search

ga4gh / ga4gh-server

Reference implementation of the APIs defined in ga4gh-schemas. RETIRED 2018-01-24
http://ga4gh.org
Apache License 2.0
96 stars 93 forks source link

Authorisation by datasets #473

Open jeromekelleher opened 9 years ago

jeromekelleher commented 9 years ago

Now that we have authentication via OIC, it's time to start thinking about authorisation of users to access data. A simple model is as follows:

  1. All authenticated users can access References and the index page;
  2. We specify (in our Flask configuration) a white-list of users to datasets.

We can make something more sophisticated later, but this will be enough to get us started. This issue is partially blocked by our handling of multiple dataset (which is currently poor --- see #453), and so can't be closed until this is resolved.

david4096 commented 7 years ago

A simple authorization model is presented in https://github.com/ga4gh/server/pull/1470