search

ucd-library / pg-farm

PG Farm
0 stars 0 forks source link

Website database admin #15

Open jrmerz opened 3 months ago

jrmerz commented 3 months ago

Functionality overview:

Screenshot 2024-08-06 at 11 25 48 AM

Functional screenshots:

User view:

Screenshot 2024-08-06 at 11 31 50 AM

Table view:

Screenshot 2024-08-06 at 11 32 04 AM

Edit View:

Screenshot 2024-08-06 at 11 33 05 AM
wrenaria commented 1 month ago

@jrmerz A few questions --

1. Adding Users Can you provide some parameters on how users are added? It seems like you will need to support a mix of CAS and other. Do you need different fields for adding those different types of accounts? Like just the Kerberos username for UC Davis CAS and more fields for other? Which ones are required vs optional?

Example fields --

Do users have any power over managing their own account (like changing their password or display name, deleting their account from a database)?

2. Roles Are roles customizable, or does read + write/execute cover the user needs?

jrmerz commented 1 month ago

@wrenaria

Accounts

A CAS username is (currently) all that's required to add a user to a database. Then there are two types of (human) user accounts for a pg farm database; normal and admin. So the only fields required to create an account are:

The admin account type is allowed to:

Allowing non-cas users will be a design TODO for later (probably after launch).

Passwords are handled by CAS.

Roles

Roles are more tricky. Postgres has a role system, where you can assign access to tables/views/functions to roles and then assign roles to users. However, normal user accounts are a role as well, and can be directly assigned access to tables/views/functions. Additionally, there are A LOT of different permissions for the various database types (tables/views/functions/sequences, etc) https://www.postgresql.org/docs/current/ddl-priv.html .

My approach. PG Farm has simplified commands so an admin can think in terms of granting read or read+write access to a single table/view/function or they can grant read or read+write access to ALL objects (again tables/views/functions) in a schema (databases have multiple schemas).

It's my goal to push researchers to think of user access on the schema level, to simplify their lives. ie jrmerz has access to database my-cool-database and read access to everything in schema foo.

*A final foot note. Say I grant jrmerz read access to schema foo using the PG Farm helper method described above. If a another user adds another table to schema foo, jrmerz will not have access to the new table unless the 'grant schema access' command is run again. This is a pattern/problem, I'm hoping we can help smooth out, but I have to great thoughts how to attack as of yet.