Re: Role based access control discussion

public inbox for [email protected]  
help / color / mirror / Atom feed

From: Dave Page <[email protected]>
To: Aditya Toshniwal <[email protected]>
Cc: pgadmin-hackers <[email protected]>
Subject: Re: Role based access control discussion
Date: Thu, 13 Mar 2025 10:06:06 +0000
Message-ID: <CA+OCxowN3uKQLWTf6F1j7_Zo_72CVj+jue4XjOdnRp3LHxH7Qw@mail.gmail.com> (raw)
In-Reply-To: <CAM9w-_n9sUD1i_qzfowp5=CS0voUnmcGX-UeK8pZ5k3+xuHtLQ@mail.gmail.com>
References: <CAM9w-_n9sUD1i_qzfowp5=CS0voUnmcGX-UeK8pZ5k3+xuHtLQ@mail.gmail.com>

Hi

On Thu, 13 Mar 2025 at 06:16, Aditya Toshniwal <
[email protected]> wrote:

> Hi Hackers,
>
> I have started looking into a feature where users have requested for
> custom roles. The roles can then be assigned permissions. Here's what I
> think how it can be done:
>
>    1. Create a framework for roles based access control.
>    2. Allow adding/editing/deleting roles from UI.
>    3. User management dialog can be converted to a tab to get extra space
>    for other stuff.
>    4. pgAdmin can have some predefined permissions. The permissions can
>    then be used to validate at the API levels and UI.
>    5. New permissions cannot be added from UI as it will require code
>    changes. They can be added based on user requests.
>    6. Admin can allow these permissions to the roles and roles can be
>    assigned to users.
>    7. Permissions will be used to
>    8. Admin role remains static with no changes allowed.
>
> Let me know your thoughts on this. If everything looks good then I will
> proceed.
>

What permissions would we support initially?

-- 
Dave Page
pgAdmin: https://www.pgadmin.org
PostgreSQL: https://www.postgresql.org
pgEdge: https://www.pgedge.com

reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Reply to all the recipients using the --to and --cc options:
  reply via email

  To: [email protected]
  Cc: [email protected], [email protected]
  Subject: Re: Role based access control discussion
  In-Reply-To: <CA+OCxowN3uKQLWTf6F1j7_Zo_72CVj+jue4XjOdnRp3LHxH7Qw@mail.gmail.com>

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox