diff options
author | Marcello Stanisci <stanisci.m@gmail.com> | 2018-12-04 12:36:33 +0100 |
---|---|---|
committer | Marcello Stanisci <stanisci.m@gmail.com> | 2018-12-04 12:37:03 +0100 |
commit | f2ed994ed9b81f219c67579cecf6288ec37150ef (patch) | |
tree | ceb2c7639c7fe41142043a42d64842ae80542e23 /buildbot | |
parent | 29ba2c951366744ebea5afca9808e1a149670a0f (diff) | |
download | deployment-f2ed994ed9b81f219c67579cecf6288ec37150ef.tar.gz deployment-f2ed994ed9b81f219c67579cecf6288ec37150ef.tar.bz2 deployment-f2ed994ed9b81f219c67579cecf6288ec37150ef.zip |
Configuring Authz as of the latest API.
Diffstat (limited to 'buildbot')
-rw-r--r-- | buildbot/master.cfg | 21 |
1 files changed, 15 insertions, 6 deletions
diff --git a/buildbot/master.cfg b/buildbot/master.cfg index 908ea15..f6699b9 100644 --- a/buildbot/master.cfg +++ b/buildbot/master.cfg @@ -455,12 +455,20 @@ c["titleURL"] = "https://taler.net" c["buildbotURL"] = "https://buildbot.taler.net/" from taler_bb_userpass_db import USER_PASSWORD_DB -from buildbot.www.authz import authz -authz_cfg = authz.Authz(auth=util.UserPasswordAuth(USER_PASSWORD_DB), - forceBuild="auth", - cancelPendingBuild=True, - stopBuild=True) +authz = util.authz.Authz( + allowRules=[ + # Prevent _any_ action from being taken. + util.AnyEndpointMatcher(role="norole", + defaultDeny=False), + # Unlock force-builds for admins. + util.ForceBuildEndpointMatcher(role=["admins"], + builder="switcher-builder")], + roleMarchers=[ + util.RolesFromUsername(roles="admins", + usernames=["marcello", + "florian", + "christian"])]) # minimalistic config to activate new web UI c["www"] = { @@ -470,7 +478,8 @@ c["www"] = { "console_view":{}}, "allowed_origins": ["https://*.taler.net"], "avatar_methods": [], - "authz": authz_cfg} + "auth": util.UserPasswordAuth(USER_PASSWORD_DB), + "authz": authz} ####### DB URL |