Closed hlminh2000 closed 3 years ago
@blabadi @ciaranschutte i checled with Minh, and this can go to QA
Yes! It's feature flagged so need an env update if you wanna test. It'll only work with the fake data cause real data doesn't have release stage yet
Would one of you be able to help moving this forward?
created this PR: https://github.com/icgc-argo/platform-api/pull/350
tests failed twice, and different tests each time, they seem flaky to me and related to the elastic search container lifecycle
the PR branch test passed but the branch tests failed, so definitely inconsistent
@hlminh2000 can we get this moved to the dev enviroment? Are there any blockers here?
failing test has been disabled in CI, latest has been released to QA. Access control is behind feature flag, so no behavior change is expected out of this release.
Detailed Description
This is to support this spec: https://wiki.oicr.on.ca/display/icgcargotech/File+Metadata+Access+Control
Possible Implementation
Use the updates from ego-token-utils above. Some pseudo-code (pending arranger investigation & implementation, please do a better job):
Conceptual, this is to achieve the following access model:
Expected Outcome
As a user, I can login and see only the data that i have permission to from an API query
To test this: