You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We want to allow certain users to see what normal accounts can see.
Use case: Our customer is the supplier to a bunch of other (client) accounts on the server. They should have read-only access to some accounts. At least this is the first step. So they can oversee what happens, for instance for servicing questions and problems.
One easy way for this to happen is giving the account an account-role <client>-watcher or similar. If this role is present, our central auth policy (see e.g. #200) should wave them through if the permission is "read".
This is not thought-through sufficiently yet.
For instance, what if some of the super-account's users deal with one group of client accounts, some with others?
The text was updated successfully, but these errors were encountered:
We want to allow certain users to see what normal accounts can see.
Use case: Our customer is the supplier to a bunch of other (client) accounts on the server. They should have read-only access to some accounts. At least this is the first step. So they can oversee what happens, for instance for servicing questions and problems.
One easy way for this to happen is giving the account an account-role
<client>-watcher
or similar. If this role is present, our central auth policy (see e.g. #200) should wave them through if the permission is "read".This is not thought-through sufficiently yet.
For instance, what if some of the super-account's users deal with one group of client accounts, some with others?
The text was updated successfully, but these errors were encountered: