search

openshiftio / openshift.io

Red Hat OpenShift.io is an end-to-end development environment for planning, building and deploying modern applications.
https://openshift.io
97 stars 66 forks source link

Need API to know which spaces a user is a collaborator #1630

Open dlabrecq opened 6 years ago

dlabrecq commented 6 years ago

I'm in the process of implementing the UXD design below for the my spaces page. https://redhat.invisionapp.com/share/DQDSL22JA#/screens/261389228

There is no API we can use to show which spaces the user is a collaborator. Unfortunately, we have to omit this feature from the new my spaces page.

joshuawilson commented 6 years ago

@aslakknutsen do we have an api for this?

alexeykazakov commented 6 years ago

No we don't. Yet.

joshuawilson commented 6 years ago

This api will be used to know if you are a collaborator on a space.

  1. Based on that you should be able to leave the space and stop being a collaborator.
  2. You should also be able to filter the list of spaces to show only those that you own or are a collaborator on

Does the current API support these use cases?

alexeykazakov commented 6 years ago

What we have now:

  1. GET /api/space/:spaceID/collaborators - list collaborators of the space
  2. POST /api/space/:spaceID/collaborators/:userID - add collaborator
  3. DELETE /api/space/:spaceID/collaborators/:userID - delete collaborator

That's it. New API will provide endpoints for checking if user is a collaborator for particular space and for getting the list of spaces where user is a collaborator.

And btw, #2 from the list above could actually be used for checking if user is a collaborator in the space or not even now. If it returns 403 then user is not a collaborator.

sbryzak commented 6 years ago

Is "collaborator" the only useful scope to query for, or should we be providing a more generic api in which you can query the resources for which the user has any specified scope?

joshuawilson commented 6 years ago

I think a generic one that covers everything would work. For more details see #1849.

qodfathr commented 6 years ago

With the advent of the proposal for the new Permission model (#2068), this is likely going to become a more interesting problem to solve. There will no longer be a a first-class concept of "contributor" in OpenShift.io. Rather, you'll be a user who may have certain Permissions in certain Spaces. So I think this query needs to consider two factors:

Note that I'm using the word "Collaboration" loosely here, because there may be Spaces in which I have an explicit Allow permission in which I am effectively a "read only" user. Some would argue that means I'm something less than a collaborator.

The reason I emphasized explicitly on the last bullet is because Spaces will often grant non-explicit permissions to users. For example, an open-source project grants Reader-type rights to everyone; it does not need to explicitly grant a right to every individual user to do so. In fact, it will likely grant that right to Anonymous/non-authenticated users. However, if, for some reason, that Space explicitly granted me Reader access, the Space would show up on my "Collaboration" list, even though, technically, I do not have any additional rights beyond an non-authenticated user. Of course if the Space were to remove Reader rights from non-authenticated users, I'd still have my Reader right.