From 32c6b3bdb4c75137dd83c94e71b72d15f9c17393 Mon Sep 17 00:00:00 2001 From: mmattel Date: Wed, 19 Apr 2023 12:36:49 +0200 Subject: [PATCH] [docs-only] Add supported values at FRONTEND_READONLY_USER_ATTRIBUTES envvar --- services/frontend/README.md | 4 +++- services/frontend/pkg/config/config.go | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/services/frontend/README.md b/services/frontend/README.md index 55b4bace40..c128b5fd40 100644 --- a/services/frontend/README.md +++ b/services/frontend/README.md @@ -28,4 +28,6 @@ While the frontend service does not persist any data it does cache `Stat()` resp ## Define Read-Only Attributes -A lot of user management is made via the standardized libregraph API. Depending on how the system is configured, there might be some user attributes that an ocis instance admin can't change because of properties coming from an external LDAP server, or similar. This can be the case when the ocis admin is not the LDAP admin. To ease life for admins, there are hints as capabilites telling the frontend which attributes are read-only to enable a different optical representation like being grayed out. To configure these hints, use the environment variable `FRONTEND_READONLY_USER_ATTRIBUTES`, which takes a comma separated list of attributes. +A lot of user management is made via the standardized libregraph API. Depending on how the system is configured, there might be some user attributes that an ocis instance admin can't change because of properties coming from an external LDAP server, or similar. This can be the case when the ocis admin is not the LDAP admin. To ease life for admins, there are hints as capabilites telling the frontend which attributes are read-only to enable a different optical representation like being grayed out. To configure these hints, use the environment variable `FRONTEND_READONLY_USER_ATTRIBUTES`, which takes a comma separated list of attributes, see the envvar for supported values. + +You can find more details regarding available attributes at the [libre-graph-api openapi-spec](https://github.com/owncloud/libre-graph-api/blob/main/api/openapi-spec/v1.0.yaml) and on [owncloud.dev](https://owncloud.dev/libre-graph-api/). diff --git a/services/frontend/pkg/config/config.go b/services/frontend/pkg/config/config.go index 445ddc31c2..107582698d 100644 --- a/services/frontend/pkg/config/config.go +++ b/services/frontend/pkg/config/config.go @@ -44,7 +44,7 @@ type Config struct { DataGateway DataGateway `yaml:"data_gateway"` OCS OCS `yaml:"ocs"` Checksums Checksums `yaml:"checksums"` - ReadOnlyUserAttributes []string `yaml:"read_only_user_attributes" env:"FRONTEND_READONLY_USER_ATTRIBUTES" desc:"Comma separated list of user attributes to indicate as read-only."` + ReadOnlyUserAttributes []string `yaml:"read_only_user_attributes" env:"FRONTEND_READONLY_USER_ATTRIBUTES" desc:"Comma separated list of user attributes to indicate as read-only. Supported values: 'user.onPremisesSamAccountName' (username), 'user.displayName', 'user.mail', 'user.passwordProfile' (password), 'user.appRoleAssignments' (role), 'user.accountEnabled' (login allowed), 'drive.quota' (quota)."` Middleware Middleware `yaml:"middleware"`