More granular permissions #116

w-le · 2021-03-19T03:56:53Z

A current project utilises Zone.metadata as a store for application specific data
Non system admins using a non admin frontend app will be updating Zone.metadata.

Should we just find a new home for this kind of application specific (and often completely custom) persistent data? Or should it remain in places like zone/system metadata?
If we keep this data in zone/system metadata, then we want to allow specific users or groups to be able to edit that zone.metadata (ideally even specific zone.metadata KEYS), without granting them sys_admin access

MrYuion · 2021-03-19T04:05:48Z

@w-le, metadata is already standalone technically, though it is normally associated with a zone/system.

caspiano · 2021-09-16T02:53:13Z

Closed by #169

caspiano · 2021-09-16T02:54:50Z

@w-le We can now issue scopes based on controllers.
For this case, you can issue zones.read.

@tassja Interested in your thoughts on this.

tassja · 2021-09-16T03:28:08Z

It looks like they would need to edit? so zones.write ?

w-le added the enhancement label Mar 19, 2021

kimburgess added type: enhancement new feature or request and removed enhancement labels Mar 30, 2021

caspiano added the priority: medium label Apr 22, 2021

caspiano assigned caspiano and stakach Apr 27, 2021

caspiano removed their assignment Jul 16, 2021

caspiano assigned tassja Sep 16, 2021

caspiano closed this as completed Sep 16, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

More granular permissions #116

More granular permissions #116

w-le commented Mar 19, 2021

MrYuion commented Mar 19, 2021

caspiano commented Sep 16, 2021

caspiano commented Sep 16, 2021

tassja commented Sep 16, 2021

More granular permissions #116

More granular permissions #116

Comments

w-le commented Mar 19, 2021

MrYuion commented Mar 19, 2021

caspiano commented Sep 16, 2021

caspiano commented Sep 16, 2021

tassja commented Sep 16, 2021