Skip to content

feat: add global viewer role and global token support#596

Open
sap-yuan wants to merge 1 commit intomasterfrom
feat/global-viewer-role
Open

feat: add global viewer role and global token support#596
sap-yuan wants to merge 1 commit intomasterfrom
feat/global-viewer-role

Conversation

@sap-yuan
Copy link
Collaborator

@sap-yuan sap-yuan commented Mar 20, 2026

  • Add 'viewer' role (level 15) to OPA admin policy
  • Allow viewer role GET-only access to all resources
  • Add global_token database table (migration 00045)
  • Add encode_global_token() in token.py
  • Support 'global' token type in ibflask.py normalize_token()
  • Add global token CRUD API endpoints under /admin/global-tokens
  • Update OPA projects policy for global token read access

@sap-yuan
feat: add global viewer role and global token support
f3f932b 
- Add 'viewer' role (level 15) to OPA admin policy
- Allow viewer role GET-only access to all resources
- Add global_token database table (migration 00045)
- Add encode_global_token() in token.py
- Support 'global' token type in ibflask.py normalize_token()
- Add global token CRUD API endpoints under /admin/global-tokens
- Update OPA projects policy for global token read access
@sap-yuan sap-yuan self-assigned this Mar 20, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@sap-yuan sap-yuan

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@sap-yuan