: [] users: []
allowed_permissions: [read] allowed_permissions: [read]
uri: /v1.0/process-models/* uri: /v1.0/process-models/*
read-process-instance-list: read-all-process-instance:
groups: [everybody] groups: [everybody]
users: [] users: []
allowed_permissions: [read] allowed_permissions: [read]
uri: /v1.0/process-instances uri: /v1.0/process-instances/*
read-process-instance-reports: read-process-instance-reports:
groups: [everybody] groups: [everybody]
users: [] users: []
allowed_permissions: [read] allowed_permissions: [read]
uri: /v1.0/process-instances/reports/* uri: /v1.0/process-instances/reports/*
manage-procurement-admin: manage-procurement-admin:
groups: ["Project Lead"] groups: ["Project Lead"]
users: [] users: []
@ -136,89 +142,45 @@ permissions:
groups: ["Finance Team"] groups: ["Finance Team"]
users: [] users: []
allowed_permissions: [create, read, update, delete] allowed_permissions: [create, read, update, delete]
uri: /v1.0/process-groups/manage-procurement:procurement:vendor-invoice-management:* uri: /v1.0/process-groups/manage-procurement:procurement:*
finance-admin-slash:
groups: ["Finance Team"]
users: []
allowed_permissions: [create, read, update, delete]
uri: /v1.0/process-groups/manage-procurement:procurement:vendor-invoice-management/*
finance-admin-models:
groups: ["Finance Team"]
users: []
allowed_permissions: [create, read, update, delete]
uri: /v1.0/process-models/manage-procurement:procurement:vendor-invoice-management:*
finance-admin-models-slash:
groups: ["Finance Team"]
users: []
allowed_permissions: [create, read, update, delete]
uri: /v1.0/process-models/manage-procurement:procurement:vendor-invoice-management/*
finance-admin-instances:
groups: ["Finance Team"]
users: []
allowed_permissions: [create, read, update, delete]
uri: /v1.0/process-instances/manage-procurement:procurement:vendor-invoice-management:*
finance-admin-instances-slash:
groups: ["Finance Team"]
users: []
allowed_permissions: [create, read, update, delete]
uri: /v1.0/process-instances/manage-procurement:procurement:vendor-invoice-management/*
core-admin: demo-models-instantiate-vendor-block:
groups: ["core-contributor"] groups: ["demo"]
users: [] users: []
allowed_permissions: [read] allowed_permissions: [create]
uri: /v1.0/process-groups/manage-procurement:procurement:vendor-invoice-management:* uri: /v1.0/process-models/manage-procurement:vendor-lifecycle-management:vendor-md-maintenance:vendor-md-block/process-instances
core-admin-slash: demo-models-instantiate-vendor-change:
groups: ["core-contributor"] groups: ["demo"]
users: [] users: []
allowed_permissions: [read] allowed_permissions: [create]
uri: /v1.0/process-groups/manage-procurement:procurement:vendor-invoice-management/* uri: /v1.0/process-models/manage-procurement:vendor-lifecycle-management:vendor-md-maintenance:vendor-md-change/process-instances
core-admin-models: demo-models-instantiate-vendor-creation:
groups: ["core-contributor"] groups: ["demo"]
users: [] users: []
allowed_permissions: [read] allowed_permissions: [create]
uri: /v1.0/process-models/manage-procurement:procurement:vendor-invoice-management:* uri: /v1.0/process-models/manage-procurement:vendor-lifecycle-management:vendor-md-maintenance:vendor-md-creation/process-instances
core-admin-models-slash: demo-models-instantiate-vendor-core-invoice_appoval:
groups: ["core-contributor"] groups: ["demo"]
users: [] users: []
allowed_permissions: [read] allowed_permissions: [create]
uri: /v1.0/process-models/manage-procurement:procurement:vendor-invoice-management/* uri: /v1.0/process-models/manage-procurement:procurement:core-contributor-invoice-management:cc-invoice-approval/process-instances
core-admin-models-instantiate: core-admin-models-instantiate:
groups: ["core-contributor"] groups: ["core-contributor"]
users: [] users: []
allowed_permissions: [create] allowed_permissions: [create]
