Technical Discovery for Custom Permissions MVC
Purpose
The purpose of this issue is to try to eliminate unknowns about technical constraints that may exist when we go to tackle our MVC for customizable roles and permissions.
MVC Definition
The MVC has 2 parts:
-
Existing Permissions table is currently static. This will be updated to be dynamically generated by code, leaving the code as the SSOT for Permissions.
-
Users can create a new role that uses
Guest
as a template. The only customizable permission isdownload source code
(enabled or not). Ideally, this would beview source code
only, but we are reliant on groupsource code splitting view and download into 2 permissions first. Depending on LoE, we can make this API only to start with.
#350192 (closed)
Designs:Deliverable For This Issue
- Technical task breakdown, complete with weight, to complete the MVC above.
- Any areas where we could compromise on the MVC definition to deliver more quickly
- Any areas we absolutely cannot/should not compromise
- Technical constraints - an understanding of if entire underlying permissions architecture will need to be changed, and timeline for how this wilneed to be done (ex: will all architecture need to be done before we can start delivering user value?
Edited by Hannah Sutor