Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add RBAC to teams API #295

Closed
javihernandez opened this issue May 22, 2024 · 0 comments · Fixed by AlmaLinux/albs-web-server#883
Closed

Add RBAC to teams API #295

javihernandez opened this issue May 22, 2024 · 0 comments · Fixed by AlmaLinux/albs-web-server#883
Assignees
@amizhen
Labels
good first issue Good for newcomers
Milestone
Building custom p...

Comments

@javihernandez
Copy link
Member

javihernandez commented May 22, 2024
edited
Loading

Steps to reproduce:

  • Create a new product
  • Try adding a new member using the UI

Expected behavior: The user is added to the team/product
Current behavior: Trying to add a new member results in an 404: Forbidden error

UPDATE:
The problem is that only superusers are allowed to add/remove users, see https://github.com/AlmaLinux/albs-web-server/blob/master/alws/routers/teams.py#L21. For this reason, we should add RBAC to teams API.

AC:

  • Any active user is able to create a product/team
  • A team manager can add and remove users from teams
  • Only team managers can remove a product/team
  • As always, superusers are allowed to perform any action on teams
@javihernandez javihernandez changed the title Can't add members to my own product Add RBAC to teams API May 23, 2024
@javihernandez javihernandez added the good first issue Good for newcomers label May 23, 2024
@amizhen amizhen self-assigned this Jun 13, 2024
amizhen added a commit to amizhen/albs-web-server that referenced this issue Jul 1, 2024
@amizhen
Add RBAC to teams API : 295
9241287 
Resolves: AlmaLinux/build-system#295
* Anyone can now create teams/products, fixed unexpected 404 error during creation
* Team router dependency switched from get_current_super_user to get_current_user
* can_perform checks added to endpoints, updated routers to pass user
@amizhen amizhen mentioned this issue Jul 1, 2024
Merged
amizhen added a commit to amizhen/albs-web-server that referenced this issue Jul 1, 2024
@amizhen
Add RBAC to teams API : 295
df48c7c 
Resolves: AlmaLinux/build-system#295
* Anyone can now create teams/products, fixed 404 error during creation
* Team router dependency switched from super user to get_current_user
* can_perform checks added to endpoints, updated routers to pass user
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@amizhen amizhen

Labels
good first issue Good for newcomers
Projects
AlmaLinux Build System
Archived in project
Milestone
Building custom products
Development

Successfully merging a pull request may close this issue.

Add RBAC to teams API : 295 amizhen/albs-web-server
2 participants
@javihernandez @amizhen