Implement rbac permissions for multi tenants - #2663
Ticket(s) / Related Merge Requests
Summary of Changes
Implements RBAC for multi tenants to assign roles and permissions
Testing Considerations
Queries:
query {
allRoles {
id
name
permissions
}
allPermissions
assignedRoles {
id
name
permissions
}
assignedPermissions
}
Response:
{
"data": {
"allRoles": [
{
"id": 0,
"name": "OWNER",
"permissions": [
"CAN_ASSIGN_PERMISSIONS",
"CAN_UPLOAD_VIDEO"
]
},
{
"id": 1,
"name": "ADMIN",
"permissions": [
"CAN_BOOST"
]
},
{
"id": 2,
"name": "MODERATOR",
"permissions": [
"CAN_CREATE_POST",
"CAN_COMMENT",
"CAN_CREATE_GROUP",
"CAN_UPLOAD_VIDEO",
"CAN_INTERACT",
"CAN_BOOST"
]
},
{
"id": 3,
"name": "VERIFIED",
"permissions": [
"CAN_CREATE_POST",
"CAN_COMMENT",
"CAN_CREATE_GROUP",
"CAN_UPLOAD_VIDEO",
"CAN_INTERACT",
"CAN_BOOST"
]
},
{
"id": 4,
"name": "DEFAULT",
"permissions": [
"CAN_CREATE_POST"
]
}
],
"allPermissions": [
"CAN_CREATE_POST",
"CAN_UPLOAD_VIDEO",
"CAN_COMMENT",
"CAN_INTERACT",
"CAN_CREATE_GROUP",
"CAN_BOOST",
"CAN_ASSIGN_PERMISSIONS"
],
"assignedRoles": [
{
"id": 0,
"name": "OWNER",
"permissions": [
"CAN_ASSIGN_PERMISSIONS",
"CAN_UPLOAD_VIDEO"
]
},
{
"id": 4,
"name": "DEFAULT",
"permissions": [
"CAN_CREATE_POST"
]
}
],
"assignedPermissions": [
"CAN_ASSIGN_PERMISSIONS",
"CAN_UPLOAD_VIDEO",
"CAN_CREATE_POST"
]
}
}
Mutations:
mutation {
assignUserToRole(userGuid: "1570837478858821634", roleId:1) {
id
name
permissions
}
unassignUserFromRole(userGuid: "1570837478858821634", roleId:1)
setRolePermission(
permission: CAN_BOOST,
roleId: 1,
enabled: true
) {
permissions
}
}
Deployment Considerations
CREATE TABLE IF NOT EXISTS minds_role_permissions(
`tenant_id` int,
`permission_id` varchar(64),
`role_id` tinyint,
`created_at` timestamp DEFAULT CURRENT_TIMESTAMP(),
PRIMARY KEY (`tenant_id`, `permission_id`, `role_id`)
);
CREATE TABLE IF NOT EXISTS minds_role_user_assignments(
`tenant_id` int,
`role_id` tinyint,
`user_guid` bigint,
`created_at` timestamp DEFAULT CURRENT_TIMESTAMP(),
PRIMARY KEY (`tenant_id`, `role_id`, `user_guid`)
);
Regression Scope
Platform Affected (web, mobile, etc)
Developer Testing Completed
Screenshots / Screen Recording
Does this impact
-
Localization -
Dark/light mode -
Guest mode
Definition of Done Checklist
-
The Acceptance Criteria has been met -
Code is tested: Testing includes unit/spec, E2E/automated and manual testing -
Merge requests description has been filled out
Edited by Olivia Madrid