Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var DefaultRoleNames = []usersyncsql.RoleName{ usersyncsql.RoleNameTeamcreator, usersyncsql.RoleNameTeamviewer, usersyncsql.RoleNameUserviewer, usersyncsql.RoleNameServiceaccountcreator, }
DefaultRoleNames are the default set of roles that will be assigned to all new users.
Functions ¶
This section is empty.
Types ¶
type Usersynchronizer ¶
type Usersynchronizer struct {
// contains filtered or unexported fields
}
func New ¶
func New(pool *pgxpool.Pool, adminGroupPrefix, tenantDomain string, service *admindirectoryv1.Service, log logrus.FieldLogger) *Usersynchronizer
func NewFromConfig ¶
func NewFromConfig(ctx context.Context, pool *pgxpool.Pool, serviceAccount, subjectEmail, tenantDomain, adminGroupPrefix string, log logrus.FieldLogger) (*Usersynchronizer, error)
func (*Usersynchronizer) RegisterRun ¶
func (s *Usersynchronizer) RegisterRun(ctx context.Context, correlationID uuid.UUID, startedAt, finishedAt time.Time, err error) error
RegisterRun registers a user sync run with a potential error message in the database.
func (*Usersynchronizer) Sync ¶
Sync fetches all users from the Google Directory of the tenant and adds them as users in NAIS API.
If a user already exist in NAIS API the user will get the name and email potentially updated if it has changed in the Google Directory.
After all users have been synced, users that have an email address that matches the tenant domain that no longer exist in the Google Directory will be removed.
All users present in the admin group in the Google Directory will also be granted the admin role in NAIS API, and existing admins that no longer exist in the admin group will get the admin role revoked.
Source Files
Directories