Re: [[email protected]] How to add permissions for multiple roles?

Tue, 12 Dec 2017 09:00:12 -0800 

Thanks.

On Tue, Dec 12, 2017 at 2:39 AM, Pierre Tardy <[email protected]> wrote:

> Hi Chris,
> You need to use defaultDeny=True for all but the last matcher of the same
> kind.
> http://docs.buildbot.net/latest/manual/cfg-www.html#endpoint-matchers
>
>       allowRules=[
>         util.StopBuildEndpointMatcher(role="admins"),
>         util.ForceBuildEndpointMatcher(role="admins"),
>         util.RebuildBuildEndpointMatcher(role="admins",
> defaultDeny=False),
>         util.RebuildBuildEndpointMatcher(role="developers")
>       ],
>
> I also added the AnyControlEndpointMatcher to simplify the rule, and be
> more future proof.
>
>       allowRules=[
>         util.RebuildBuildEndpointMatcher(role="developers",
> defaultDeny=False)
>         util.AnyControlEndpointMatcher(role="admins")
>       ],
>
>
> On Mon, Dec 11, 2017 at 11:48 PM Chris Spencer <[email protected]>
> wrote:
>
>> How do you grant the permission to "rebuild" to multiple groups? I have
>> an "admin" group with all permissions, but I want to give a "developers"
>> group this permission as well, but not the other permissions.
>>
>> So I tried adding `RebuildBuildEndpointMatcher(role="developers")` to my
>> Authz's allowRules list like:
>>
>>     authz = util.Authz(
>>       allowRules=[
>>         util.StopBuildEndpointMatcher(role="admins"),
>>         util.ForceBuildEndpointMatcher(role="admins"),
>>         util.RebuildBuildEndpointMatcher(role="admins"),
>>         util.RebuildBuildEndpointMatcher(role="developers") # added this
>>       ],
>>       roleMatchers=[
>>         util.RolesFromEmails(admins=["...admin emails..."]),
>>         util.RolesFromUsername(roles=["admins"], usernames=["...admin
>> usernames..."]),
>>         util.RolesFromUsername(roles=["developers"],
>> usernames=["...developer usernames..."])
>>       ]
>>     )
>>
>> However, when a developer clicks the "Rebuild" they still get the error
>> about not being an admin.
>>
>> Why isn't this configuration working?
>> _______________________________________________
>> users mailing list
>> [email protected]
>> https://lists.buildbot.net/mailman/listinfo/users
>
>

_______________________________________________
users mailing list
[email protected]
https://lists.buildbot.net/mailman/listinfo/users

Reply via email to