Skip to content

ref(integration-platform): limit app management to managers/owners#25458

Merged
MeredithAnya merged 3 commits into
masterfrom
integrationplatform/managers-and-owners-only
Apr 21, 2021
Merged

ref(integration-platform): limit app management to managers/owners#25458
MeredithAnya merged 3 commits into
masterfrom
integrationplatform/managers-and-owners-only

Conversation

@MeredithAnya

@MeredithAnya MeredithAnya commented Apr 20, 2021
edited
Loading

Copy link
Copy Markdown
Member

Reduces scopes for creating and updating sentry apps (either public or internal) to Managers or Owners. Because sentry apps either have access to all projects or none, Members and Admins can create integrations that have project:read or event:read scopes and can access issue data that belongs to projects they are not apart of. This is fine for organizations with open membership (as any member can choose to join any team and therefore get access), however this is a security concern for closed membership organizations.

UI Tooltips:
Same tooltip for both the Public and Internal integration buttons, just with slightly different text:

Screen Shot 2021-04-20 at 11 25 48 AM

@MeredithAnya MeredithAnya requested review from a team and manuzope April 20, 2021 18:49
scefali
scefali reviewed Apr 20, 2021
View reviewed changes

@scefali scefali left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmmm what about admins? And why are we making this change?

scefali
scefali reviewed Apr 20, 2021
View reviewed changes
Comment thread static/app/views/settings/organizationDeveloperSettings/index.tsx
scefali
scefali reviewed Apr 20, 2021
View reviewed changes
Comment thread static/app/views/settings/organizationDeveloperSettings/index.tsx Outdated
>
{t('New Internal Integration')}
</Button>
<Access organization={organization} access={['org:integrations']}>

@scefali scefali Apr 20, 2021

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@MeredithAnya If we are excluding admins, I don't think this will work since admins have the org:integrations scope.

@MeredithAnya MeredithAnya Apr 20, 2021

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

oh yeah this needs to be org:write

@MeredithAnya

MeredithAnya commented Apr 20, 2021

Copy link
Copy Markdown
Member Author

Hmmm what about admins? And why are we making this change?

@scefali updated the PR description with more context

scefali
scefali approved these changes Apr 20, 2021
View reviewed changes

@scefali scefali left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@MeredithAnya MeredithAnya merged commit 1c91cd6 into master Apr 21, 2021
@MeredithAnya MeredithAnya deleted the integrationplatform/managers-and-owners-only branch April 21, 2021 15:14
@MeredithAnya MeredithAnya mentioned this pull request Apr 21, 2021
Merged
@BYK BYK mentioned this pull request Apr 22, 2021
Closed
@github-actions github-actions Bot locked and limited conversation to collaborators May 7, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@manuzope manuzope Awaiting requested review from manuzope

1 more reviewer

@scefali scefali scefali approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@MeredithAnya @scefali