-
Notifications
You must be signed in to change notification settings - Fork 15
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Discussion: enable role based/fine grained control over commands #47
Comments
Hi @CoolCold; thanks for opening the discussion on this. To take this in a few parts:
This could be achieved by using the 'roles' and actions functionality in Corebot. See the 'security' section in the docs and the examples for how security can be set up to limit actions to particular users or roles.
This should be possible by enabling the option to trigger the job as the slack user. Please do let me know how you get on. |
hello @outofcoffee ! for 2:
I've reread example, but cannot see how to do it, to my understanding you need a list of auth tokens per every user or some external check in Rundeck. |
Let's imagine we have mixed Slack installation - devs, support, admins, managers, even TOP level strangers in something like #firefighters channels. Limit the execution of commands to particular set of users would be really nice - i.e. 1st line support can do some "dmesg" commands, but not "docker restart ...".
It would be much nicer to have it via some binding to Rundeck itself, which integrates with LDAP/AD and has definition of roles on it's own, just need to pass the handle of user, but as I understand it's only limited to TOKEN auth - either token is right or wrong.
Would like to listen to your commends/ideas.
The text was updated successfully, but these errors were encountered: