Short Description

In addition to the non-standardized role types (weak, strong, anonymous, guest, normal), a user can also be assigned further "dynamic roles". These roles are loaded from Acta Nova.

Furthermore, CMS pages can be protected by dynamic roles to control access according to the assigned roles.

The following example illustrates the functionality: In this case, the dynamic roles are "Employee of Department xxx" and "Administrative Administrator".

dynamische Rollen Beispiel

The following section illustrates how to activate the "Dynamic Roles" feature.

Activate Feature

1. Acta Nova Plugin Configuration

You can either manually change the variable in mesh/plugins/acta-nova-plugin/features.yml:

feature_load_user_roles_from_acta_nova:
  enabled: true

Or you can activate the function via the environment variable (ENV): Set ACTA_NOVA_PLUGIN_FEATURE_LOAD_USER_ROLES_FROM_ACTA_NOVA to true.

2. Changes in the Keycloak Plugin

The endpoint for user metadata must be adjusted here.

Change the variable actaNovaUserMetadataEndpoint in the file mesh/plugin-src/andp-keycloak-plugin/config.yml:

actaNovaUserMetadataEndpoint: "/{ProjectName}/plugins/acta-nova/getUserMetadata"

Alternatively, you can change the variable via the environment variable (ENV): Set ENV_ACTA_NOVA_USER_METADATA_ENDPOINT to /{ProjectName}/plugins/acta-nova/getUserMetadata.