public inbox for [email protected]
help / color / mirror / Atom feedRole based access control discussion
15+ messages / 2 participants
[nested] [flat]
* Role based access control discussion
@ 2025-03-13 06:16 Aditya Toshniwal <[email protected]>
2025-03-13 10:06 ` Re: Role based access control discussion Dave Page <[email protected]>
0 siblings, 1 reply; 15+ messages in thread
From: Aditya Toshniwal @ 2025-03-13 06:16 UTC (permalink / raw)
To: pgadmin-hackers
Hi Hackers,
I have started looking into a feature where users have requested for custom
roles. The roles can then be assigned permissions. Here's what I think how
it can be done:
1. Create a framework for roles based access control.
2. Allow adding/editing/deleting roles from UI.
3. User management dialog can be converted to a tab to get extra space
for other stuff.
4. pgAdmin can have some predefined permissions. The permissions can
then be used to validate at the API levels and UI.
5. New permissions cannot be added from UI as it will require code
changes. They can be added based on user requests.
6. Admin can allow these permissions to the roles and roles can be
assigned to users.
7. Permissions will be used to
8. Admin role remains static with no changes allowed.
Let me know your thoughts on this. If everything looks good then I will
proceed.
--
Thanks,
Aditya Toshniwal
pgAdmin Hacker | Sr. Staff SDE II | *enterprisedb.com*
<https://www.enterprisedb.com/;
"Don't Complain about Heat, Plant a TREE"
^ permalink raw reply [nested|flat] 15+ messages in thread
* Re: Role based access control discussion
2025-03-13 06:16 Role based access control discussion Aditya Toshniwal <[email protected]>
@ 2025-03-13 10:06 ` Dave Page <[email protected]>
2025-03-13 10:25 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
0 siblings, 1 reply; 15+ messages in thread
From: Dave Page @ 2025-03-13 10:06 UTC (permalink / raw)
To: Aditya Toshniwal <[email protected]>; +Cc: pgadmin-hackers
Hi
On Thu, 13 Mar 2025 at 06:16, Aditya Toshniwal <
[email protected]> wrote:
> Hi Hackers,
>
> I have started looking into a feature where users have requested for
> custom roles. The roles can then be assigned permissions. Here's what I
> think how it can be done:
>
> 1. Create a framework for roles based access control.
> 2. Allow adding/editing/deleting roles from UI.
> 3. User management dialog can be converted to a tab to get extra space
> for other stuff.
> 4. pgAdmin can have some predefined permissions. The permissions can
> then be used to validate at the API levels and UI.
> 5. New permissions cannot be added from UI as it will require code
> changes. They can be added based on user requests.
> 6. Admin can allow these permissions to the roles and roles can be
> assigned to users.
> 7. Permissions will be used to
> 8. Admin role remains static with no changes allowed.
>
> Let me know your thoughts on this. If everything looks good then I will
> proceed.
>
What permissions would we support initially?
--
Dave Page
pgAdmin: https://www.pgadmin.org
PostgreSQL: https://www.postgresql.org
pgEdge: https://www.pgedge.com
^ permalink raw reply [nested|flat] 15+ messages in thread
* Re: Role based access control discussion
2025-03-13 06:16 Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 10:06 ` Re: Role based access control discussion Dave Page <[email protected]>
@ 2025-03-13 10:25 ` Aditya Toshniwal <[email protected]>
2025-03-13 10:57 ` Re: Role based access control discussion Dave Page <[email protected]>
0 siblings, 1 reply; 15+ messages in thread
From: Aditya Toshniwal @ 2025-03-13 10:25 UTC (permalink / raw)
To: Dave Page <[email protected]>; +Cc: pgadmin-hackers
Hi Dave,
On Thu, Mar 13, 2025 at 3:36 PM Dave Page <[email protected]> wrote:
> Hi
>
> On Thu, 13 Mar 2025 at 06:16, Aditya Toshniwal <
> [email protected]> wrote:
>
>> Hi Hackers,
>>
>> I have started looking into a feature where users have requested for
>> custom roles. The roles can then be assigned permissions. Here's what I
>> think how it can be done:
>>
>> 1. Create a framework for roles based access control.
>> 2. Allow adding/editing/deleting roles from UI.
>> 3. User management dialog can be converted to a tab to get extra
>> space for other stuff.
>> 4. pgAdmin can have some predefined permissions. The permissions can
>> then be used to validate at the API levels and UI.
>> 5. New permissions cannot be added from UI as it will require code
>> changes. They can be added based on user requests.
>> 6. Admin can allow these permissions to the roles and roles can be
>> assigned to users.
>> 7. Permissions will be used to
>> 8. Admin role remains static with no changes allowed.
>>
>> Let me know your thoughts on this. If everything looks good then I will
>> proceed.
>>
>
> What permissions would we support initially?
>
Based on https://github.com/pgadmin-org/pgadmin4/issues/7310, we can start
with not allowing users to register a server. We'll start 1 or 2 may be,
the intention is to create a framework which will allow us to keep adding
permissions on future requests.
>
> --
> Dave Page
> pgAdmin: https://www.pgadmin.org
> PostgreSQL: https://www.postgresql.org
> pgEdge: https://www.pgedge.com
>
>
--
Thanks,
Aditya Toshniwal
pgAdmin Hacker | Sr. Staff SDE II | *enterprisedb.com*
<https://www.enterprisedb.com/;
"Don't Complain about Heat, Plant a TREE"
^ permalink raw reply [nested|flat] 15+ messages in thread
* Re: Role based access control discussion
2025-03-13 06:16 Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 10:06 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 10:25 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
@ 2025-03-13 10:57 ` Dave Page <[email protected]>
2025-03-13 11:07 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
0 siblings, 1 reply; 15+ messages in thread
From: Dave Page @ 2025-03-13 10:57 UTC (permalink / raw)
To: Aditya Toshniwal <[email protected]>; +Cc: pgadmin-hackers
On Thu, 13 Mar 2025 at 10:26, Aditya Toshniwal <
[email protected]> wrote:
> Hi Dave,
>
> On Thu, Mar 13, 2025 at 3:36 PM Dave Page <[email protected]> wrote:
>
>> Hi
>>
>> On Thu, 13 Mar 2025 at 06:16, Aditya Toshniwal <
>> [email protected]> wrote:
>>
>>> Hi Hackers,
>>>
>>> I have started looking into a feature where users have requested for
>>> custom roles. The roles can then be assigned permissions. Here's what I
>>> think how it can be done:
>>>
>>> 1. Create a framework for roles based access control.
>>> 2. Allow adding/editing/deleting roles from UI.
>>> 3. User management dialog can be converted to a tab to get extra
>>> space for other stuff.
>>> 4. pgAdmin can have some predefined permissions. The permissions can
>>> then be used to validate at the API levels and UI.
>>> 5. New permissions cannot be added from UI as it will require code
>>> changes. They can be added based on user requests.
>>> 6. Admin can allow these permissions to the roles and roles can be
>>> assigned to users.
>>> 7. Permissions will be used to
>>> 8. Admin role remains static with no changes allowed.
>>>
>>> Let me know your thoughts on this. If everything looks good then I will
>>> proceed.
>>>
>>
>> What permissions would we support initially?
>>
>
> Based on https://github.com/pgadmin-org/pgadmin4/issues/7310, we can
> start with not allowing users to register a server. We'll start 1 or 2 may
> be, the intention is to create a framework which will allow us to keep
> adding permissions on future requests.
>
The reason I ask is that there's no point in creating a framework if we
just end up with a single permission for adding/removing servers. I think
it makes sense to be sure there are likely to be other permissions before
committing to something likely to be a lot more complex than just adding an
attribute to a user.
--
Dave Page
pgAdmin: https://www.pgadmin.org
PostgreSQL: https://www.postgresql.org
pgEdge: https://www.pgedge.com
^ permalink raw reply [nested|flat] 15+ messages in thread
* Re: Role based access control discussion
2025-03-13 06:16 Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 10:06 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 10:25 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 10:57 ` Re: Role based access control discussion Dave Page <[email protected]>
@ 2025-03-13 11:07 ` Aditya Toshniwal <[email protected]>
2025-03-13 11:24 ` Re: Role based access control discussion Dave Page <[email protected]>
0 siblings, 1 reply; 15+ messages in thread
From: Aditya Toshniwal @ 2025-03-13 11:07 UTC (permalink / raw)
To: Dave Page <[email protected]>; +Cc: pgadmin-hackers
Hi Dave,
On Thu, Mar 13, 2025 at 4:27 PM Dave Page <[email protected]> wrote:
>
>
> On Thu, 13 Mar 2025 at 10:26, Aditya Toshniwal <
> [email protected]> wrote:
>
>> Hi Dave,
>>
>> On Thu, Mar 13, 2025 at 3:36 PM Dave Page <[email protected]> wrote:
>>
>>> Hi
>>>
>>> On Thu, 13 Mar 2025 at 06:16, Aditya Toshniwal <
>>> [email protected]> wrote:
>>>
>>>> Hi Hackers,
>>>>
>>>> I have started looking into a feature where users have requested for
>>>> custom roles. The roles can then be assigned permissions. Here's what I
>>>> think how it can be done:
>>>>
>>>> 1. Create a framework for roles based access control.
>>>> 2. Allow adding/editing/deleting roles from UI.
>>>> 3. User management dialog can be converted to a tab to get extra
>>>> space for other stuff.
>>>> 4. pgAdmin can have some predefined permissions. The permissions
>>>> can then be used to validate at the API levels and UI.
>>>> 5. New permissions cannot be added from UI as it will require code
>>>> changes. They can be added based on user requests.
>>>> 6. Admin can allow these permissions to the roles and roles can be
>>>> assigned to users.
>>>> 7. Permissions will be used to
>>>> 8. Admin role remains static with no changes allowed.
>>>>
>>>> Let me know your thoughts on this. If everything looks good then I will
>>>> proceed.
>>>>
>>>
>>> What permissions would we support initially?
>>>
>>
>> Based on https://github.com/pgadmin-org/pgadmin4/issues/7310, we can
>> start with not allowing users to register a server. We'll start 1 or 2 may
>> be, the intention is to create a framework which will allow us to keep
>> adding permissions on future requests.
>>
>
> The reason I ask is that there's no point in creating a framework if we
> just end up with a single permission for adding/removing servers. I think
> it makes sense to be sure there are likely to be other permissions before
> committing to something likely to be a lot more complex than just adding an
> attribute to a user.
>
I understand, but there have been many user requests for custom roles. I
agree that adding a complex thing like RBAC just for one single permission
is an overkill. But based on my past experience - users will come up with
more permissions once they see that they can tweak the permissions now.
What do you suggest we can do?
>
> --
> Dave Page
> pgAdmin: https://www.pgadmin.org
> PostgreSQL: https://www.postgresql.org
> pgEdge: https://www.pgedge.com
>
>
--
Thanks,
Aditya Toshniwal
pgAdmin Hacker | Sr. Staff SDE II | *enterprisedb.com*
<https://www.enterprisedb.com/;
"Don't Complain about Heat, Plant a TREE"
^ permalink raw reply [nested|flat] 15+ messages in thread
* Re: Role based access control discussion
2025-03-13 06:16 Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 10:06 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 10:25 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 10:57 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 11:07 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
@ 2025-03-13 11:24 ` Dave Page <[email protected]>
2025-03-13 13:18 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
0 siblings, 1 reply; 15+ messages in thread
From: Dave Page @ 2025-03-13 11:24 UTC (permalink / raw)
To: Aditya Toshniwal <[email protected]>; +Cc: pgadmin-hackers
On Thu, 13 Mar 2025 at 11:07, Aditya Toshniwal <
[email protected]> wrote:
> Hi Dave,
>
> On Thu, Mar 13, 2025 at 4:27 PM Dave Page <[email protected]> wrote:
>
>>
>>
>> On Thu, 13 Mar 2025 at 10:26, Aditya Toshniwal <
>> [email protected]> wrote:
>>
>>> Hi Dave,
>>>
>>> On Thu, Mar 13, 2025 at 3:36 PM Dave Page <[email protected]> wrote:
>>>
>>>> Hi
>>>>
>>>> On Thu, 13 Mar 2025 at 06:16, Aditya Toshniwal <
>>>> [email protected]> wrote:
>>>>
>>>>> Hi Hackers,
>>>>>
>>>>> I have started looking into a feature where users have requested for
>>>>> custom roles. The roles can then be assigned permissions. Here's what I
>>>>> think how it can be done:
>>>>>
>>>>> 1. Create a framework for roles based access control.
>>>>> 2. Allow adding/editing/deleting roles from UI.
>>>>> 3. User management dialog can be converted to a tab to get extra
>>>>> space for other stuff.
>>>>> 4. pgAdmin can have some predefined permissions. The permissions
>>>>> can then be used to validate at the API levels and UI.
>>>>> 5. New permissions cannot be added from UI as it will require code
>>>>> changes. They can be added based on user requests.
>>>>> 6. Admin can allow these permissions to the roles and roles can be
>>>>> assigned to users.
>>>>> 7. Permissions will be used to
>>>>> 8. Admin role remains static with no changes allowed.
>>>>>
>>>>> Let me know your thoughts on this. If everything looks good then I
>>>>> will proceed.
>>>>>
>>>>
>>>> What permissions would we support initially?
>>>>
>>>
>>> Based on https://github.com/pgadmin-org/pgadmin4/issues/7310, we can
>>> start with not allowing users to register a server. We'll start 1 or 2 may
>>> be, the intention is to create a framework which will allow us to keep
>>> adding permissions on future requests.
>>>
>>
>> The reason I ask is that there's no point in creating a framework if we
>> just end up with a single permission for adding/removing servers. I think
>> it makes sense to be sure there are likely to be other permissions before
>> committing to something likely to be a lot more complex than just adding an
>> attribute to a user.
>>
>
> I understand, but there have been many user requests for custom roles. I
> agree that adding a complex thing like RBAC just for one single permission
> is an overkill. But based on my past experience - users will come up with
> more permissions once they see that they can tweak the permissions now.
> What do you suggest we can do?
>
I do agree, there is the possibility for additional roles to come up,
however, I'm struggling to think what makes sense right now. RBAC access to
tools like psql or the Query Tool don't make much sense - if you can login
to the database server, then there's nothing to stop you just running psql
anyway and bypassing any RBAC we might implement. I suppose there might be
an argument that pgAdmin is being used as a "gateway" to a server on an
otherwise inaccessible network, but then I worry that that opens a whole
other can of worms around locking down ways for users to execute queries
through pgAdmin that we might never have previously considered to be a
problem.
You say there have been many user requests for custom roles. What roles
were they asking for?
--
Dave Page
pgAdmin: https://www.pgadmin.org
PostgreSQL: https://www.postgresql.org
pgEdge: https://www.pgedge.com
^ permalink raw reply [nested|flat] 15+ messages in thread
* Re: Role based access control discussion
2025-03-13 06:16 Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 10:06 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 10:25 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 10:57 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 11:07 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 11:24 ` Re: Role based access control discussion Dave Page <[email protected]>
@ 2025-03-13 13:18 ` Aditya Toshniwal <[email protected]>
2025-03-13 13:55 ` Re: Role based access control discussion Dave Page <[email protected]>
0 siblings, 1 reply; 15+ messages in thread
From: Aditya Toshniwal @ 2025-03-13 13:18 UTC (permalink / raw)
To: Dave Page <[email protected]>; +Cc: pgadmin-hackers
On Thu, Mar 13, 2025 at 4:54 PM Dave Page <[email protected]> wrote:
>
>
> On Thu, 13 Mar 2025 at 11:07, Aditya Toshniwal <
> [email protected]> wrote:
>
>> Hi Dave,
>>
>> On Thu, Mar 13, 2025 at 4:27 PM Dave Page <[email protected]> wrote:
>>
>>>
>>>
>>> On Thu, 13 Mar 2025 at 10:26, Aditya Toshniwal <
>>> [email protected]> wrote:
>>>
>>>> Hi Dave,
>>>>
>>>> On Thu, Mar 13, 2025 at 3:36 PM Dave Page <[email protected]> wrote:
>>>>
>>>>> Hi
>>>>>
>>>>> On Thu, 13 Mar 2025 at 06:16, Aditya Toshniwal <
>>>>> [email protected]> wrote:
>>>>>
>>>>>> Hi Hackers,
>>>>>>
>>>>>> I have started looking into a feature where users have requested for
>>>>>> custom roles. The roles can then be assigned permissions. Here's what I
>>>>>> think how it can be done:
>>>>>>
>>>>>> 1. Create a framework for roles based access control.
>>>>>> 2. Allow adding/editing/deleting roles from UI.
>>>>>> 3. User management dialog can be converted to a tab to get extra
>>>>>> space for other stuff.
>>>>>> 4. pgAdmin can have some predefined permissions. The permissions
>>>>>> can then be used to validate at the API levels and UI.
>>>>>> 5. New permissions cannot be added from UI as it will require
>>>>>> code changes. They can be added based on user requests.
>>>>>> 6. Admin can allow these permissions to the roles and roles can
>>>>>> be assigned to users.
>>>>>> 7. Permissions will be used to
>>>>>> 8. Admin role remains static with no changes allowed.
>>>>>>
>>>>>> Let me know your thoughts on this. If everything looks good then I
>>>>>> will proceed.
>>>>>>
>>>>>
>>>>> What permissions would we support initially?
>>>>>
>>>>
>>>> Based on https://github.com/pgadmin-org/pgadmin4/issues/7310, we can
>>>> start with not allowing users to register a server. We'll start 1 or 2 may
>>>> be, the intention is to create a framework which will allow us to keep
>>>> adding permissions on future requests.
>>>>
>>>
>>> The reason I ask is that there's no point in creating a framework if we
>>> just end up with a single permission for adding/removing servers. I think
>>> it makes sense to be sure there are likely to be other permissions before
>>> committing to something likely to be a lot more complex than just adding an
>>> attribute to a user.
>>>
>>
>> I understand, but there have been many user requests for custom roles. I
>> agree that adding a complex thing like RBAC just for one single permission
>> is an overkill. But based on my past experience - users will come up with
>> more permissions once they see that they can tweak the permissions now.
>> What do you suggest we can do?
>>
>
> I do agree, there is the possibility for additional roles to come up,
> however, I'm struggling to think what makes sense right now. RBAC access to
> tools like psql or the Query Tool don't make much sense - if you can login
> to the database server, then there's nothing to stop you just running psql
> anyway and bypassing any RBAC we might implement. I suppose there might be
> an argument that pgAdmin is being used as a "gateway" to a server on an
> otherwise inaccessible network, but then I worry that that opens a whole
> other can of worms around locking down ways for users to execute queries
> through pgAdmin that we might never have previously considered to be a
> problem.
