Forum

Thread tagged as: Problem, Add-on-development

Access to Roles when using auth plugin

When authenticating using an auth plugin as an Admin user the Roles functionality is not available in the menu within Perch or Perch Runway. For Runway this is less of an issue as a link to /perch/core/users/roles/ can be added via the Menu Manager but it is a real restriction for Perch.

Kevin Jackson

Kevin Jackson 0 points

  • 2 years ago
Drew McLellan

Drew McLellan 2638 points
Perch Support

This is intentional - the idea is that your plugin is supposed to implement the has_priv() method.

Sorry for late reply on this one, I thought I'd already responded but must have missed submit.

Can I just check if my approach fits with your views.

I have an authentication app that uses SAML to authenticate via an identity provider. The SAML process returns an email address and role (standard Perch role or a custom role that I have created) as in the example on https://docs.grabaperch.com/api/auth/.

The list of roles needs to be syncronised between Perch and the identity provider. This all works well (except the issue with Assets and external auth https://forum.grabaperch.com/forum/10-22-2018-files-not-showing-up-in-assets-when-using-auth-plugin).

When the client gets a new person in their business management team, access to Perch Admin can be seemlesly provisioned along with email, cloud storage etc. More importantly when someone leaves the company, Perch access is removed immediately through the existing "exit" proocess.

Have I missed something?

Kevin

Drew McLellan

Drew McLellan 2638 points
Perch Support

No, I don't think so. I'm not sure I understand what you're asking.

Drew

Why would I need to implement the has_priv() method if roles are defined and users are being authenticated against these roles?

Kevin