<%# Admin role detail body (todo §5), captured into the shell content slot. Config: role { name } members { action, rows: { kind:"group"|"user", label, subject }[] } action = revoke endpoint effective { label }[] users who hold the role (expand) add { action, options: {label,value}[] } action = assign endpoint del { action } delete the whole role csrfToken, error? %><% const role = locals.role; const members = locals.members; const effective = locals.effective; const add = locals.add; const del = locals.del; const csrf = locals.csrfToken; -%>
<% if (locals.error) { -%> <%- include("alert", { text: locals.error, tone: "neg" }) %> <% } -%>

Assigned to

<% if (members.rows.length) { -%>
<% members.rows.forEach((m) => { -%> <% }) -%>
Members of <%= role.name %>
MemberTypeActions
<%= m.label %><%= m.kind === "group" ? "Group" : "User" %>
<% } else { -%>

Not assigned to anyone yet.

<% } -%>

Effective access

Everyone who holds this role — directly or through a group (resolved by Keto).

<% if (effective.length) { -%> <% } else { -%>

No users hold this role yet.

<% } -%>

Assign the role

<% if (add.options.length) { -%>
<% } else { -%>

All users and groups already have this role.

<% } -%>