Authorize users based on DEPSEUDO privilege

statisticsnorway / dapla-dlp-pseudo-service

(De/)pseudonymization endpoints

MIT License

1 stars 0 forks source link

Authorize users based on DEPSEUDO privilege #10

Closed kschulst closed 3 years ago

kschulst commented 3 years ago

Right now authorization to depseudonymize a dataset is granted by matching the users username to a static list of trusted users configured in the dapla-pseudo-service.

Instead, the dapla-pseudo-service should check if the user has a special DEPSEUDO privilege associated with the dataset that is requested to be depseudonymized.

kschulst commented 3 years ago

The DEPSEUDO access privilege has been introduced, and the pseudo-service already supports checking access priviliges from the user-access service.