We need an admin flow for user access to the guard coookie, and ideally also allowing it to be preset on a device by a third party via some kind of ACL policy (i.e., admins can set the cookie to any username value, otherwise just your own).
Environment
None
Assignee
Scott Cantor
Scott Cantor
Activity
Scott Cantor April 24, 2024 at 2:31 PM
Documentation done.
Scott Cantor April 23, 2024 at 7:47 PM
Notwithstanding my masterful UI skills, added a bare bones flow to manipulate the cookie.
As discussed with Phil, this has the non-terminating flow problem that most loop-back views will have, but other than adding a Finish button that lands you on a property-based URL, it’s not easily fixable.
Need to document a number of properties used for control over the flow. I didn’t bother including the auditing logic, as that doesn’t fit this really.
The flow has both a user-access policy check and an admin-access policy check and users can only store their own username in the cookie. Admins get a form field to set to whatever they want.
The view shows you the current state of the cookie if any.
We need an admin flow for user access to the guard coookie, and ideally also allowing it to be preset on a device by a third party via some kind of ACL policy (i.e., admins can set the cookie to any username value, otherwise just your own).