Comments (4)
jpeddicord
commented on August 15, 2024
1
Correct. It's a map/object where the keys are group names (from getGroups), and values are one of owner, editor, and viewer.
from oss-attribution-builder.
jpeddicord
commented on August 15, 2024
The error you're seeing comes from some validation logic that attempts to ensure that a project isn't left in an unusable state. This error message is general, but also affects new projects (it could be better). Basically, it's telling you that with the permissions you've specified, the project you've created has permissions that prevent you from editing it.
How to fix this is going to depend on the authorization backend you're using. The only one we ship in this project is nullauth, which is set up as a demonstration. This has a couple properties: 1) you're in a group called self:yourusername, and 2) everyone is in a group called everyone (you can see that at the bottom of the file linked).
If you wanted to replicate that (before implementing authorization), you'd want to set a key of self:username to owner, replacing the username with whatever user you're supplying for authentication. But you'll want to replace that authorization backend with something more geared for production use. :)
At Amazon we have a custom back-end set up to work with our internal SSO and LDAP systems. i.e., getGroups will query our directory for groups that the viewing user is a member of. Here's a small snippet of that:
async getGroups(user: string): Promise<string[]> {
const ldapGroups = await this._ldapsearch('ou=groups,o=.....', {
scope: 'sub',
filter: 'memberuid=' + encodeURIComponent(user),
attributes: ['cn'],
}, (obj) => `ldap:${obj.cn}`);
...
return ldapGroups;
}
Bit more to it than just that, but that's the general idea. The groups you supply in the ACL structure (when creating or modifying a project) have to have at least one with a value of owner and a key that is the output of getGroups. In other words, the key has to be one of the current user's groups.
Does that help answer your question?
from oss-attribution-builder.
sschuberth
commented on August 15, 2024
Chiming in here, when looking at
oss-attribution-builder/docs/openapi.yaml
Lines 230 to 231 in 5548c3e
and
oss-attribution-builder/docs/openapi.yaml
Lines 89 to 96 in 5548c3e
I also found it hard to understand that ACL is not actually a single string / enum, but a (hash)map (I guess that's what JavaScript generically calls an "object") of (authentication backend specific) strings to permissions, where permissions can be one of "owner", "editor" or "viewer". Correct?
from oss-attribution-builder.
jamesiri
commented on August 15, 2024
from oss-attribution-builder.
Related Issues (20)
- Figure out Gulp/build situation HOT 1
- Update npm dependencies HOT 1
- Tags should be able to present additional info to the UI HOT 1
- Tags should be able to ask for additional information in how a package is used HOT 1
- Project cloning
- Marking components as validated/confirmed/curated HOT 3
- API for adding components HOT 3
- Auto-discover license from URL HOT 1
- Auto-detect license text HOT 1
- Change package version without needing to re-enter package information
- No UI for editing project ACLs HOT 1
- Programmatic access HOT 1
- Issues with large projects HOT 1
- Trim whitespace on package names/versions HOT 1
- attribution builder accessible through localhost:8000 not 2424 HOT 3
- API: attaching packages seems to mess up packageIds HOT 2
- TAGS: transformCopyright() not working as expected with 'notice' HOT 4
- Archiving projects HOT 1
- Closing down oss-attribution-builder
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from oss-attribution-builder.