In the current setup, every user has access to every modules and every action.
We need to:
Allow a user to have one or multiple roles
The roles should be something like "Admin", "Viewer", "Warehouse Manager", etc,
An admin should be able to create, update or delete a role dynamically using API. --- UI - Future scope when we implement and admin portal
An admin should be able to assign a role to one or multiple users individually or in bulk
We need to define a set of permissions that dictate what actions users can perform. The actions should be linked to the modules routes. Eg: _list_farmers, get_farmer_details, edit_farmer_details, uploadfarmers, etc
Permission should be assigned to one or multiple roles
An admin should be able to create, update or delete a permission using API ---- UI - To be used on the future scope
Implement Role-Based Access Control where access is granted based on the roles assigned to the user.
Access control should be dynamic, allowing changes to roles and permissions to take effect without restarting the application and the user to logging out and logging in
The goal is to implement roles and permissions on the app for the existing users using library:
https://flask-user.readthedocs.io/en/latest/authorization.html
In the current setup, every user has access to every modules and every action. We need to: