search

eHealthAfrica / direct-delivery-dashboard

Dashboard for the direct delivery management system
http://dev-dd.ehealth.org.ng/
Other
5 stars 8 forks source link

User management depends on being a CouchDB admin #169

Open tlvince opened 8 years ago

tlvince commented 8 years ago

Middleware approach https://github.com/tlvince/recliner

tlvince commented 8 years ago

Kazana/Hoodie/React approach: https://github.com/eHealthAfrica/kazana-account-app

tlvince commented 8 years ago

@gr2m's (hey Gregor! :wave:) thing https://github.com/gr2m/couchdb-user-management-app

tlvince commented 8 years ago

Bearer plugin for Hapi (use Hapi as a reverse proxy): https://github.com/eHealthAfrica/hapi-couchdb-auth-bearer-plugin

tlvince commented 8 years ago

More Hoodie bits:

tlvince commented 8 years ago

Corresponding issue for Call Centre (and GN connect): https://github.com/eHealthAfrica/sl-ebola-call-admin/issues/1026

tlvince commented 8 years ago

@jofomah do you think we can get away with having user management in a separate app? Maybe admin-dd.ehealth.org.ng?

tlvince commented 8 years ago

@janetbutts think we'll need to look at this before releasing. In short, if CouchDB's security is set up properly, then users page will not work, including for super users unless the user is a "real" CouchDB admin user. Handing out CouchDB admin credentials is a bad idea security wise. One immediate solution is to introduce a middleware layer between the app and CouchDB that proxies user management actions. Otherwise, we have a generic CouchDB user management app that could be repurposed, but would need to live on its own address e.g. admin-dd.ehealth.org.ng. (edit: this will still require giving CouchDB admin credentials to our super users).

janetbutts commented 8 years ago

@tlvince , agreed that we do not want dashboard users to also be couchdb admins. what is the effort involved with this middleware layer? is this a show stopper for the release?

tlvince commented 8 years ago

Most of the middleware service work preexists (see above), so I don't estimate more than a day of integration. However, coordination with ops for deployment may take some time, depending on their schedule.

That said, the fact that this currently works in dev suggests to me CouchDB's security has not been set up correctly. I will review and also check stage and prod.

tlvince commented 8 years ago

Working on this.

janetbutts commented 8 years ago

@tlvince, this will get tabled until the next release. for right now, we will just hide the security tab (#321).

tlvince commented 8 years ago

Un-assigning for now.