summaryrefslogtreecommitdiff
path: root/issues
diff options
context:
space:
mode:
Diffstat (limited to 'issues')
-rw-r--r--issues/authentication_authorisation/build-oauth2-client-registration.gmi17
-rw-r--r--issues/authentication_authorisation/migrate-user-accounts-from-redis.gmi26
2 files changed, 43 insertions, 0 deletions
diff --git a/issues/authentication_authorisation/build-oauth2-client-registration.gmi b/issues/authentication_authorisation/build-oauth2-client-registration.gmi
new file mode 100644
index 0000000..1f83ced
--- /dev/null
+++ b/issues/authentication_authorisation/build-oauth2-client-registration.gmi
@@ -0,0 +1,17 @@
+# Build Registration Page for OAuth2 Clients
+
+## Tags
+
+* assigned: fredm, zsloan, zachs
+* priority: high
+* status: pending
+* keywords: authentication, authorisation, oauth2
+* type: feature request
+
+## Description
+
+There is a need to register the OAuth2 clients that users can use to access the GN3 service with the new auth system.
+
+## Related Topic(s)
+
+=> /topics/authentication/authentication-authorisation-design Authentication/authorisation design
diff --git a/issues/authentication_authorisation/migrate-user-accounts-from-redis.gmi b/issues/authentication_authorisation/migrate-user-accounts-from-redis.gmi
new file mode 100644
index 0000000..94b4e40
--- /dev/null
+++ b/issues/authentication_authorisation/migrate-user-accounts-from-redis.gmi
@@ -0,0 +1,26 @@
+# Migrate User Accounts from Redis to new Auth DB
+
+## Tags
+
+* assigned: fredm, zsloan, zachs
+* priority: high
+* status: pending
+* keywords: authentication, authorisation, oauth2
+* type: feature request
+
+## Description
+
+Currently, on GN2, user details are stored in Redis. We need to migrate these to the new auth database (SQLite3) in order to be able to use that system.
+
+As part of that migration, we need that any particular user's privileges be maintained across all the resources they have access to - in the best possible way.
+
+### Notes
+
+* In GN2 resources are owned by users, in GN3, resources are owned by groups
+* Resource owners can have a group created for them
+* A newly created groups (as above) will contain those users with privileges ONLY for the resources in the group
+* Any users with privileges that cross groups will be harder to handle, but are hopefully fewer
+
+## Related Topic(s)
+
+=> /topics/authentication/authentication-authorisation-design Authentication/authorisation design