Registry roles
| 🌐 This document is available in both English and Ukrainian. Use the language toggle in the top right corner to switch between versions. |
The system allows for the extension of the role list for citizens and officers. Eventually, Regulations roles will be used to configure access map on the physical model level, or configure access to separate Regulations Business Processes.
| Learn more about configuring access to Business Processes here. |
1. File structure
Regulations roles are part of Regulations, and are stored in the roles directory. Roles for citizens and officers are stored in the corresponding files - officer.yml and citizen.yml.
roles:
- name: officer-first-rank
description: Role for first-rank officers
- name: officer-second-rank
description: Role for second-rank officers1.1. Configuration elements structure
1.1.1. Role
| Name | Scheme | Comment |
|---|---|---|
name |
string |
Name of Regulations role. Must have a value unique to the realm. |
description (optional) |
string |
Short role description |
2. Publishing changes
Regulations roles are subject to the general Registry regulations operation rules in terms of changes monitoring and publication. In case there are changes to regulations roles files (roles/officer.yml, roles/citizen.yml), the changes publication pipeline will be started. Pipeline execution includes the create-keycloak-roles step that is responsible for regulations roles changes publication. After successful execution of this step the system will have regulations roles according to the files contents.
| Kubernetes CR KeycloakRealmRoleBatch is used as part of API for role configuration: Keycloak operator |