Skip to content

Commit

Permalink
Add ability to define a Default Role (ansible-ThoTeam#401)
Browse files Browse the repository at this point in the history
Support for default role capability

---------

Co-authored-by: Olivier Clavel <[email protected]>
  • Loading branch information
brianveltman and zeitounator authored Jan 9, 2024
1 parent 579b530 commit acb8dd6
Show file tree
Hide file tree
Showing 3 changed files with 19 additions and 0 deletions.
6 changes: 6 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -537,6 +537,12 @@ Those items are combined with the following default values :
roles: [] # references to other role names
```

Besides creating roles, it's also possible to define a default role which will be applied to users and anonymous requests when Nexus can not find or map the according role. Default role can be defined using:

```yaml
nexus_default_role: "developers" # uses the 'developers' role to all users/requests without an explicitly assigned role. Default: ""
```

List of the [roles](https://help.sonatype.com/display/NXRM3/Roles) to setup.

### Users
Expand Down
3 changes: 3 additions & 0 deletions defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -211,6 +211,9 @@ nexus_privileges:
- read
- browse

# You can set a default role to be used with anonymous access for example
nexus_default_role: ""

nexus_roles:
- id: developers # can map to a LDAP group id, also used as a key to update a role
name: developers
Expand Down
10 changes: 10 additions & 0 deletions tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -267,6 +267,16 @@
capability_enabled: "{{ nexus_log4j_visualizer_enabled | bool }}"
capability_properties: {}

- name: Configure Default Role capability
ansible.builtin.include_tasks: call_script.yml
vars:
script_name: setup_capability
call_args:
capability_typeId: defaultrole
capability_enabled: "{{ (nexus_default_role | length > 0) }}"
capability_properties:
role: "{{ nexus_default_role }}"

- name: Define backup task if backup is configured
ansible.builtin.set_fact:
_nexus_backup_task:
Expand Down

0 comments on commit acb8dd6

Please sign in to comment.