Move admin screens (users/groups/roles/oauth2-clients) into a drop-in example plugin; add the ctx.system capability surface
This commit is contained in:
@@ -28,16 +28,19 @@ services:
|
||||
interval: 2s
|
||||
timeout: 4s
|
||||
retries: 30
|
||||
# plugins/ is empty in the image; bind the reference example in as the `scheduling` plugin so the
|
||||
# browser flow can open its gated /scheduling/shifts page.
|
||||
# plugins/ is empty in the image; bind the example plugins in so the browser flow can open the
|
||||
# gated /scheduling/shifts page and the /admin/* screens (the admin screens ship as a drop-in
|
||||
# plugin, mounted at /app/plugins/admin, reaching the host's Ory clients via ctx.system).
|
||||
volumes:
|
||||
- ./examples/plugins/scheduling:/app/plugins/scheduling:ro
|
||||
- ./examples/plugins/admin:/app/plugins/admin:ro
|
||||
|
||||
# bootstrap grants the demo admin every discovered plugin's permission tokens, so it needs the
|
||||
# reference plugin present too — else the admin lacks scheduling:read/write and the gated page 403s.
|
||||
# example plugins present too — else the admin lacks scheduling:read/write and the gated pages 403.
|
||||
bootstrap:
|
||||
volumes:
|
||||
- ./examples/plugins/scheduling:/app/plugins/scheduling:ro
|
||||
- ./examples/plugins/admin:/app/plugins/admin:ro
|
||||
|
||||
# Browser-facing URLs (base_url, every ui_url, the after-login redirect) move to the gateway host.
|
||||
# `--dev`: the browser hits the gateway over http, but Kratos marks cookies Secure for a
|
||||
|
||||
@@ -25,7 +25,7 @@ function devSession(roles: string[] = []): string {
|
||||
test.beforeAll(async () => { await mkdir(SHOTS, { recursive: true }); });
|
||||
|
||||
// The dashboard is gated: a page navigation needs a session. Plant one per test — a plain
|
||||
// member (no roles) so the gated scheduling/admin nav stays filtered out.
|
||||
// member (no roles) so the gated scheduling nav stays filtered out.
|
||||
test.beforeEach(async ({ context }) => {
|
||||
await context.addCookies([{ name: SESSION_COOKIE, url: BASE_URL, value: devSession() }]);
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user