Hey folks,
We've got a stakeholder piloting cBioPortal for their use case, and they have some need for role-based access control for individual studies. From my understanding, with the removal of built-in LDAP and a reliance on SAML/Keycloak for federated login, it appears there are two avenues for setting up access to individual studies:
1) manually set up roles and assign users in Keycloak, such that those users/groups are granted access to what they need.
2) insert group IDs into metadata when the studies are uploaded, coupled with creating such groups in Keycloak.
One thing they asked is whether it would be possible for individual users to easily select which groups/users have access to whatever studies. From my understanding, this is not possible beyond the above-mentioned study metadata?
Would it be possible to get some clarity on these points - e.g whether my understanding of the current state of the RBAC mechanism is indeed correct, and whether other avenues exist for users of the system to control access from the webapp itself?
Thanks!