search

openpantry / open_pantry

A management system for pantry programs to help people eat healthy meals with dignity
http://www.masbia.org/pantry
MIT License
63 stars 20 forks source link

Create Admin users with control over one or more facilities #167

Open bglusman opened 6 years ago

bglusman commented 6 years ago

Currently our users are exclusively guests, authenticated via Guardian JWT links, and we use a basic auth hex module to manage admin areas of the site with a single login.

PR #161 adds multi-facility support, but adminsitration is still global. We either need to extend some users with limited admin priveleges and provide a proper login based authentication for them (while maintaining some users who do not have email etc for JWT/link based login), or make a new admin type of user managed seperately. Whoever tackles this can decide best approach, but probably using https://github.com/smpallen99/coherence or https://github.com/ueberauth/ueberauth are the two main approaches, but alternatives are welcome. I would guess slight bias toward ueberauth starting with https://github.com/ueberauth/ueberauth_identity because we already have Guardian and want that to continue working, and I beleive they are maximally interoperable, unless we create an entirely new user type, in which case Coherence may be equally easy. For now, an admin should probably have complete control of any facility they're linked to, and they shouldn't be restricted to only one facility. We also want to entirely replace the current basic auth system and create a super-admin role that can modify any facility

komizutama commented 6 years ago

I think probably a few tiers of auth.. 1) OP admin: (godlike control over all, though we probably do want to have action logging at some point. ) 2) Site Admin: (Control over stock and users at specific locations could be granted this access to multiple locations or one) 3) Volunteer/Worker: Can enable a client/family size. 4) Client: Can make orders.

komizutama commented 6 years ago

My understanding is that after enabling guardian it gets a lot easier to enable things like Google SSO which in the US is very useful since they give out free business accounts to non-profits and are thereby one of the favorite email suppliers for non-profits... makes it easy to enable permissions to people based on their agency.

bglusman commented 6 years ago

Agreed re Ueberauth (not Guardian), another good reason for that bias.

For additional tiers of auth, that's fine but let's avoid too much scope creep here, we can add followup stories (or new stories to this epic), but let's try and keep the stories well scoped and small/iterative.