Open Leeingnyo opened 2 years ago
Thanks for the write-up! I like the design and agree with all points. A few comments:
mango admin
CLI tool. But this is a secondary feature and can come after what you proposed.separateOverall this looks like a big task, so maybe it will be helpful to split it into multiple smaller issues so they are easier to develop and track. If you are interested we can then each pick one or more sub-tasks to work on :)
@hkalexling Thanks for the comments!
library.allow.directory:/path/to/allow
and for tag, library.allow.tag:allowed-tag
. or, we could add a column data
to user_permissions
table instead of using :data
on permission name. Actually, since I'm the only user to use the Mango of my own server, I don't need that feature strongly anymore though 😆 BTW I think this can also cover #300
Could you explain more about that?
Oops sorry on second thought that doesn't make sense. A user should be able to change their own password regardless the of permission level. I must be drunk when writing the comment XD
We can also have separate permissions for creating/viewing/managing subscriptions. Currently only admin users have access to these
Currently, the admin permission of Mango is all-or-nothing. There are many requests for splitting admin permissions (https://github.com/getmango/Mango/issues/249, https://github.com/getmango/Mango/issues/66) (just 2?).
Current features that requires an admin permission
Features that would require an permission
If there is anything that you think it's an action that requires permission, please comment freely! Some features I listed would be questionable that they are proper to be subdivided.
Suggestion
A user whose
is_admin
istrue
has a full permission (A current behavior isn't changed), others would be checked if they have a permission to do. Permissions are represented as a string such as 'library.all' (full permission on library related), 'chapter.download' (only able to download chapters).Implementation Plan
user_permissions
table.This will be better than adding boolean columns by each permission to the user table.
AuthHandler
)Migration
go ->
create an empty
permissions
table preserve theis_admin
column<- back
drop the
permissions
table preserve theis_admin
columnUI
In user management page (admin only?) there is a permission section to see and to change permission of selected user. use the above
permission_map
to make a table.Please comment freely about this issue!