>
> You say there have been many user requests for custom roles. What roles
> were they asking for?
>
Roles similar to what Grafana provides
https://grafana.com/docs/grafana/latest/administration/roles-and-permissions/,
but majorly restrictions around server nodes.
> --
> Dave Page
> pgAdmin: https://www.pgadmin.org
> PostgreSQL: https://www.postgresql.org
> pgEdge: https://www.pgedge.com
>
>
--
Thanks,
Aditya Toshniwal
pgAdmin Hacker | Sr. Staff SDE II | *enterprisedb.com*
<https://www.enterprisedb.com/;
"Don't Complain about Heat, Plant a TREE"
^ permalink raw reply [nested|flat] 15+ messages in thread
* Re: Role based access control discussion
2025-03-13 06:16 Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 10:06 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 10:25 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 10:57 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 11:07 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 11:24 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 13:18 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
@ 2025-03-13 13:55 ` Dave Page <[email protected]>
2025-03-13 15:17 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
0 siblings, 1 reply; 15+ messages in thread
From: Dave Page @ 2025-03-13 13:55 UTC (permalink / raw)
To: Aditya Toshniwal <[email protected]>; +Cc: pgadmin-hackers
On Thu, 13 Mar 2025 at 13:19, Aditya Toshniwal <
[email protected]> wrote:
>
>
> On Thu, Mar 13, 2025 at 4:54 PM Dave Page <[email protected]> wrote:
>
>>
>>
>> On Thu, 13 Mar 2025 at 11:07, Aditya Toshniwal <
>> [email protected]> wrote:
>>
>>> Hi Dave,
>>>
>>> On Thu, Mar 13, 2025 at 4:27 PM Dave Page <[email protected]> wrote:
>>>
>>>>
>>>>
>>>> On Thu, 13 Mar 2025 at 10:26, Aditya Toshniwal <
>>>> [email protected]> wrote:
>>>>
>>>>> Hi Dave,
>>>>>
>>>>> On Thu, Mar 13, 2025 at 3:36 PM Dave Page <[email protected]> wrote:
>>>>>
>>>>>> Hi
>>>>>>
>>>>>> On Thu, 13 Mar 2025 at 06:16, Aditya Toshniwal <
>>>>>> [email protected]> wrote:
>>>>>>
>>>>>>> Hi Hackers,
>>>>>>>
>>>>>>> I have started looking into a feature where users have requested for
>>>>>>> custom roles. The roles can then be assigned permissions. Here's what I
>>>>>>> think how it can be done:
>>>>>>>
>>>>>>> 1. Create a framework for roles based access control.
>>>>>>> 2. Allow adding/editing/deleting roles from UI.
>>>>>>> 3. User management dialog can be converted to a tab to get extra
>>>>>>> space for other stuff.
>>>>>>> 4. pgAdmin can have some predefined permissions. The permissions
>>>>>>> can then be used to validate at the API levels and UI.
>>>>>>> 5. New permissions cannot be added from UI as it will require
>>>>>>> code changes. They can be added based on user requests.
>>>>>>> 6. Admin can allow these permissions to the roles and roles can
>>>>>>> be assigned to users.
>>>>>>> 7. Permissions will be used to
>>>>>>> 8. Admin role remains static with no changes allowed.
>>>>>>>
>>>>>>> Let me know your thoughts on this. If everything looks good then I
>>>>>>> will proceed.
>>>>>>>
>>>>>>
>>>>>> What permissions would we support initially?
>>>>>>
>>>>>
>>>>> Based on https://github.com/pgadmin-org/pgadmin4/issues/7310, we can
>>>>> start with not allowing users to register a server. We'll start 1 or 2 may
>>>>> be, the intention is to create a framework which will allow us to keep
>>>>> adding permissions on future requests.
>>>>>
>>>>
>>>> The reason I ask is that there's no point in creating a framework if we
>>>> just end up with a single permission for adding/removing servers. I think
>>>> it makes sense to be sure there are likely to be other permissions before
>>>> committing to something likely to be a lot more complex than just adding an
>>>> attribute to a user.
>>>>
>>>
>>> I understand, but there have been many user requests for custom roles. I
>>> agree that adding a complex thing like RBAC just for one single permission
>>> is an overkill. But based on my past experience - users will come up with
>>> more permissions once they see that they can tweak the permissions now.
>>> What do you suggest we can do?
>>>
>>
>> I do agree, there is the possibility for additional roles to come up,
>> however, I'm struggling to think what makes sense right now. RBAC access to
>> tools like psql or the Query Tool don't make much sense - if you can login
>> to the database server, then there's nothing to stop you just running psql
>> anyway and bypassing any RBAC we might implement. I suppose there might be
>> an argument that pgAdmin is being used as a "gateway" to a server on an
>> otherwise inaccessible network, but then I worry that that opens a whole
>> other can of worms around locking down ways for users to execute queries
>> through pgAdmin that we might never have previously considered to be a
>> problem.
>>
>> You say there have been many user requests for custom roles. What roles
>> were they asking for?
>>
> Roles similar to what Grafana provides
> https://grafana.com/docs/grafana/latest/administration/roles-and-permissions/,
> but majorly restrictions around server nodes.
>
Many of those aren't relevant to pgAdmin, but one that did stand out is the
ability to create/delete folders. That might well be useful to control.
