summaryrefslogtreecommitdiff
path: root/issues/authentication_authorisation
diff options
context:
space:
mode:
authorFrederick Muriuki Muriithi2023-09-06 11:55:48 +0300
committerFrederick Muriuki Muriithi2023-09-06 11:55:48 +0300
commitbcdc76450870f0d8f85548440ee79afc8f6e6433 (patch)
treefdd96485f63f618a7f4e94b920d457aad6e62c9b /issues/authentication_authorisation
parent994233926ea0715a0b8c477662f7798a14060d1b (diff)
downloadgn-gemtext-bcdc76450870f0d8f85548440ee79afc8f6e6433.tar.gz
New issue: Refactor the resources.
Diffstat (limited to 'issues/authentication_authorisation')
-rw-r--r--issues/authentication_authorisation/rework-resources-system.gmi25
1 files changed, 25 insertions, 0 deletions
diff --git a/issues/authentication_authorisation/rework-resources-system.gmi b/issues/authentication_authorisation/rework-resources-system.gmi
new file mode 100644
index 0000000..f3ba6f9
--- /dev/null
+++ b/issues/authentication_authorisation/rework-resources-system.gmi
@@ -0,0 +1,25 @@
+# Rework Resources
+
+## Tags
+
+* assigned: fredm
+* status: open
+* priority: medium
+* type: refactor, feature request, design change
+* keywords: auth, authorisation, resources, design change
+
+## Description
+
+The authorisation system uses the idea of "Resources" as its most basic model: users have privileges to act on resources.
+
+The problem is that this concept is not currently (as of 06 Sept 2023) implemented for the entire system: The only supported resources currently are:
+
+* Phenotype resources
+* Genotype resources
+* mRNA resources
+
+For the "system" itself, and "user groups" we have special cases to handle the user privileges.
+
+With the addition of case-attribute editing stuff, we also run into the issue where the current existing system is not generic enough, and the code thus needs yet another edge case.
+
+This means that there is a need to refactor the code to make the concept of a "resource" global, and any/all privileges a user has should act on a particular resource. We can then add the resource types/categories as we encounter them, without having to change most of the core code dealing with the authorisations.