Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature enhancement ft. access control #157

Open
kushagra189 opened this issue Nov 9, 2022 · 1 comment
Open

Feature enhancement ft. access control #157

kushagra189 opened this issue Nov 9, 2022 · 1 comment
Assignees
@kushagra189
Labels
priority: high High priority status: in progress Currently being worked on type flag: meta Generic issue that will spawn more specific issues type: maintenance Related to general repository maintenance workload: days Likely takes days to resolve
Milestone
v1.0.0

Comments

@kushagra189
Copy link
Contributor

kushagra189 commented Nov 9, 2022
edited
Loading

This issue is being created to cumulate all the subsequent pending issues with access control feature enhancement with the intent to track them all together. New issues, if required must be tagged under this.

Here are the intended flows of access control from the user and application perspective.

Client Application setup and superuser flow

permissions_flow

User resource interaction flow

User_permission_flow

Based on the above flows, the following tasks are pending in order to complete the feature requirements for access control implementation.

  • Implement default client for default permissions - Currently default permissions are handled at a hardcoded base path. However, this should be made configurable.
  • Enable super user configuration - A super user configuration needs to be supplied as a part of the existing access control configuration (listed under security definitions). Using this, a superuser/admin access can be created for all endpoints of the client application (including the permission endpoints)
  • Permission endpoints need to be protected - Currently permission endpoints are open and not decorated. Once the superuser/admin config is in place, we can enable the cabin authorization for these too.
  • Document client-specific user stories and supply pet-store examples for the same - For handling resource permission management, clients need to write their endpoint logic. For example, in case a user has access to create (POST) a resource, the latter should automatically have permission to update (PUT/PATCH) and delete (DELETE) resources in addition to fetching (GET) resources. This sort of user story needs to be documented so that onboarding applications can handle the logic for permission creation on their end.
  • Configurable identifiers for permissions - Low priority issue, but we need to provide a way to configure the identifiers used for storing permissions.
@kushagra189 kushagra189 added priority: critical Needs immediate attention status: in progress Currently being worked on type flag: meta Generic issue that will spawn more specific issues type: maintenance Related to general repository maintenance workload: days Likely takes days to resolve labels Nov 9, 2022
@kushagra189 kushagra189 self-assigned this Nov 9, 2022
This was referenced Nov 9, 2022
Open
Open
Open
Open
@uniqueg uniqueg moved this to Todo access control in FOCA release Dec 2, 2023
@uniqueg uniqueg added priority: high High priority and removed priority: critical Needs immediate attention labels Dec 2, 2023
@uniqueg
Copy link
Member

uniqueg commented Dec 2, 2023

Maybe you could turn this into a task list issue linking to the other access control-related issues, @kushagra189?

See https://docs.github.com/en/get-started/writing-on-github/working-with-advanced-formatting/about-task-lists

@uniqueg uniqueg added this to the v1.0.0 milestone Dec 2, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kushagra189 kushagra189

Labels
priority: high High priority status: in progress Currently being worked on type flag: meta Generic issue that will spawn more specific issues type: maintenance Related to general repository maintenance workload: days Likely takes days to resolve
Projects
FOCA release
Status: Todo access control
Milestone
v1.0.0
Development

No branches or pull requests
2 participants
@uniqueg @kushagra189