From ad0a58f0456107e87b483f39153a0905b69c62ba Mon Sep 17 00:00:00 2001 From: David Pacheco Date: Fri, 28 Jun 2024 11:32:22 -0700 Subject: [PATCH 1/4] fix up some IAM comments --- nexus/auth/src/authz/mod.rs | 2 +- nexus/types/src/external_api/views.rs | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/nexus/auth/src/authz/mod.rs b/nexus/auth/src/authz/mod.rs index 1c666d2296..36235b96b3 100644 --- a/nexus/auth/src/authz/mod.rs +++ b/nexus/auth/src/authz/mod.rs @@ -106,7 +106,7 @@ //! | | | +---------------+-----------+-------------+-------------+---+ | //! | | | | resource_type | role_name | resource_id | identity_id |...| | //! | | | +---------------+-----------+-------------+-------------+---+ | -//! | | | | "project " | "viewer" | 234 | 123|...| | +//! | | | | "project " | "viewer" | 123 | 234 |...| | //! | | | +--^------------+--^--------+----------^--+-----------^-+---+ | //! | | | | | | | | //! +-|-|----+ | | +------------+ diff --git a/nexus/types/src/external_api/views.rs b/nexus/types/src/external_api/views.rs index 8e2ee39c21..4cd123aa90 100644 --- a/nexus/types/src/external_api/views.rs +++ b/nexus/types/src/external_api/views.rs @@ -870,8 +870,8 @@ pub struct Group { /// View of a Built-in User /// -/// A Built-in User is explicitly created as opposed to being derived from an -/// Identify Provider. +/// Built-in users are identities internal the system, used when the control +/// plane performs actions on its own behalf #[derive(ObjectIdentity, Clone, Debug, Deserialize, Serialize, JsonSchema)] pub struct UserBuiltin { // TODO-correctness is flattening here (and in all the other types) the From 4d6614e470cb8c5f3ab374b5651d421be36bc608 Mon Sep 17 00:00:00 2001 From: David Pacheco Date: Fri, 28 Jun 2024 14:18:29 -0700 Subject: [PATCH 2/4] review feedback --- nexus/types/src/external_api/views.rs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nexus/types/src/external_api/views.rs b/nexus/types/src/external_api/views.rs index 4cd123aa90..e241f849ee 100644 --- a/nexus/types/src/external_api/views.rs +++ b/nexus/types/src/external_api/views.rs @@ -870,8 +870,8 @@ pub struct Group { /// View of a Built-in User /// -/// Built-in users are identities internal the system, used when the control -/// plane performs actions on its own behalf +/// Built-in users are identities internal to the system, used when the control +/// plane performs actions autonomously #[derive(ObjectIdentity, Clone, Debug, Deserialize, Serialize, JsonSchema)] pub struct UserBuiltin { // TODO-correctness is flattening here (and in all the other types) the From 16b8f301fd6920cf1942c1e989d0fb35892893b8 Mon Sep 17 00:00:00 2001 From: David Pacheco Date: Fri, 28 Jun 2024 14:24:36 -0700 Subject: [PATCH 3/4] fix openapi --- openapi/nexus.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openapi/nexus.json b/openapi/nexus.json index 339dd35fbe..bc826870de 100644 --- a/openapi/nexus.json +++ b/openapi/nexus.json @@ -19826,7 +19826,7 @@ ] }, "UserBuiltin": { - "description": "View of a Built-in User\n\nA Built-in User is explicitly created as opposed to being derived from an Identify Provider.", + "description": "View of a Built-in User\n\nBuilt-in users are identities internal the system, used when the control plane performs actions on its own behalf", "type": "object", "properties": { "description": { From 5c9b157b239843e6cb4399dcc36b2fec37b4cdce Mon Sep 17 00:00:00 2001 From: David Pacheco Date: Fri, 28 Jun 2024 14:30:40 -0700 Subject: [PATCH 4/4] fix more --- openapi/nexus.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openapi/nexus.json b/openapi/nexus.json index bc826870de..ac38d1703a 100644 --- a/openapi/nexus.json +++ b/openapi/nexus.json @@ -19826,7 +19826,7 @@ ] }, "UserBuiltin": { - "description": "View of a Built-in User\n\nBuilt-in users are identities internal the system, used when the control plane performs actions on its own behalf", + "description": "View of a Built-in User\n\nBuilt-in users are identities internal to the system, used when the control plane performs actions autonomously", "type": "object", "properties": { "description": {