Re: Role based access control discussion

Поиск
Список
Период
Сортировка
От Aditya Toshniwal
Тема Re: Role based access control discussion
Дата
Msg-id CAM9w-_kjvSGfZ+K1qFABhYfE0kCJ0gDWU3ZyT-Ywb0AEX8=3eg@mail.gmail.com
обсуждение исходный текст
Ответ на Re: Role based access control discussion  (Dave Page <dpage@pgadmin.org>)
Ответы Re: Role based access control discussion
Список pgadmin-hackers
Дерево обсуждения
Hi Dave,

On Thu, Mar 13, 2025 at 3:36 PM Dave Page <dpage@pgadmin.org> wrote:
Hi

On Thu, 13 Mar 2025 at 06:16, Aditya Toshniwal <aditya.toshniwal@enterprisedb.com> wrote:
Hi Hackers,

I have started looking into a feature where users have requested for custom roles. The roles can then be assigned permissions. Here's what I think how it can be done:
  1. Create a framework for roles based access control.
  2. Allow adding/editing/deleting roles from UI.
  3. User management dialog can be converted to a tab to get extra space for other stuff.
  4. pgAdmin can have some predefined permissions. The permissions can then be used to validate at the API levels and UI.
  5. New permissions cannot be added from UI as it will require code changes. They can be added based on user requests.
  6. Admin can allow these permissions to the roles and roles can be assigned to users.
  7. Permissions will be used to 
  8. Admin role remains static with no changes allowed.
Let me know your thoughts on this. If everything looks good then I will proceed.

What permissions would we support initially?

Based on https://github.com/pgadmin-org/pgadmin4/issues/7310, we can start with not allowing users to register a server. We'll start 1 or 2 may be, the intention is to create a framework which will allow us to keep adding permissions on future requests.


--
Thanks,
Aditya Toshniwal
pgAdmin Hacker | Sr. Staff SDE II | enterprisedb.com
"Don't Complain about Heat, Plant a TREE"

В списке pgadmin-hackers по дате отправления: