User personas MVC

Problem to solve

A user on .com has a single account of which they retain 100% ownership. The user has various relationships with organizations/groups, some of which want to make claim to partial/full ownership of the user's account, and its relationships with resources.

This is the crux of the problem in bringing Enterprise self managed installs over to .com

Intended users

  • Everyone with a .com account.
  • People that work within .com
  • Managers of people within .com

User experience goal

Automatic persona switching based on namespace.

  1. In the morning I visit open source project https://gitlab.com/mailman/mailman with my personal account
  2. When I get to work I visit /super-secret-co/secret-project
  3. I am prompted I don't have access, "click the SSO login to continue"
  4. Authorized through super-secret-co SSO
  5. Auto logged out of personal account
  6. Go home, visit /mailman/mailman
  7. I am prompted "logged in persona is restricted to /super-secret-co"
  8. I logout of my super-secret-co persona, and login to my .com persona

Proposal

  1. Introduce an Organization entity where we can offload some existing features that only apply to top level groups.
  2. Modify the auth pathway to integrate namespace, personas, and namespace policies
  3. Automatically switch persona (account switching) based on context

Screen_Shot_2020-05-22_at_10.32.48_am

Further details

This effort was decided after a meeting between @mushakov @jeremy @dblessing @alexpooley

Some use cases:

  • Acme co wants joe.smith to use their acme.co email address
  • Acme co wants joe to rename his account from "Furious D", to his full name "Joe Theodore Smith"
  • Acme co wants joe.smith to exist exclusively within /acme-co namespace
  • Acme co wants a complete audit trail of joe.smith activity

Permissions and Security

  • We will remain compatible with the existing security model
  • We will extend the model to incorporate persona in place of user for some contexts
  • Organization will receive permissions similar to Groups but will exhibit some power over persona sessions

Documentation

Availability & Testing

What does success look like, and how can we measure that?

Organization can enforce that a persona will only exist within their namespace.

What is the type of buyer?

Enterprise. Ultimate.

Is this a cross-stage feature?

Links / references

/cc @lmcandrew @jrreid

Edited by Alex Pooley