-
Notifications
You must be signed in to change notification settings - Fork 243
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
User/Pipeline Permissions #25
Comments
Welcome @rmb938. Thanks a lot for your feedback. You are absolutely right! We need this definitively! If someone wants to pick up a challenge and wants to contribute: Welcome! |
IdeaSummaryAny software that allows user based authentication generally has a permission system. This is to allow granular access to specific resources. Gaia requires something like this so that we can control what users can do throughout the tool. I believe a simple policy based permission system (think simplified AWS IAM) would be a good solution. Concept
Example features/resourcesResources would be categorised into areas such as 'Pipeline' or 'Secret'
I expect we may eventually have more granular permissions that aren't just Create/Delete/Modify. That's why I have avoided just having Read/Write. We can also expand upon this to allow users specific access to certain resources. What do you guys think? Willing to jump on this 👍 |
@speza In my opinion that is exactly what we need! 😄
I think this is quite important, too. I often used this in jenkins and it would be awesome to have this in Gaia. I think we can also add this later in another PR but we should keep this in mind when we work now on the authorization system. Looking forward to see some work here from you! 🤗 |
In a multi-user environment it would be nice to have user permissions.
i.e only the admin can add/remove users.
It would also be useful to have pipeline permissions so the viewing/modification/triggering of a pipeline can be limited to a specific user or group of users.
This would also allow easy integration into SSO (single sign on) systems like OpenID Connect.
The text was updated successfully, but these errors were encountered: