diff options
Diffstat (limited to 'issues/authentication_authorisation')
| -rw-r--r-- | issues/authentication_authorisation/build-oauth2-client-registration.gmi | 17 | ||||
| -rw-r--r-- | issues/authentication_authorisation/migrate-user-accounts-from-redis.gmi | 26 |
2 files changed, 43 insertions, 0 deletions
diff --git a/issues/authentication_authorisation/build-oauth2-client-registration.gmi b/issues/authentication_authorisation/build-oauth2-client-registration.gmi new file mode 100644 index 0000000..1f83ced --- /dev/null +++ b/issues/authentication_authorisation/build-oauth2-client-registration.gmi @@ -0,0 +1,17 @@ +# Build Registration Page for OAuth2 Clients + +## Tags + +* assigned: fredm, zsloan, zachs +* priority: high +* status: pending +* keywords: authentication, authorisation, oauth2 +* type: feature request + +## Description + +There is a need to register the OAuth2 clients that users can use to access the GN3 service with the new auth system. + +## Related Topic(s) + +=> /topics/authentication/authentication-authorisation-design Authentication/authorisation design diff --git a/issues/authentication_authorisation/migrate-user-accounts-from-redis.gmi b/issues/authentication_authorisation/migrate-user-accounts-from-redis.gmi new file mode 100644 index 0000000..94b4e40 --- /dev/null +++ b/issues/authentication_authorisation/migrate-user-accounts-from-redis.gmi @@ -0,0 +1,26 @@ +# Migrate User Accounts from Redis to new Auth DB + +## Tags + +* assigned: fredm, zsloan, zachs +* priority: high +* status: pending +* keywords: authentication, authorisation, oauth2 +* type: feature request + +## Description + +Currently, on GN2, user details are stored in Redis. We need to migrate these to the new auth database (SQLite3) in order to be able to use that system. + +As part of that migration, we need that any particular user's privileges be maintained across all the resources they have access to - in the best possible way. + +### Notes + +* In GN2 resources are owned by users, in GN3, resources are owned by groups +* Resource owners can have a group created for them +* A newly created groups (as above) will contain those users with privileges ONLY for the resources in the group +* Any users with privileges that cross groups will be harder to handle, but are hopefully fewer + +## Related Topic(s) + +=> /topics/authentication/authentication-authorisation-design Authentication/authorisation design |