Analysis: access management and rights delegation in Studio (post MVP 01)

[AnneThorseng]

Functional architect/designer: @-mention Technical architect: @-mention

Description As a organisation admin person I need to control who can work on my services.

Issue #372 describes how access management and rights delegation will be done in MVP through basic gitea fuctionality. There might be a need for more granulated access controls, this should be investigated/discussed in more detail. E.g. if there is a need to distinguish between different operations, not just read/write on the repo.

Sketch (if relevant) (Screenshot and link to Figma, make sure your sketch is public!)

Navigation from/to (if relevant) This functionality is reached from...

Technical considerations Input (beyond tasks) on how the user story should be solved can be put here.

Acceptance criterea

• What is allowed/not allowed
• Validations
• Error messages and warnings
• ...

Tasks

• [ ] Example task
• [ ] Possible in git to separate beween test (everyone should do that) and migrate to production? E.g. contributor, release manager?
• [ ] Speak to Altinn digitalisering (Alise)
• [ ] Potential granulation of rights (create, develop different pieces, push changes, deploy to different environments?)

-[ ] Mulig: alle kan deploye til register, men kun administrator for tjenesteeier kan deploye ut derfra.

[GGunnar]

Analysis is completed and ready for review, have documented the results here: https://confluence.brreg.no/x/09qRBg Will revise the tasks after review. Issue https://github.com/Altinn/altinn-studio/issues/250 will be duplicate

[gudrunvigerustfuru]

review scheduled 25.01

[GGunnar]

Review completed today. Resulting ppt is available here https://confluence.brreg.no/x/09qRBg with updates from the meeting.

Resulted in new issues here: #947 #948 #949 #950 #951 #952 #953 The first 3 issues should be looked at first, especially #947.