There is no way to pre-load user/role list other than admin

[benzvan]

I would like a way to pre-load/bulk-load user roles at build/deploy time via an environment variable.

Example

HUBOT_AUTH_ROLES="role1:user1,user2,user3;role2:user1,user2,user3"

This could be handled similarly to the HUBOT_ADMIN_USERS environment variable.

Happy to do a PR for this. Happy to take input on variable format and separators.

[chaselee]

This was actually added in #32. BUT from what I can tell it's not working. You look on master now and this code is gone. You look in the latest release tag, and it's not there either. If we can get this situation sorted out, this issue will be resolved.

[benzvan]

I could re-create #32 and resubmit it...

[chaselee]

Might want to ping one of the maintainers first, but it couldn't hurt.

[ShipraShalini]

Has this been implemented? I am looking for something like this for my project.

[benzvan]

I don't think so. I ran into technical problems re-creating #32.

I ended up writing my own local auth plugin that reads a json file to populate its own user list. I used robot.brain.userForId(slack_id) to create a reference to the slack user ID. I'm only using the hubot-auth plugin for the admin user.

[jtomaszon]

@benzvan could you please share that code? I’m looking for some auth plugin working with Slack too!
Thank you!

[benzvan]

Honestly, I would do it differently if I was starting now. I would use an oauth integration to require users to log into SSO and store their remote information in the on-board user object. That way you know you're using the correct mapping. Ideally there would be some shared information about that user, like email address, that hubot would use to verify the oauth response matches the user.

Here's a rough idea of how I implemented an internal data map between one external system's IDs and slack's IDs. https://gist.github.com/benzvan/580fffd7aea7963e99e5da3f925fd952