-
Notifications
You must be signed in to change notification settings - Fork 20
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Permissions System Improvements #3845
Comments
I couldn't find any doco on how the permissions are supposed to work, or what permissions imply others etc. From the UI, here's some examples:
|
I see now I misunderstood Still, I guess that implies some docs are needed for UserView and other permissions. |
Empty groups and their impacts, this is a complex scenario we've had bugs related to empty groups and what people can do, would be good to not have that part of permissions be fragile / confusing. Related customer report here: https://help.octopusdeploy.com/discussions/problems/64481#comment_44233830 Empty projects groups can cause confusing, and make them think permission scoping is working as expected. |
Example of confusion listing permissions when by Projects (/Groups): Summary: User had |
Closing: we have newer issues / trello cards to cover specific requirements not already handled in 2019.1.0 |
This thread has been automatically locked since there has not been any recent activity after it was closed. If you think you've found a related issue, please contact our support team so we can triage your issue, and make sure it's handled appropriately. |
The permission system code has become difficult to manage, and would benefit from an overhaul.
Considerations
Complexity examples:
Implied / Extending Permissions
UserInvite
and who it's granted to. This one resulted in a CVE as it was deemed a permission escalation: Further restrict UserInvite action to those with TeamEdit and TeamCreate permissions #3864Going Forward
Permissions computed server side
This calculation impacts the set of API actions delivered to the requester. example: The
Links
collection would not contain theresource/{id}/delete
action if the requester didn't have the delete permission.The text was updated successfully, but these errors were encountered: