feat(security): add AuthDisableLoginOptions + DevAuthRoles for dev login bypass
This commit is contained in:
@@ -0,0 +1,18 @@
|
||||
using ZB.MOM.WW.OtOpcUa.Configuration.Enums;
|
||||
|
||||
namespace ZB.MOM.WW.OtOpcUa.Security.Auth;
|
||||
|
||||
/// <summary>
|
||||
/// The full canonical role set granted to the auto-login dev principal: every
|
||||
/// <see cref="AdminRole"/> plus the appsettings-only control-plane role "Operator"
|
||||
/// (required by the DriverOperator policy). Centralised so adding an AdminRole
|
||||
/// automatically widens the grant.
|
||||
/// </summary>
|
||||
public static class DevAuthRoles
|
||||
{
|
||||
/// <summary>Operator role string — not an <see cref="AdminRole"/> enum member; used by the DriverOperator policy.</summary>
|
||||
public const string Operator = "Operator";
|
||||
|
||||
/// <summary>All roles granted to the auto-login principal.</summary>
|
||||
public static readonly string[] All = [.. Enum.GetNames<AdminRole>(), Operator];
|
||||
}
|
||||
Reference in New Issue
Block a user