search

topcoder-platform / tc-project-service

16 stars 55 forks source link

Support standard M2M scopes - part 3 #568

Open maxceem opened 4 years ago

maxceem commented 4 years ago

Previously we've implemented support for M2M scopes and unified permission rules for some part of endpoints via PR https://github.com/topcoder-platform/tc-project-service/pull/555 and PR https://github.com/topcoder-platform/tc-project-service/pull/571

We have to apply the same approach for the rest of the endpoints.

Questions

  1. Should we add a separate scope for Timelines? Like:

    • all:projects-timelines
    • write:projects-timelines
    • read:projects-timelines

    or use the same scopes as for projects?

  2. Should we add a separate scope for all the metadata? Like:

    • all:projects-metadata
    • write:projects-metadata
    • read:projects-metadata

    or use the same scopes as for projects?

cc @vikasrohit

vikasrohit commented 4 years ago

Both needs separate scopes. for timelines remove projects- i.e. all:timelines and so on. There some other application for timelines in system which I think is in progress but I am not sure if they are using m2m scopes or not or if they use the term timeline at all. So, for now, use xxx:timelines and in case we find it conflicting with some existing scope, we can get it renamed.