Allow only administrators to add APIs to a deployment

[bajiat]

The point to limit that anyone can't add any kind of API can be in other way also: To limit only Admin to be able to add API.

Definition of done

• There is a setting where admins can select that only admins can add APIs in this deployment.
• When admin has selected this admin only setting
  • The link to Add API is not visible to other type of users than admins.
  • Other users than admins don't have insert privileges on the APIs collection.

Wireframe

One more suggestion if there are future needs to implement more privileges based on user roles.
There can be a separate module named "User Role and Privileges"
This view would contain access privileges to different APINF users (Admin, API Owner, API Consumer) as radio buttons.
N - non accessible
R - Only view mode
W - View and Edit

Once a new privilege is introduced, this can be added in all three role panes.

[bajiat]

@frenchbread Would you be interested in this task?

[frenchbread]

@bajiat self-assigned

[Nazarah]

@frenchbread : (from rocket chat, based on your sample wireframe)

Rename the header as "Access to API"

I think that in upcoming times, there would be other access privileges specific to roles.
So should any privilege for a role can be selected with radio buttons? with N - NONE, R - READ and W - WRITE accesses?
this could be added as a separate view called Role Privileges under Settings

[Nazarah]

@frenchbread wireframes added as you suggested.
Also added the wireframe to arrange privileges specific to user roles.

[bajiat]

@Nazarah Let's keep this simple for starters. So let's only do the simple setting now (first wireframe). I would rename it: "Access to API" to "Adding APIs" or "Publishing APIs"

The second wireframe we would consider later. For clarity, I would not include it in this issue. (Also, I do not understand the combination "Adding an API" and Read privilege.)