diff options
3 files changed, 45 insertions, 0 deletions
diff --git a/issues/authentication_authorisation/build-oauth2-client-registration.gmi b/issues/authentication_authorisation/build-oauth2-client-registration.gmi new file mode 100644 index 0000000..1f83ced --- /dev/null +++ b/issues/authentication_authorisation/build-oauth2-client-registration.gmi @@ -0,0 +1,17 @@ +# Build Registration Page for OAuth2 Clients + +## Tags + +* assigned: fredm, zsloan, zachs +* priority: high +* status: pending +* keywords: authentication, authorisation, oauth2 +* type: feature request + +## Description + +There is a need to register the OAuth2 clients that users can use to access the GN3 service with the new auth system. + +## Related Topic(s) + +=> /topics/authentication/authentication-authorisation-design Authentication/authorisation design diff --git a/issues/authentication_authorisation/migrate-user-accounts-from-redis.gmi b/issues/authentication_authorisation/migrate-user-accounts-from-redis.gmi new file mode 100644 index 0000000..94b4e40 --- /dev/null +++ b/issues/authentication_authorisation/migrate-user-accounts-from-redis.gmi @@ -0,0 +1,26 @@ +# Migrate User Accounts from Redis to new Auth DB + +## Tags + +* assigned: fredm, zsloan, zachs +* priority: high +* status: pending +* keywords: authentication, authorisation, oauth2 +* type: feature request + +## Description + +Currently, on GN2, user details are stored in Redis. We need to migrate these to the new auth database (SQLite3) in order to be able to use that system. + +As part of that migration, we need that any particular user's privileges be maintained across all the resources they have access to - in the best possible way. + +### Notes + +* In GN2 resources are owned by users, in GN3, resources are owned by groups +* Resource owners can have a group created for them +* A newly created groups (as above) will contain those users with privileges ONLY for the resources in the group +* Any users with privileges that cross groups will be harder to handle, but are hopefully fewer + +## Related Topic(s) + +=> /topics/authentication/authentication-authorisation-design Authentication/authorisation design diff --git a/topics/authentication/authentication-authorisation-design.gmi b/topics/authentication/authentication-authorisation-design.gmi index b5f912e..1085980 100644 --- a/topics/authentication/authentication-authorisation-design.gmi +++ b/topics/authentication/authentication-authorisation-design.gmi @@ -155,3 +155,5 @@ The following issues are related to this topic. => /issues/authorisation Clean Up Authorisation (contains extra info) => /topics/authentication/replace-hard-coded-auth-with-gn-proxy Replace Hard coded authentication with gn-proxy => /topics/authentication/user-info Put user info in the a/c name in the menu +=> /issues/authentication_authorisation/migrate-user-accounts-from-redis Migrate User Accounts from Redis to new Auth DB +=> /issues/authentication_authorisation/build-oauth2-client-registration Build Registration Page for OAuth2 Clients |