Allow custom auth file to define valid roles

confluent_server/confluent/auth.py

@@ -125,6 +125,9 @@ def add_roles(_allowed,_denied):
         loaded_file = yaml.safe_load(stream)
         try:
             allowed_loaded = loaded_file["allowedbyrole"]
+            for role in allowed_loaded:
+                if role not in configmanager._validroles:
+                    configmanager._validroles.append(role)
         except:
             pass
         try:

confluent_server/confluent/config/configmanager.py

@@ -127,7 +127,7 @@ _attraliases = {
     'bmcpass': 'secret.hardwaremanagementpassword',
     'switchpass': 'secret.hardwaremanagementpassword',
 }
-_validroles = ('Administrator', 'Operator', 'Monitor', 'Stub')
+_validroles = ['Administrator', 'Operator', 'Monitor', 'Stub']
 
 membership_callback = None