Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Implement access control #22

Open
uniqueg opened this issue Nov 7, 2022 · 0 comments
Open

Implement access control #22

uniqueg opened this issue Nov 7, 2022 · 0 comments
Assignees
Labels

Comments

@uniqueg
Copy link
Member

uniqueg commented Nov 7, 2022

FOCA now adds support for Casbin-based access control on the development branch. Configure access control for the ELIXIR Cloud Registry in the following way:

  • Anyone has read permissions (i.e., they can access all GET endpoints)
  • Any authenticated user can create (POST) resources (i.e., add services); they may be able to use PUT as well, as long as a resource with that ID does not yet exist
  • After creating a resource, a user becomes a resource Owner
  • Resource Owners can edit (PUT) and delete (DELETE) existing resources
  • Resource Owners can change the permissions of other others: in particular, they can make other users Owners or Maintainers
  • Resource Maintainers can edit (PUT) but not delete (DELETE) existing resources
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
Status: In Progress
Development

No branches or pull requests

2 participants