Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enhancement: Granular client and project permissions #480

Open
wants to merge 15 commits into
base: master
Choose a base branch
from
Open

Enhancement: Granular client and project permissions #480

wants to merge 15 commits into from

Conversation

smcgu
Copy link
Contributor

@smcgu smcgu commented Jul 15, 2024

Issue

Non-privileged accounts are unable to create clients and projects. In some organizations, there are no (project) managers that set up clients and assign projects; non-privileged users are expected to create or re-use existing clients for new projects.

Description of the Change

  • Added a "View All Clients" permission. This allows non-privileged users to view all clients in the rolodex. This does not provide the ability to add, edit, or delete clients.
  • Added create, edit, and delete permissions for clients and projects. These permissions are (currently) linked (e.g, providing the client creation privilege means that a non-privileged user has the ability to create projects on any client). These changes follow those made previously for observations and findings.
  • Modified the project list function to return only assigned project for non-privileged users, instead of all projects associated with related clients.

Alternate Designs

Separating client and project permissions would likely require implementing some form of object ownership tracking. Creating project add/edit/delete permissions could lead to unintended consequences where an admin/manager could expect that the non-privileged user would only touch assigned clients, but the API would actually allow modifications to any clients. Setting up an ownership model where a non-privileged could create a client or project, then only modify that client or project would likely necessitate tracking ownership (and allowing changing of ownership).

So, linking the two for now seemed the safest from an expectation standpoint.

Possible Drawbacks

These permissions are still somewhat broad but they are an improvement from the existing alternative of non-privileged vs privileged/admin.

Verification Process

This setup has been merged and operating on a v4.2.1 Ghostwriter install. It has not been tested against 4.2.2.

Release Notes

  • Added a "View All Clients" permission.
  • Added create, edit, and delete permissions for clients and projects.
  • Restricted the project list functionality.

smcgu added 14 commits August 20, 2024 14:11
@smcgu
black and flake8 formatting
9fbf12c
@smcgu
Implement 'enable_client_list_all' permission
a96dc6e
@smcgu
Black formatting
d950936
@smcgu
Removed client_list and select_related from non-privileged project_list
70f1096
@smcgu
Removed select_related from privileged user project list
64f6b0e
@smcgu
Implemented permissions for add, edit, and deletion of clients
e5c0c32 
- Created "Allow Listing All Clients" permission
- Created "add", "edit", and "delete" permissions for clients
- Updated GraphQL permissions for the add/edit/delete permissions
- Created a migration file for adding default values
@smcgu
Black formatting
cdd1a11
@smcgu
Update client detail page to display edit/delete dropdown for non-pri…
fda5f1e 
…vileged users
@smcgu
black and flake8: rolodex/views.py
52a1d37
@smcgu
Django changes to base project permissions on client permissions
cb5cf62
@smcgu
Updated project detail page to display edit/delete hamburger for non-…
d88f762 
…privileged users
@smcgu
Updated GraphQL for project permissions
fcfb245
@smcgu
Fix delete_permissions check for client rolodex
c283d4a
@smcgu
Additional migration for user client permissions
7456837
@smcgu smcgu force-pushed the granular-client-permissions branch from a07097f to 7456837 Compare August 30, 2024 04:13
@chrismaddalena
Copy link
Collaborator

This PR looks neglected since conversations have happened in Slack, so I'm dropping a note here that we have changes to tighten up the RBAC in #500. I'll also review the changes in this PR, but based on our Slack conversations, it doesn't cover everything (e.g., project and client invites and a front-end for them).

PR #500 should be good but needs testing and review. It's been on the back burner for a minute because the RBAC changes are significant and will require a major release (e.g., v4.4) and an advanced warning so people can prepare. Nothing breaks, but it's likely to confuse people, so we will release it as something like v4.4-rc1. I didn't want to add the RBAC changes on top of the other significant changes in v4.3.0.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@smcgu @chrismaddalena