Uploaded image for project: 'Data Management'
  1. Data Management
  2. DM-5645

Add fine-grained authorization to ltd-keeper users

    Details

    • Templates:
    • Story Points:
      2.2
    • Epic Link:
    • Team:
      SQuaRE

      Description

      The initial MVP of ltd-keeper had all-or-nothing authentication; any user was effectively an admin user. It would be useful have fine grained roles that each API user could have (for example, one API user might be able to add a build, but not create an edition or product or add another user). The phases of this ticket at:

      1. Design a set of roles that cover current functionality
      2. Add these roles to the User DB model and user creation API
      3. Authorize users against these roles in specific API calls

        Attachments

          Container Issues

            Issue Links

              Activity

                People

                • Assignee:
                  jsick Jonathan Sick
                  Reporter:
                  jsick Jonathan Sick
                  Reviewers:
                  J Matt Peterson [X] (Inactive)
                  Watchers:
                  J Matt Peterson [X] (Inactive), Jonathan Sick
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  2 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved:

                    Summary Panel