Pilot row and field level security for READ privileges of users for three roles - Githubissues

hackforla / peopledepot

A project to setup a datastore for people and projects at HackforLA. The link below takes you to the code documentation

https://hackforla.github.io/peopledepot/

GNU General Public License v2.0

5 stars 24 forks source link

Pilot row and field level security for READ privileges of users for three roles #286

Closed ethanstrominger closed 1 week ago

ethanstrominger commented 1 month ago

Overview

We are planning on including row and field-level security for tables. The required permissions need to be tested before implementation. Row and field level READ privileges for certain fields and roles will be implemented to prove feasibility.

Details

name	test case	requirement
globalAdmin	Can view and update all user info for all users, can create new users, and can de-activate users	.Can CRUD anything
adminProject	Can view and update all user info for users assigned to the project. Can not view users not related to a project which they are assigned. Cannot update users for projects for which they are not a project admin	Can Read and Update anything related to their assigned project
memberProject	Can read basic user info for users on the same project. Cannot update information.	Can Read anything related to their project that is visible

Action Items

implement code needed for FLS (tables, possibly models)
test Practice Lead project
[ ] create test cases for FLS

Resources/Instructions

Use cases and tests for FLS feasibility: https://github.com/hackforla/peopledepot/issues/150#issuecomment-2043688312
Tables and test data

ExperimentsInHonesty commented 1 month ago

Bonnie's comments moved to https://github.com/hackforla/peopledepot/issues/298