Conversation
shikanime
force-pushed
the
pr1896
branch
2 times, most recently
from
ad94312 to
bda41e8
Compare
|
🤖 Hey ! A preview of the application is available at : https://console-pr-1896.dso.cpin-hp.numerique-interieur.fr Please be patient, deployment may take a few minutes. |
shikanime
force-pushed
the
pr1896
branch
3 times, most recently
from
9158d91 to
8035ddb
Compare
|
🤖 Hey ! The @cpn-console/shared (v1.3.0) package already exists on npm but the source code has changed, you should consider updating the package version. The version update warning should be ignored in the case of modifications that do not affect the code once it has been built, such as code formatting, etc... |
|
🤖 Hey ! The security scan report for the current pull request is available here. |
shikanime
force-pushed
the
pr1896
branch
9 times, most recently
from
d6319cc to
52cf7cf
Compare
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
shikanime
force-pushed
the
pr1896
branch
6 times, most recently
from
2d50a46 to
8afec63
Compare
shikanime
added
preview
shikanime
force-pushed
the
pr1896
branch
3 times, most recently
from
f802ff9 to
c565fda
Compare
|
Before, the use can create projects After, the user can't create any more projects but the behaviour of project mangement itself stay the same |
|
According to the ADR19, the usage of custom role can re-establish the "legacy" behaviour 
Such as 
|
|
tl;dr the user can't create any more projects, sadge for him but good for us 
|
shikanime
force-pushed
the
pr1896
branch
2 times, most recently
from
4541f00 to
594b6ba
Compare
shikanime
force-pushed
the
pr1896
branch
6 times, most recently
from
b9f7a2b to
5bf5840
Compare
|
@StephaneTrebel Enfin, tout « fonctionne », besoin d'une review ❤️ |
This changes the behaviour of admin access from a single toggle to fine-tuned permissions. The permissions hierarchy basically works as follows: Manage > ManageXXX > List. There are a few exceptions, such as the project hierarchy, in which the Manage permission from admin roles gives access to certain resources inside a project, while ManageProjects only manages the resource itself. This means that Manage acts as a sort of equivalent to sudo; it's an intermediary design choice, but it needs revising. Signed-off-by: William Phetsinorath <william.phetsinorath-open@interieur.gouv.fr> Change-Id: I07287d8d2c8fd287a9fbaefc9019f81a6a6a6964
|
1 New Issue
1 Fixed Issue
0 Accepted Issues2 participants
This changes the behaviour of admin access from a single toggle to fine-tuned permissions.
The permissions hierarchy basically works as follows: Manage > ManageXXX > List.
There are a few exceptions, such as the project hierarchy, in which the Manage permission from admin roles gives access to certain resources inside a project, while ManageProjects only manages the resource itself.
This means that Manage acts as a sort of equivalent to sudo; it's an intermediary design choice, but it needs revising.
Signed-off-by: William Phetsinorath william.phetsinorath-open@interieur.gouv.fr
Change-Id: I07287d8d2c8fd287a9fbaefc9019f81a6a6a6964