--
Dave Page
pgAdmin: https://www.pgadmin.org
PostgreSQL: https://www.postgresql.org
pgEdge: https://www.pgedge.com
^ permalink raw reply [nested|flat] 15+ messages in thread
* Re: Role based access control discussion
2025-03-13 06:16 Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 10:06 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 10:25 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 10:57 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 11:07 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 11:24 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 13:18 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 13:55 ` Re: Role based access control discussion Dave Page <[email protected]>
@ 2025-03-13 15:17 ` Aditya Toshniwal <[email protected]>
2025-03-17 09:10 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
0 siblings, 1 reply; 15+ messages in thread
From: Aditya Toshniwal @ 2025-03-13 15:17 UTC (permalink / raw)
To: Dave Page <[email protected]>; +Cc: pgadmin-hackers
On Thu, Mar 13, 2025 at 7:25 PM Dave Page <[email protected]> wrote:
>
>
> On Thu, 13 Mar 2025 at 13:19, Aditya Toshniwal <
> [email protected]> wrote:
>
>>
>>
>> On Thu, Mar 13, 2025 at 4:54 PM Dave Page <[email protected]> wrote:
>>
>>>
>>>
>>> On Thu, 13 Mar 2025 at 11:07, Aditya Toshniwal <
>>> [email protected]> wrote:
>>>
>>>> Hi Dave,
>>>>
>>>> On Thu, Mar 13, 2025 at 4:27 PM Dave Page <[email protected]> wrote:
>>>>
>>>>>
>>>>>
>>>>> On Thu, 13 Mar 2025 at 10:26, Aditya Toshniwal <
>>>>> [email protected]> wrote:
>>>>>
>>>>>> Hi Dave,
>>>>>>
>>>>>> On Thu, Mar 13, 2025 at 3:36 PM Dave Page <[email protected]> wrote:
>>>>>>
>>>>>>> Hi
>>>>>>>
>>>>>>> On Thu, 13 Mar 2025 at 06:16, Aditya Toshniwal <
>>>>>>> [email protected]> wrote:
>>>>>>>
>>>>>>>> Hi Hackers,
>>>>>>>>
>>>>>>>> I have started looking into a feature where users have requested
>>>>>>>> for custom roles. The roles can then be assigned permissions. Here's what I
>>>>>>>> think how it can be done:
>>>>>>>>
>>>>>>>> 1. Create a framework for roles based access control.
>>>>>>>> 2. Allow adding/editing/deleting roles from UI.
>>>>>>>> 3. User management dialog can be converted to a tab to get
>>>>>>>> extra space for other stuff.
>>>>>>>> 4. pgAdmin can have some predefined permissions. The
>>>>>>>> permissions can then be used to validate at the API levels and UI.
>>>>>>>> 5. New permissions cannot be added from UI as it will require
>>>>>>>> code changes. They can be added based on user requests.
>>>>>>>> 6. Admin can allow these permissions to the roles and roles can
>>>>>>>> be assigned to users.
>>>>>>>> 7. Permissions will be used to
>>>>>>>> 8. Admin role remains static with no changes allowed.
>>>>>>>>
>>>>>>>> Let me know your thoughts on this. If everything looks good then I
>>>>>>>> will proceed.
>>>>>>>>
>>>>>>>
>>>>>>> What permissions would we support initially?
>>>>>>>
>>>>>>
>>>>>> Based on https://github.com/pgadmin-org/pgadmin4/issues/7310, we can
>>>>>> start with not allowing users to register a server. We'll start 1 or 2 may
>>>>>> be, the intention is to create a framework which will allow us to keep
>>>>>> adding permissions on future requests.
>>>>>>
>>>>>
>>>>> The reason I ask is that there's no point in creating a framework if
>>>>> we just end up with a single permission for adding/removing servers. I
>>>>> think it makes sense to be sure there are likely to be other permissions
>>>>> before committing to something likely to be a lot more complex than just
>>>>> adding an attribute to a user.
>>>>>
>>>>
>>>> I understand, but there have been many user requests for custom roles.
>>>> I agree that adding a complex thing like RBAC just for one single
>>>> permission is an overkill. But based on my past experience - users will
>>>> come up with more permissions once they see that they can tweak the
>>>> permissions now.
>>>> What do you suggest we can do?
>>>>
>>>
>>> I do agree, there is the possibility for additional roles to come up,
>>> however, I'm struggling to think what makes sense right now. RBAC access to
>>> tools like psql or the Query Tool don't make much sense - if you can login
>>> to the database server, then there's nothing to stop you just running psql
>>> anyway and bypassing any RBAC we might implement. I suppose there might be
>>> an argument that pgAdmin is being used as a "gateway" to a server on an
>>> otherwise inaccessible network, but then I worry that that opens a whole
>>> other can of worms around locking down ways for users to execute queries
>>> through pgAdmin that we might never have previously considered to be a
>>> problem.
>>>
>>> You say there have been many user requests for custom roles. What roles
>>> were they asking for?
>>>
>> Roles similar to what Grafana provides
>> https://grafana.com/docs/grafana/latest/administration/roles-and-permissions/,
>> but majorly restrictions around server nodes.
>>
>
> Many of those aren't relevant to pgAdmin, but one that did stand out is
> the ability to create/delete folders. That might well be useful to control.
>
So we have 2-3 now. Let me dig in all the modules if I can find more useful
permissions.
>
> --
> Dave Page
> pgAdmin: https://www.pgadmin.org
> PostgreSQL: https://www.postgresql.org
> pgEdge: https://www.pgedge.com
>
>
--
Thanks,
Aditya Toshniwal
pgAdmin Hacker | Sr. Staff SDE II | *enterprisedb.com*
<https://www.enterprisedb.com/;
"Don't Complain about Heat, Plant a TREE"
^ permalink raw reply [nested|flat] 15+ messages in thread
* Re: Role based access control discussion
2025-03-13 06:16 Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 10:06 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 10:25 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 10:57 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 11:07 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 11:24 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 13:18 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 13:55 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 15:17 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
@ 2025-03-17 09:10 ` Aditya Toshniwal <[email protected]>
2025-03-17 09:30 ` Re: Role based access control discussion Dave Page <[email protected]>
0 siblings, 1 reply; 15+ messages in thread
From: Aditya Toshniwal @ 2025-03-17 09:10 UTC (permalink / raw)
To: Dave Page <[email protected]>; +Cc: pgadmin-hackers
Hi Dave,
Essentially, the permissions can be based on the menus:
Object Explorer
1. Manage Server Create/Edit/Remove.
2. Create database object (user could still be able to create using
query tool)
Tools
1. Tool access like query tool, backup, etc.
Storage Manager:
1. Create/Edit/Delete file.
2. Create/Edit/Delete folders.
On Thu, Mar 13, 2025 at 8:47 PM Aditya Toshniwal <
[email protected]> wrote:
>
>
> On Thu, Mar 13, 2025 at 7:25 PM Dave Page <[email protected]> wrote:
>
>>
>>
>> On Thu, 13 Mar 2025 at 13:19, Aditya Toshniwal <
>> [email protected]> wrote:
>>
>>>
>>>
>>> On Thu, Mar 13, 2025 at 4:54 PM Dave Page <[email protected]> wrote:
>>>
>>>>
>>>>
>>>> On Thu, 13 Mar 2025 at 11:07, Aditya Toshniwal <
>>>> [email protected]> wrote:
>>>>
>>>>> Hi Dave,
>>>>>
>>>>> On Thu, Mar 13, 2025 at 4:27 PM Dave Page <[email protected]> wrote:
>>>>>
>>>>>>
>>>>>>
>>>>>> On Thu, 13 Mar 2025 at 10:26, Aditya Toshniwal <
>>>>>> [email protected]> wrote:
>>>>>>
>>>>>>> Hi Dave,
>>>>>>>
>>>>>>> On Thu, Mar 13, 2025 at 3:36 PM Dave Page <[email protected]> wrote:
>>>>>>>
>>>>>>>> Hi
>>>>>>>>
>>>>>>>> On Thu, 13 Mar 2025 at 06:16, Aditya Toshniwal <
>>>>>>>> [email protected]> wrote:
>>>>>>>>
>>>>>>>>> Hi Hackers,
>>>>>>>>>
>>>>>>>>> I have started looking into a feature where users have requested
>>>>>>>>> for custom roles. The roles can then be assigned permissions. Here's what I
>>>>>>>>> think how it can be done:
>>>>>>>>>
>>>>>>>>> 1. Create a framework for roles based access control.
>>>>>>>>> 2. Allow adding/editing/deleting roles from UI.
>>>>>>>>> 3. User management dialog can be converted to a tab to get
>>>>>>>>> extra space for other stuff.
>>>>>>>>> 4. pgAdmin can have some predefined permissions. The
>>>>>>>>> permissions can then be used to validate at the API levels and UI.
>>>>>>>>> 5. New permissions cannot be added from UI as it will require
>>>>>>>>> code changes. They can be added based on user requests.
>>>>>>>>> 6. Admin can allow these permissions to the roles and roles
>>>>>>>>> can be assigned to users.
>>>>>>>>> 7. Permissions will be used to
>>>>>>>>> 8. Admin role remains static with no changes allowed.
>>>>>>>>>
>>>>>>>>> Let me know your thoughts on this. If everything looks good then I
>>>>>>>>> will proceed.
>>>>>>>>>
>>>>>>>>
>>>>>>>> What permissions would we support initially?
>>>>>>>>
>>>>>>>
>>>>>>> Based on https://github.com/pgadmin-org/pgadmin4/issues/7310, we
>>>>>>> can start with not allowing users to register a server. We'll start 1 or 2
>>>>>>> may be, the intention is to create a framework which will allow us to keep
>>>>>>> adding permissions on future requests.
>>>>>>>
>>>>>>
>>>>>> The reason I ask is that there's no point in creating a framework if
>>>>>> we just end up with a single permission for adding/removing servers. I
>>>>>> think it makes sense to be sure there are likely to be other permissions
>>>>>> before committing to something likely to be a lot more complex than just
>>>>>> adding an attribute to a user.
>>>>>>
>>>>>
>>>>> I understand, but there have been many user requests for custom roles.
>>>>> I agree that adding a complex thing like RBAC just for one single
>>>>> permission is an overkill. But based on my past experience - users will
>>>>> come up with more permissions once they see that they can tweak the
>>>>> permissions now.
>>>>> What do you suggest we can do?
>>>>>
>>>>
>>>> I do agree, there is the possibility for additional roles to come up,
>>>> however, I'm struggling to think what makes sense right now. RBAC access to
>>>> tools like psql or the Query Tool don't make much sense - if you can login
>>>> to the database server, then there's nothing to stop you just running psql
>>>> anyway and bypassing any RBAC we might implement. I suppose there might be
>>>> an argument that pgAdmin is being used as a "gateway" to a server on an
>>>> otherwise inaccessible network, but then I worry that that opens a whole
>>>> other can of worms around locking down ways for users to execute queries
>>>> through pgAdmin that we might never have previously considered to be a
>>>> problem.
>>>>
>>>> You say there have been many user requests for custom roles. What roles
>>>> were they asking for?
>>>>
>>> Roles similar to what Grafana provides
>>> https://grafana.com/docs/grafana/latest/administration/roles-and-permissions/,
>>> but majorly restrictions around server nodes.
>>>
>>
>> Many of those aren't relevant to pgAdmin, but one that did stand out is
>> the ability to create/delete folders. That might well be useful to control.
>>
>
> So we have 2-3 now. Let me dig in all the modules if I can find more
> useful permissions.
>
>>
>> --
>> Dave Page
>> pgAdmin: https://www.pgadmin.org
>> PostgreSQL: https://www.postgresql.org
>> pgEdge: https://www.pgedge.com
>>
>>
>
> --
> Thanks,
> Aditya Toshniwal
> pgAdmin Hacker | Sr. Staff SDE II | *enterprisedb.com*
> <https://www.enterprisedb.com/;
> "Don't Complain about Heat, Plant a TREE"
>
--
Thanks,
Aditya Toshniwal
pgAdmin Hacker | Sr. Staff SDE II | *enterprisedb.com*
<https://www.enterprisedb.com/;
"Don't Complain about Heat, Plant a TREE"
^ permalink raw reply [nested|flat] 15+ messages in thread
* Re: Role based access control discussion
2025-03-13 06:16 Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 10:06 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 10:25 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 10:57 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 11:07 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 11:24 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 13:18 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 13:55 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 15:17 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-17 09:10 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
@ 2025-03-17 09:30 ` Dave Page <[email protected]>
2025-03-17 09:38 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
0 siblings, 1 reply; 15+ messages in thread
From: Dave Page @ 2025-03-17 09:30 UTC (permalink / raw)
To: Aditya Toshniwal <[email protected]>; +Cc: pgadmin-hackers
Hi
On Mon, 17 Mar 2025 at 09:11, Aditya Toshniwal <
[email protected]> wrote:
> Hi Dave,
>
> Essentially, the permissions can be based on the menus:
>
> Object Explorer
>
> 1. Manage Server Create/Edit/Remove.
> 2. Create database object (user could still be able to create using
> query tool)
>
> Definitely not the second one. We shouldn't do anything that is enforced
in the database server - it's unlikely the two permissions systems will
remain in sync for more than a few minutes, and we shouldn't be duplicating
server functionality anyway.
> Tools
>
> 1. Tool access like query tool, backup, etc.
