This epic captures the work to improve the existing Gitpod Authorization and enable the capability to support fine grained authorization.
Context
Historically, the authorization model of gitpod is modelled around users and their team membership. In order to support Gitpod admins with finer-grained permissions, we also need to improve on our existing system.
Value
The Authorization Model is central to Gitpod operations. Without it, we cannot answer questions such as:
Does user X, have the ability to list workspaces of all members in a team?
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
Summary
This epic captures the work to improve the existing Gitpod Authorization and enable the capability to support fine grained authorization.
Context
Historically, the authorization model of gitpod is modelled around users and their team membership. In order to support Gitpod admins with finer-grained permissions, we also need to improve on our existing system.
Value
The Authorization Model is central to Gitpod operations. Without it, we cannot answer questions such as:
Tasks
Initial setup
Populating SpiceDB