Skip to content

Commit

Permalink
Manage User should not read roles
Browse files Browse the repository at this point in the history
  • Loading branch information
@peterMuriuki
peterMuriuki committed Nov 21, 2024
1 parent c04863a commit 391f90b
Showing 1 changed file with 1 addition and 4 deletions.
5 changes: 1 addition & 4 deletions packages/rbac/src/adapters/keycloakAdapter.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,10 +44,7 @@ export const parseFHirRoles = (role: string) => {
const keycloakRoleMappings: Record<string, UserRole> = {
'realm-admin': new UserRole(['iam_group', 'iam_role', 'iam_user'], Permit.MANAGE),
'view-users': new UserRole(['iam_user'], Permit.READ),
'manage-users': UserRole.combineRoles([
new UserRole(['iam_user'], Permit.MANAGE),
new UserRole(['iam_role', 'iam_group'], Permit.READ),
]),
'manage-users': UserRole.combineRoles([new UserRole(['iam_user'], Permit.MANAGE)]),
'query-groups': new UserRole(['iam_group'], Permit.READ),
'view-groups': new UserRole(['iam_group'], Permit.READ),
'query-users': new UserRole(['iam_user'], Permit.READ),
Expand Down

0 comments on commit 391f90b

Please sign in to comment.