Add docs for fine-grained permissions from keycloak

[aktech]

Reference Issues or PRs

Relevant implementation

• Parse and insert keycloak roles scopes into JupyterHub nebari#2471
• Conda-store permissions v2 + load roles from keycloak nebari#2531

What does this implement/fix?

Put a x in the boxes that apply

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds a feature)
• Breaking change (fix or feature that would cause existing features not to work as expected)
• Documentation Update
• Code style update (formatting, renaming)
• Refactoring (no functional changes, no API changes)
• Build related changes
• Other (please describe):

Testing

• Did you test the pull request locally?
• Did you add new tests?

Documentation

Access-centered content checklist

Text styling

• The content is written with plain language (where relevant).
• If there are headers, they use the proper header tags (with only one level-one header: H1 or # in markdown).
• All links describe where they link to (for example, check the Nebari website).
• This content adheres to the Nebari style guides.

Non-text content

• All content is represented as text (for example, images need alt text, and videos need captions or descriptive transcripts).
• If there are emojis, there are not more than three in a row.
• Don't use flashing GIFs or videos.
• If the content were to be read as plain text, it still makes sense, and no information is missing.

Any other comments?

[netlify]

✅ Deploy Preview for nebari-docs ready!

Name	Link
🔨 Latest commit	f1269b2
🔍 Latest deploy log	https://app.netlify.com/sites/nebari-docs/deploys/6691aa9677b9070008dcbb41
😎 Deploy Preview	https://deploy-preview-480--nebari-docs.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[kcpevey]

I had some follow up questions but also, I'm still a little confused on the difference between Client and component. Can you add more detail explaining that somewhere?

[kcpevey]

Are admin and developer roles that exist within conda-store itself? Or are those admin and developer as we know it within Nebari's keycloak groups?

What does permissions do admin and developer have? In other words, read/write/delete access?

And depending on how you'd answer those questions, more details around what that means within the namespace would be helpful as well. i.e. Can this user now read/create/delete environments in the namespace?

[aktech]

Are admin and developer roles that exist within conda-store itself? Or are those admin and developer as we know it within Nebari's keycloak groups?

Yes they do exists in conda-store: viewer, developer (or editor), admin

What does permissions do admin and developer have? In other words, read/write/delete access?

What does permissions do admin and developer have? In other words, read/write/delete access?

admin has full access and developer (also same as editor) has edit access, here is the full list: https://github.com/conda-incubator/conda-store/blob/67a4860ac5d9cf33285b5641e5dbb3b9ce61b1c7/conda-store-server/conda_store_server/server/auth.py#L146

And depending on how you'd answer those questions, more details around what that means within the namespace would be helpful as well. i.e. Can this user now read/create/delete environments in the namespace?

I'll add a few line summary and point to conda-store if that make sense.

[kcpevey]

Yeah I think that sounds like a good solution

[Adam-D-Lewis]

I agree about the images being hard to see. I find that if I make my browser window half the width of the monitor, then take the screenshot that it helps make the screenshot less wide (more squarish) and easier to see.

[viniciusdc]

@kcpevey @aktech I changed the images so that they show up better on each platform now, I tested both on my Linux an Mac, and it looks good. Looking forward for your comments as well.

[kcpevey]

Looks much better now! For the record - what did you do?