-
Notifications
You must be signed in to change notification settings - Fork 5
Closed
12 / 1412 of 14 issues completedLabels
ulmoReleased in UlmoReleased in Ulmo
Description
Core implementation of roles and permissions.
Implements the backend system defined in the architecture phase. Depending on the chosen direction (centralized service or embedded library), the system will include the RBAC data models, permission logic, and integration with Open edX. Deliverables:
● RBAC data models, APIs, and logic
● Central service or embedded utility
● Test suite (TDD)
● ADRs for implementation decisions
● Developer integration documentation
Based on the user stories for the Libraries AuthZ MVP https://openedx.atlassian.net/wiki/spaces/OEPM/pages/5209980941/Scope+of+the+implementation+for+the+AuthZ+MVP+as+a+whole#User-stories-(flows)-we-are-going-to-cover these are the needs:
| User Story | Core Back Requirement |
|---|---|
| #46 | Method and endpoint to obtain all the users who have permissions over a resource (paginated) |
| #50 | Extend the method and endpoint to filter and sort the users who have permissions over a resource. |
| #48 | Method to obtain the role and its permission by user |
| #51 | Method and endpoint to obtain the available roles, their description, and their permissions categorized (the description could live in the app and the categorization too) |
| #53 | Aggregate the number of members of each role |
| #47 | CRUD over the assignments |
| #45 | CRUD over the assignments |
| #54 | CRUD over the assignments |
| #52 | Ask if it is related to allow_public_read openedx/frontend-app-authoring#1342 (Related to manage access and mfe communication with the apis: https://openedx.atlassian.net/wiki/spaces/OEPM/pages/5210112002/Open+edX+AuthZ+Framework+Long-Term+Vision?focusedCommentId=5229641738 ) |
Roadmap
- Create a solid model.conf to test Casbin with a use case close to what we'll implement.
- Build engine utilities for the Casbin-based authorization engine. This includes enforcers, adapters, matchers, and other Casbin-specific tools needed for our APIs.
- Develop APIs as the main interface to be used by services and our own REST APIs (this is our api.py).
- Add REST APIs which consume our api.py.
- API methods needed
- CRUD over the assignments (grants)
- Method and endpoint to obtain all the users who have permissions over a resource.
- Be able to filter and sort them
- Method and endpoint to obtain the available roles, their description, and their permissions.
- API methods needed
Reactions are currently unavailable
Sub-issues
Metadata
Metadata
Assignees
Labels
ulmoReleased in UlmoReleased in Ulmo
Type
Projects
Status
Done