Unless I'm missing something, this sounds like you'd to assign the user into an administrative group and give that administrative group the JCR repository permissions as well as adding the administrative group into the groups list for the WebConsole Security Provider: https://sling.apache.org/documentation/bundles/web-console-extensions.html#security-provider-orgapacheslingextensionswebconsolesecurityprovider
Ideally, you could do this with a callback after the keycloak authentication using a service user. On Wed, Feb 3, 2021 at 11:15 AM Lisa Davidson <[email protected]> wrote: > Eric, > > I'm integrating with keycloak. After the user is authenticated, if user > does not exist, I create a new user via UserManager. > > I currently have a need to be able to grant a particular user admin rights > so that it can access > Browse Content > System Console > System Configuration > > > > > > On Tue, Feb 2, 2021 at 5:21 PM Eric Norman <[email protected]> wrote: > > > Hi Lisa, > > > > Can you provide some additional clarification on what you mean by "to be > > admin"? Are you saying you want to replace the autocreated "admin" user > > with another existing user who then becomes the superuser for the > > repository? Or maybe you meant something else? > > > > Regards, > > Eric > > > > On Tue, Feb 2, 2021 at 12:56 PM Lisa Davidson <[email protected]> wrote: > > > > > I have a need to update an existing user to be admin. For some reason, > I > > > can't find a way to do that in either /bin/users.html/ web console on > the > > > UI or via the REST interface here > > > > > > > > > https://sling.apache.org/documentation/bundles/managing-users-and-groups-jackrabbit-usermanager.html > > > > > > > > > Any suggestions? > > > -- > > > Lisa Davidson, RHCE > > > Sr. Software Engineer > > > Red Hat, Inc. > > > > > > > > -- > Lisa Davidson, RHCE > Sr. Software Engineer > Red Hat, Inc. >
