Source code for ska_aaa_authhelpers.roles

from enum import Enum




[docs]
class Role(str, Enum):
    """
    Enum containing the IDs of special role-granting Groups
    defined in MS Entra ID.
    """

    ANY = "ANY"
    """
    Generic role automatically granted to all requests in addition to
    any specific roles derived from the access token.
    """

    APP2APP = "APP2APP"
    """
    Role for apps using the OAuth2 client credentials grant to make
    automated requests, rather than acting on behalf of the user.
    """

    # Entra ID group name: obs-integrationenvs-oauth2role-sweng
    SW_ENGINEER = "2d650a1e-dc34-4452-ab3b-15175d59e5d0"
    """
    Develops, maintains, and debugs software applications within SKAO.
    Member of any of the software development teams.
    """

    # Entra ID group name: obs-aa05-oauth2role-sweng
    PROD_SW_ENGINEER = "69d67c05-f536-481e-98b2-35c7f2254592"
    """
    Responsible for debugging issues live in a production environment
    """

    # Entra ID group name: low-aa05-oauth2role-teloperator
    LOW_TELESCOPE_OPERATOR = "47a4523e-6fbe-441d-914c-14c6ca01922e"
    """
    Schedules and executes an observing session on SKA-Low and ensure the
    correctness of science experiment data by controlling and monitoring
    telescope subsystems.
    """

    # Entra ID group name: mid-aa05-oauth2role-teloperator
    MID_TELESCOPE_OPERATOR = "405e6fd0-a361-447f-bb5e-9f6d03b2b474"
    """
    Schedules and executes an observing session on SKA-Mid and ensure the
    correctness of science experiment data by controlling and monitoring
    telescope subsystems.
    """

    # Entra ID group name: obs-integrationenvs-oauth2role-opsscientist
    OPERATIONS_SCIENTIST = "bdc4b862-882c-461a-a2a4-6f0ac89910c4"
    """
    Oversees the creation of the Project and SBDefinitions to achieve the Science aim.
    """

    # obs-oauth2role-opsproposaladmin
    OPS_PROPOSAL_ADMIN = "ce3627de-8ec2-4a35-ab1e-300eec6a0a50"
    """
    Individual who is able to perform all activities associated with proposals
    """

    # obs-oauth2role-opsreviewersci
    OPS_REVIEWER_SCIENCE = "05883c37-b723-4b63-9216-0a789a61cb07"
    """
    Individual who is able to provide a review of the science behind a proposal
    """

    # obs-oauth2role-opsreviewertec
    OPS_REVIEWER_TECHNICAL = "4c45b2ea-1b56-4b2d-b209-8d970b4e39dc"
    """
    Individual who is able to validate the feasibility of the technical aspects required
    for a proposal
    """

    def __str__(self):
        return self.value

    def __repr__(self):
        return f"{self.name}/gid:{self.value}"