Skip to content
This repository has been archived by the owner on Aug 27, 2024. It is now read-only.

EPIC | Authorization v1 #31

Open
maxyu1115 opened this issue Aug 28, 2023 · 0 comments
Open

EPIC | Authorization v1 #31

maxyu1115 opened this issue Aug 28, 2023 · 0 comments
Labels
epic Big goals that track many stories/smaller tasks
Milestone
v1.0

Comments

@maxyu1115
Copy link
Collaborator

maxyu1115 commented Aug 28, 2023
edited
Loading

Currently MeMaS does not check if the claimed user is authorized to do X. Even though we trust their claim of who the user is, we still need to verify if they have the rights/permissions to perform the action they request.

This at its early stages involve:

  1. CP APIs can only modify nodes below the user, such as user1 can have control over user1.A.B:C, but not over user2.X
  2. DP API memorize can only write to corpuses directly below the user (? To be debated if this is necessary)
  3. DP API recall can read only from corpuses that belong to the user, or belong to direct ancestors. Such as companyA.team1.user1 can read from the corpus companyA:C, but not companyA.team2:X.
  4. Enforce read/write permissions

TRACKS: #19, #25
@maxyu1115 maxyu1115 added the epic Big goals that track many stories/smaller tasks label Aug 28, 2023
@maxyu1115 maxyu1115 added this to the v1.0 milestone Aug 28, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
epic Big goals that track many stories/smaller tasks
Projects
None yet
Milestone
v1.0
Development

No branches or pull requests
1 participant
@maxyu1115