Open maxceem opened 4 years ago
Both needs separate scopes. for timelines remove projects-
i.e. all:timelines
and so on. There some other application for timelines in system which I think is in progress but I am not sure if they are using m2m scopes or not or if they use the term timeline
at all. So, for now, use xxx:timelines
and in case we find it conflicting with some existing scope, we can get it renamed.
Previously we've implemented support for M2M scopes and unified permission rules for some part of endpoints via PR https://github.com/topcoder-platform/tc-project-service/pull/555 and PR https://github.com/topcoder-platform/tc-project-service/pull/571
We have to apply the same approach for the rest of the endpoints.
Questions
Should we add a separate scope for Timelines? Like:
all:projects-timelines
write:projects-timelines
read:projects-timelines
or use the same scopes as for projects?
Should we add a separate scope for all the metadata? Like:
all:projects-metadata
write:projects-metadata
read:projects-metadata
or use the same scopes as for projects?
cc @vikasrohit