Highlights
- Site roles, including site admin, now defined in Opa
- Program authorizations are defined in Opa's vault secret store
- User-specific program authorizations are defined in Opa's vault secret store
- Refactored rego policies and created unit tests
What's Changed
- DIG-1520: Site admin is a role defined in Opa, not in jwt by @daisieh in #51
- DIG-1518: Rego policies now based on ProgramAuthorizations by @daisieh in #52
- Interpolate default usernames from .env file instead of hardcoding by @daisieh in #53
- DIG-1546: Opa unit tests by @daisieh in #54
- DIG-1502: Opa implements user-specific authorizations by @daisieh in #55
- DIG-898: allow service_token to view user_key by @daisieh in #56
Full Changelog: v2.1.0...v2.2.0