Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create grants for resources a user owns #1084

Closed
BruceMacD opened this issue Feb 25, 2022 · 1 comment
Closed

Create grants for resources a user owns #1084

BruceMacD opened this issue Feb 25, 2022 · 1 comment
Labels
kind/feature A request or change that improves functional suitability.

Comments

@BruceMacD
Copy link
Collaborator

BruceMacD commented Feb 25, 2022
edited
Loading

When a user creates a resource they should be automatically given a grant to that resource.

Ex:

User with ID 1234 should have the following grant:
{
    identity: u:1234,
    privilege: read,
    resource: infra.users.u:1234
}

Currently we just check if the user is calling requesting their own resource.

var db *gorm.DB
if user != nil && user.ID == userID {
	db = getDB(c)
} else {
	var err error
	db, err = requireAuthorization(c, "read", "infra.groups")
	if err != nil {
		return nil, err
	}
}

This pattern can be removed when users get grants on their own resources.
@jmorganca jmorganca added the kind/feature A request or change that improves functional suitability. label Feb 26, 2022
@BruceMacD
Copy link
Collaborator Author

Closing for now, will re-visit

@BruceMacD BruceMacD mentioned this issue Apr 7, 2022
Merged
9 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/feature A request or change that improves functional suitability.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jmorganca @BruceMacD