add user-role-mappings

arkime · Sep 23, 2024 · 361d82e · 361d82e
1 parent 915b599
commit 361d82e
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 1 deletion.
diff --git a/_data/settings/user-role-mappings.yml b/_data/settings/user-role-mappings.yml
@@ -0,0 +1,30 @@
+name: user-role-mappings
+before: |
+  <p>
+    Starting with 5.4.1 it is now possible to dynamically update the roles associated with a user when using header or oidc authMode.
+    When using this section, all possible roles must be defined, one per line, and any role no longer enabled for the user will be removed.
+    The rules are evaluated on login, and the user's roles are updated accordingly.
+  </p>
+  <p>
+    Each line is of the format <code>rolename=javascript expression</code>.
+    The jaascript expression can use two variable, <code>this</code> which allows you to reference any user fields and <code>vals</code> which allows you to access any of the request headers for header auth or the oidc info for oidc auth.
+  </p>
+
+after: |
+  <p>
+    Example:
+  </p>
+  <pre><code>[user-role-mappings]
+  # Everyone is arkimeUser
+  arkimeUser=true
+  # userAdmin have -svc extension in userId
+  userAdmin=this.userId.endsWith('-svc')
+  # fred and wilma are superAdmin
+  superAdmin=this.userId === 'fred' || this.userId === 'wilma'
+  # custom role based on header value
+  role-special=vals.roles.includes('special')
+  </code></pre>
+
+settings:
+  - key: "[role]="
+    text: A javascript expression using this for user fields and vals for request headers or oidc info.
diff --git a/faq.html b/faq.html
@@ -2473,7 +2473,7 @@ <h3 class="subsection"id="how-do-i-import-existing-pcaps">
         </li>
       </ul>
       <p class="alert alert-secondary">
-        <span class="fa fa-exclamation-triangle"></span> By default importing offline pcap does NOT make a copy of the pcap file, Arkime saves a reference to the original file. If you want to make a copy of the pcap file, use the <code>--copy</code> option with capture.
+        <span class="fa fa-exclamation-triangle"></span> By default importing offline pcap does NOT make a copy of the pcap file, Arkime saves a reference to the original file, which shows up as locked on the files tab. If you want to make a copy of the pcap file, use the <code>--copy</code> option with capture.
         </p>
       <h4>Enable Arkime UI to upload</h4>
       <p>

diff --git a/settings.html b/settings.html
@@ -54,6 +54,7 @@
   - packet-drop-ips
   - remote-clusters
   - multi-viewer-settings
+  - user-role-mappings
   - vlan-vni-collapse
   - wise-types