uri: /v1.0/process-models/manage-procurement:procurement:vendor-invoice-management:invoice-approval/process-instances uri: /v1.0/process-models/manage-procurement:procurement:core-contributor-invoice-management:cc-invoice-approval/process-instances
core-admin-instances: core-admin-instances:
groups: ["core-contributor"] groups: ["core-contributor"]
users: [] users: []
allowed_permissions: [create, read] allowed_permissions: [create, read]
uri: /v1.0/process-instances/manage-procurement:procurement:vendor-invoice-management:* uri: /v1.0/process-instances/manage-procurement:procurement:core-contributor-invoice-management:*
core-admin-instances-slash: core-admin-instances-slash:
groups: ["core-contributor"] groups: ["core-contributor"]
users: [] users: []
allowed_permissions: [create, read] allowed_permissions: [create, read]
uri: /v1.0/process-instances/manage-procurement:procurement:vendor-invoice-management/* uri: /v1.0/process-instances/manage-procurement:procurement:core-contributor-invoice-management/*
core1-admin:
groups: ["core-contributor"]
users: []
allowed_permissions: [read]
uri: /v1.0/process-groups/misc:category_number_one:*
core1-admin-slash:
groups: ["core-contributor"]
users: []
allowed_permissions: [read]
uri: /v1.0/process-groups/misc:category_number_one/*
core1-admin-models:
groups: ["core-contributor"]
users: []
allowed_permissions: [read]
uri: /v1.0/process-models/misc:category_number_one:process-model-with-form:*
core1-admin-models-slash:
groups: ["core-contributor"]
users: []
allowed_permissions: [read]
uri: /v1.0/process-models/misc:category_number_one:process-model-with-form/*
core1-admin-models-instantiate: core1-admin-models-instantiate:
groups: ["core-contributor"] groups: ["core-contributor"]
users: [] users: []

100
spiffworkflow-backend/src/spiffworkflow_backend/config/permissions/terraform_deployed_environment.yml
View File

@ -58,28 +58,33 @@ groups:
lead1, lead1,
] ]
demo:
users:
[
core,
fin,
fin1,
lead,
lead1
]
core-contributor: core-contributor:
users: [core] users: [core]
permissions: permissions:
admin:
groups: [admin]
users: []
allowed_permissions: [create, read, update, delete]
uri: /*
tasks-crud: tasks-crud:
groups: [everybody] groups: [everybody]
users: [] users: []
allowed_permissions: [create, read, update, delete] allowed_permissions: [create, read, update, delete]
uri: /v1.0/tasks/* uri: /v1.0/tasks/*
admin: # read all for everybody
groups: [admin]
users: []
allowed_permissions: [create, read, update, delete, list, instantiate]
uri: /*
read-all:
groups: ["Finance Team", "Project Lead", admin]
users: []
allowed_permissions: [read]
uri: /*
read-all-process-groups: read-all-process-groups:
groups: [everybody] groups: [everybody]
users: [] users: []
@ -90,17 +95,18 @@ permissions:
users: [] users: []
allowed_permissions: [read] allowed_permissions: [read]
uri: /v1.0/process-models/* uri: /v1.0/process-models/*
read-process-instance-list: read-all-process-instance:
groups: [everybody] groups: [everybody]
users: [] users: []
allowed_permissions: [read] allowed_permissions: [read]
uri: /v1.0/process-instances uri: /v1.0/process-instances/*
read-process-instance-reports: read-process-instance-reports:
groups: [everybody] groups: [everybody]
users: [] users: []
allowed_permissions: [read] allowed_permissions: [read]
uri: /v1.0/process-instances/reports/* uri: /v1.0/process-instances/reports/*
manage-procurement-admin: manage-procurement-admin:
groups: ["Project Lead"] groups: ["Project Lead"]
users: [] users: []
@ -136,65 +142,41 @@ permissions:
groups: ["Finance Team"] groups: ["Finance Team"]
users: [] users: []
allowed_permissions: [create, read, update, delete] allowed_permissions: [create, read, update, delete]
uri: /v1.0/process-groups/manage-procurement:procurement:vendor-invoice-management:* uri: /v1.0/process-groups/manage-procurement:procurement:*
