[ARVADOS] updated: 2.1.0-1714-gf06e73c6a
Git user
git at public.arvados.org
Mon Dec 13 20:01:43 UTC 2021
Summary of changes:
doc/api/permission-model.html.textile.liquid | 1 +
1 file changed, 1 insertion(+)
via f06e73c6aa74c076d2a263442542b628e640307b (commit)
from b7fb5c4593dcc679f5343f0f55b3774a7bcfe499 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
commit f06e73c6aa74c076d2a263442542b628e640307b
Author: Tom Clegg <tom at curii.com>
Date: Mon Dec 13 15:01:18 2021 -0500
18277: Note configurable role visibility in permission model doc.
Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom at curii.com>
diff --git a/doc/api/permission-model.html.textile.liquid b/doc/api/permission-model.html.textile.liquid
index a44d2eefa..faa160248 100644
--- a/doc/api/permission-model.html.textile.liquid
+++ b/doc/api/permission-model.html.textile.liquid
@@ -77,6 +77,7 @@ A "role" is a subtype of Group that is treated in Workbench as a group of users
* All roles are owned by the system user.
* The name of a role is unique across a single Arvados cluster.
* Roles can be both targets (@head_uuid@) and origins (@tail_uuid@) of permission links.
+* By default, all roles are visible to all active users. However, if the configuration entry @Users.RoleGroupsVisibleToAll@ is @false@, visibility is determined by normal permission rules, _i.e._, a role is only visible to users who have that role, and to admins.
h3. Access through Roles
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list