Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-18 14:38:53 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 57
fleet/tools/saml/users.php
Lucas Manuel Rodriguez 9864048ee9
Allow setting user roles during JIT provisioning (#10193) 
#8411

PS: I've opened #10209 to solve the issue with Golang Code Coverage CI
checks.

- [X] Changes file added for user-visible changes in `changes/` or
`orbit/changes/`.
See [Changes
files](https://fleetdm.com/docs/contributing/committing-changes#changes-files)
for more information.
- [x] Documented any API changes (docs/Using-Fleet/REST-API.md or
docs/Contributing/API-for-contributors.md)
- ~[] Documented any permissions changes~
- ~[ ] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)~
- ~[ ] Added support on fleet's osquery simulator `cmd/osquery-perf` for
new osquery data ingestion features.~
- [X] Added/updated tests
- [x] Manual QA for all new/changed functionality
  - ~For Orbit and Fleet Desktop changes:~
- ~[ ] Manual QA must be performed in the three main OSs, macOS, Windows
and Linux.~
- ~[ ] Auto-update manual QA, from released version of component to new
version (see [tools/tuf/test](../tools/tuf/test/README.md)).~
2023-03-01 20:18:40 -03:00

44 lines
1.7 KiB
PHP
Raw Blame History

<?php
$config = array(
'admin' => array(
'core:AdminPassword',
),
'example-userpass' => array(
'exampleauth:UserPass',
// username: sso_user
// password: user123#
'sso_user:user123#' => array(
'uid' => array('1'),
'eduPersonAffiliation' => array('group1'),
'displayname' => array('SSO User 1'),
'email' => 'sso_user@example.com',
),
'sso_user2:user123#' => array(
'uid' => array('2'),
'eduPersonAffiliation' => array('group1'),
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name' => array('SSO User 2'),
'email' => 'sso_user2@example.com',
),
// sso_user_3_global_admin has FLEET_JIT_USER_ROLE_GLOBAL attribute to be added as global admin.
'sso_user_3_global_admin:user123#' => array(
'uid' => array('3'),
'eduPersonAffiliation' => array('group1'),
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name' => array('SSO User 3'),
'email' => 'sso_user_3_global_admin@example.com',
'FLEET_JIT_USER_ROLE_GLOBAL' => 'admin',
),
// sso_team_user_3 has FLEET_JIT_USER_ROLE_TEAM_1 attribute to be added as maintainer
// of team with ID 1, its login will fail if team with ID 1 doesn't exist.
'sso_user_4_team_maintainer:user123#' => array(
'uid' => array('4'),
'eduPersonAffiliation' => array('group1'),
'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name' => array('SSO User 4'),
'email' => 'sso_user_4_team_maintainer@example.com',
'FLEET_JIT_USER_ROLE_TEAM_1' => 'maintainer',
),
),
);
Reference in a new issue View git blame Copy permalink