finance-admin-slash:
groups: ["Finance Team"]
users: []
allowed_permissions: [create, read, update, delete]
uri: /v1.0/process-groups/manage-procurement:procurement:vendor-invoice-management/*
finance-admin-models:
groups: ["Finance Team"]
users: []
allowed_permissions: [create, read, update, delete]
uri: /v1.0/process-models/manage-procurement:procurement:vendor-invoice-management:*
finance-admin-models-slash:
groups: ["Finance Team"]
users: []
allowed_permissions: [create, read, update, delete]
uri: /v1.0/process-models/manage-procurement:procurement:vendor-invoice-management/*
finance-admin-instances:
groups: ["Finance Team"]
users: []
allowed_permissions: [create, read, update, delete]
uri: /v1.0/process-instances/manage-procurement:procurement:vendor-invoice-management:*
finance-admin-instances-slash:
groups: ["Finance Team"]
users: []
allowed_permissions: [create, read, update, delete]
uri: /v1.0/process-instances/manage-procurement:procurement:vendor-invoice-management/*
core-admin: demo-models-instantiate-vendor-block:
groups: ["core-contributor"] groups: ["demo"]
users: [] users: []
allowed_permissions: [read] allowed_permissions: [create]
uri: /v1.0/process-groups/manage-procurement:procurement:vendor-invoice-management:* uri: /v1.0/process-models/manage-procurement:vendor-lifecycle-management:vendor-md-maintenance:vendor-md-block/process-instances
core-admin-slash: demo-models-instantiate-vendor-change:
groups: ["core-contributor"] groups: ["demo"]
users: [] users: []
allowed_permissions: [read] allowed_permissions: [create]
uri: /v1.0/process-groups/manage-procurement:procurement:vendor-invoice-management/* uri: /v1.0/process-models/manage-procurement:vendor-lifecycle-management:vendor-md-maintenance:vendor-md-change/process-instances
core-admin-models: demo-models-instantiate-vendor-creation:
groups: ["core-contributor"] groups: ["demo"]
users: [] users: []
allowed_permissions: [read] allowed_permissions: [create]
uri: /v1.0/process-models/manage-procurement:procurement:vendor-invoice-management:* uri: /v1.0/process-models/manage-procurement:vendor-lifecycle-management:vendor-md-maintenance:vendor-md-creation/process-instances
core-admin-models-slash: demo-models-instantiate-vendor-core-invoice_appoval:
groups: ["core-contributor"] groups: ["demo"]
users: [] users: []
allowed_permissions: [read] allowed_permissions: [create]
uri: /v1.0/process-models/manage-procurement:procurement:vendor-invoice-management/* uri: /v1.0/process-models/manage-procurement:procurement:core-contributor-invoice-management:cc-invoice-approval/process-instances
core-admin-models-instantiate: core-admin-models-instantiate:
groups: ["core-contributor"] groups: ["core-contributor"]
users: [] users: []
allowed_permissions: [create] allowed_permissions: [create]
uri: /v1.0/process-models/manage-procurement:procurement:vendor-invoice-management:invoice-approval/process-instances uri: /v1.0/process-models/manage-procurement:procurement:core-contributor-invoice-management:cc-invoice-approval/process-instances
core-admin-instances: core-admin-instances:
groups: ["core-contributor"] groups: ["core-contributor"]
users: [] users: []
allowed_permissions: [create, read] allowed_permissions: [create, read]
uri: /v1.0/process-instances/manage-procurement:procurement:vendor-invoice-management:* uri: /v1.0/process-instances/manage-procurement:procurement:core-contributor-invoice-management:*
core-admin-instances-slash: core-admin-instances-slash:
groups: ["core-contributor"] groups: ["core-contributor"]
users: [] users: []
allowed_permissions: [create, read] allowed_permissions: [create, read]
uri: /v1.0/process-instances/manage-procurement:procurement:vendor-invoice-management/* uri: /v1.0/process-instances/manage-procurement:procurement:core-contributor-invoice-management/*