>
> Storage Manager:
>
> 1. Create/Edit/Delete file.
> 2. Create/Edit/Delete folders.
>
>
> On Thu, Mar 13, 2025 at 8:47 PM Aditya Toshniwal <
> [email protected]> wrote:
>
>>
>>
>> On Thu, Mar 13, 2025 at 7:25 PM Dave Page <[email protected]> wrote:
>>
>>>
>>>
>>> On Thu, 13 Mar 2025 at 13:19, Aditya Toshniwal <
>>> [email protected]> wrote:
>>>
>>>>
>>>>
>>>> On Thu, Mar 13, 2025 at 4:54 PM Dave Page <[email protected]> wrote:
>>>>
>>>>>
>>>>>
>>>>> On Thu, 13 Mar 2025 at 11:07, Aditya Toshniwal <
>>>>> [email protected]> wrote:
>>>>>
>>>>>> Hi Dave,
>>>>>>
>>>>>> On Thu, Mar 13, 2025 at 4:27 PM Dave Page <[email protected]> wrote:
>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Thu, 13 Mar 2025 at 10:26, Aditya Toshniwal <
>>>>>>> [email protected]> wrote:
>>>>>>>
>>>>>>>> Hi Dave,
>>>>>>>>
>>>>>>>> On Thu, Mar 13, 2025 at 3:36 PM Dave Page <[email protected]>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> Hi
>>>>>>>>>
>>>>>>>>> On Thu, 13 Mar 2025 at 06:16, Aditya Toshniwal <
>>>>>>>>> [email protected]> wrote:
>>>>>>>>>
>>>>>>>>>> Hi Hackers,
>>>>>>>>>>
>>>>>>>>>> I have started looking into a feature where users have requested
>>>>>>>>>> for custom roles. The roles can then be assigned permissions. Here's what I
>>>>>>>>>> think how it can be done:
>>>>>>>>>>
>>>>>>>>>> 1. Create a framework for roles based access control.
>>>>>>>>>> 2. Allow adding/editing/deleting roles from UI.
>>>>>>>>>> 3. User management dialog can be converted to a tab to get
>>>>>>>>>> extra space for other stuff.
>>>>>>>>>> 4. pgAdmin can have some predefined permissions. The
>>>>>>>>>> permissions can then be used to validate at the API levels and UI.
>>>>>>>>>> 5. New permissions cannot be added from UI as it will require
>>>>>>>>>> code changes. They can be added based on user requests.
>>>>>>>>>> 6. Admin can allow these permissions to the roles and roles
>>>>>>>>>> can be assigned to users.
>>>>>>>>>> 7. Permissions will be used to
>>>>>>>>>> 8. Admin role remains static with no changes allowed.
>>>>>>>>>>
>>>>>>>>>> Let me know your thoughts on this. If everything looks good then
>>>>>>>>>> I will proceed.
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> What permissions would we support initially?
>>>>>>>>>
>>>>>>>>
>>>>>>>> Based on https://github.com/pgadmin-org/pgadmin4/issues/7310, we
>>>>>>>> can start with not allowing users to register a server. We'll start 1 or 2
>>>>>>>> may be, the intention is to create a framework which will allow us to keep
>>>>>>>> adding permissions on future requests.
>>>>>>>>
>>>>>>>
>>>>>>> The reason I ask is that there's no point in creating a framework if
>>>>>>> we just end up with a single permission for adding/removing servers. I
>>>>>>> think it makes sense to be sure there are likely to be other permissions
>>>>>>> before committing to something likely to be a lot more complex than just
>>>>>>> adding an attribute to a user.
>>>>>>>
>>>>>>
>>>>>> I understand, but there have been many user requests for custom
>>>>>> roles. I agree that adding a complex thing like RBAC just for one single
>>>>>> permission is an overkill. But based on my past experience - users will
>>>>>> come up with more permissions once they see that they can tweak the
>>>>>> permissions now.
>>>>>> What do you suggest we can do?
>>>>>>
>>>>>
>>>>> I do agree, there is the possibility for additional roles to come up,
>>>>> however, I'm struggling to think what makes sense right now. RBAC access to
>>>>> tools like psql or the Query Tool don't make much sense - if you can login
>>>>> to the database server, then there's nothing to stop you just running psql
>>>>> anyway and bypassing any RBAC we might implement. I suppose there might be
>>>>> an argument that pgAdmin is being used as a "gateway" to a server on an
>>>>> otherwise inaccessible network, but then I worry that that opens a whole
>>>>> other can of worms around locking down ways for users to execute queries
>>>>> through pgAdmin that we might never have previously considered to be a
>>>>> problem.
>>>>>
>>>>> You say there have been many user requests for custom roles. What
>>>>> roles were they asking for?
>>>>>
>>>> Roles similar to what Grafana provides
>>>> https://grafana.com/docs/grafana/latest/administration/roles-and-permissions/,
>>>> but majorly restrictions around server nodes.
>>>>
>>>
>>> Many of those aren't relevant to pgAdmin, but one that did stand out is
>>> the ability to create/delete folders. That might well be useful to control.
>>>
>>
>> So we have 2-3 now. Let me dig in all the modules if I can find more
>> useful permissions.
>>
>>>
>>> --
>>> Dave Page
>>> pgAdmin: https://www.pgadmin.org
>>> PostgreSQL: https://www.postgresql.org
>>> pgEdge: https://www.pgedge.com
>>>
>>>
>>
>> --
>> Thanks,
>> Aditya Toshniwal
>> pgAdmin Hacker | Sr. Staff SDE II | *enterprisedb.com*
>> <https://www.enterprisedb.com/;
>> "Don't Complain about Heat, Plant a TREE"
>>
>
>
> --
> Thanks,
> Aditya Toshniwal
> pgAdmin Hacker | Sr. Staff SDE II | *enterprisedb.com*
> <https://www.enterprisedb.com/;
> "Don't Complain about Heat, Plant a TREE"
>
--
Dave Page
pgAdmin: https://www.pgadmin.org
PostgreSQL: https://www.postgresql.org
pgEdge: https://www.pgedge.com
^ permalink raw reply [nested|flat] 15+ messages in thread
* Re: Role based access control discussion
2025-03-13 06:16 Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 10:06 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 10:25 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 10:57 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 11:07 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 11:24 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 13:18 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 13:55 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 15:17 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-17 09:10 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-17 09:30 ` Re: Role based access control discussion Dave Page <[email protected]>
@ 2025-03-17 09:38 ` Aditya Toshniwal <[email protected]>
2025-03-17 10:09 ` Re: Role based access control discussion Dave Page <[email protected]>
0 siblings, 1 reply; 15+ messages in thread
From: Aditya Toshniwal @ 2025-03-17 09:38 UTC (permalink / raw)
To: Dave Page <[email protected]>; +Cc: pgadmin-hackers
Hi Dave,
On Mon, Mar 17, 2025 at 3:00 PM Dave Page <[email protected]> wrote:
> Hi
>
> On Mon, 17 Mar 2025 at 09:11, Aditya Toshniwal <
> [email protected]> wrote:
>
>> Hi Dave,
>>
>> Essentially, the permissions can be based on the menus:
>>
>> Object Explorer
>>
>> 1. Manage Server Create/Edit/Remove.
