Open coury-clark opened 3 years ago
Heads up @joelkw @felixfbecker @vovakulikov @unclejustin - the "team/code-insights" label was applied to this issue.
Leaving a note that we need to check if this issue is still relevant, the API has gone through quite a few iterations at this point.
This would need to be part of larger work and require some discussions.
Currently the insights dashboard GraphQL returns some limited information about which grants are available to the dashboard
This information should be restricted based on the user context initiating the request, and filter org / user information down. However, this is incompatible with the definition for editing / creating dashboards, which requires a complete definition of
grants
available to the dashboard. Obviously, this is not possible to provide if a user doesn't have access to the complete list.We need to provide a way to edit / create dashboards without mutating the overall visibility, but still allow users with non-global access (non-admins) to mutate and edit dashboards for things they can see.