>> 2. Create database object (user could still be able to create using
>> query tool)
>>
>> Definitely not the second one. We shouldn't do anything that is enforced
> in the database server - it's unlikely the two permissions systems will
> remain in sync for more than a few minutes, and we shouldn't be duplicating
> server functionality anyway.
>
Yeah. So should I proceed with the implementation?
>
>
>> Tools
>>
>> 1. Tool access like query tool, backup, etc.
>>
>> Storage Manager:
>>
>> 1. Create/Edit/Delete file.
>> 2. Create/Edit/Delete folders.
>>
>>
>> On Thu, Mar 13, 2025 at 8:47 PM Aditya Toshniwal <
>> [email protected]> wrote:
>>
>>>
>>>
>>> On Thu, Mar 13, 2025 at 7:25 PM Dave Page <[email protected]> wrote:
>>>
>>>>
>>>>
>>>> On Thu, 13 Mar 2025 at 13:19, Aditya Toshniwal <
>>>> [email protected]> wrote:
>>>>
>>>>>
>>>>>
>>>>> On Thu, Mar 13, 2025 at 4:54 PM Dave Page <[email protected]> wrote:
>>>>>
>>>>>>
>>>>>>
>>>>>> On Thu, 13 Mar 2025 at 11:07, Aditya Toshniwal <
>>>>>> [email protected]> wrote:
>>>>>>
>>>>>>> Hi Dave,
>>>>>>>
>>>>>>> On Thu, Mar 13, 2025 at 4:27 PM Dave Page <[email protected]> wrote:
>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On Thu, 13 Mar 2025 at 10:26, Aditya Toshniwal <
>>>>>>>> [email protected]> wrote:
>>>>>>>>
>>>>>>>>> Hi Dave,
>>>>>>>>>
>>>>>>>>> On Thu, Mar 13, 2025 at 3:36 PM Dave Page <[email protected]>
>>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>>> Hi
>>>>>>>>>>
>>>>>>>>>> On Thu, 13 Mar 2025 at 06:16, Aditya Toshniwal <
>>>>>>>>>> [email protected]> wrote:
>>>>>>>>>>
>>>>>>>>>>> Hi Hackers,
>>>>>>>>>>>
>>>>>>>>>>> I have started looking into a feature where users have requested
>>>>>>>>>>> for custom roles. The roles can then be assigned permissions. Here's what I
>>>>>>>>>>> think how it can be done:
>>>>>>>>>>>
>>>>>>>>>>> 1. Create a framework for roles based access control.
>>>>>>>>>>> 2. Allow adding/editing/deleting roles from UI.
>>>>>>>>>>> 3. User management dialog can be converted to a tab to get
>>>>>>>>>>> extra space for other stuff.
>>>>>>>>>>> 4. pgAdmin can have some predefined permissions. The
>>>>>>>>>>> permissions can then be used to validate at the API levels and UI.
>>>>>>>>>>> 5. New permissions cannot be added from UI as it will
>>>>>>>>>>> require code changes. They can be added based on user requests.
>>>>>>>>>>> 6. Admin can allow these permissions to the roles and roles
>>>>>>>>>>> can be assigned to users.
>>>>>>>>>>> 7. Permissions will be used to
>>>>>>>>>>> 8. Admin role remains static with no changes allowed.
>>>>>>>>>>>
>>>>>>>>>>> Let me know your thoughts on this. If everything looks good then
>>>>>>>>>>> I will proceed.
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> What permissions would we support initially?
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Based on https://github.com/pgadmin-org/pgadmin4/issues/7310, we
>>>>>>>>> can start with not allowing users to register a server. We'll start 1 or 2
>>>>>>>>> may be, the intention is to create a framework which will allow us to keep
>>>>>>>>> adding permissions on future requests.
>>>>>>>>>
>>>>>>>>
>>>>>>>> The reason I ask is that there's no point in creating a framework
>>>>>>>> if we just end up with a single permission for adding/removing servers. I
>>>>>>>> think it makes sense to be sure there are likely to be other permissions
>>>>>>>> before committing to something likely to be a lot more complex than just
>>>>>>>> adding an attribute to a user.
>>>>>>>>
>>>>>>>
>>>>>>> I understand, but there have been many user requests for custom
>>>>>>> roles. I agree that adding a complex thing like RBAC just for one single
>>>>>>> permission is an overkill. But based on my past experience - users will
>>>>>>> come up with more permissions once they see that they can tweak the
>>>>>>> permissions now.
>>>>>>> What do you suggest we can do?
>>>>>>>
>>>>>>
>>>>>> I do agree, there is the possibility for additional roles to come up,
>>>>>> however, I'm struggling to think what makes sense right now. RBAC access to
>>>>>> tools like psql or the Query Tool don't make much sense - if you can login
>>>>>> to the database server, then there's nothing to stop you just running psql
>>>>>> anyway and bypassing any RBAC we might implement. I suppose there might be
>>>>>> an argument that pgAdmin is being used as a "gateway" to a server on an
>>>>>> otherwise inaccessible network, but then I worry that that opens a whole
>>>>>> other can of worms around locking down ways for users to execute queries
>>>>>> through pgAdmin that we might never have previously considered to be a
>>>>>> problem.
>>>>>>
>>>>>> You say there have been many user requests for custom roles. What
>>>>>> roles were they asking for?
>>>>>>
>>>>> Roles similar to what Grafana provides
>>>>> https://grafana.com/docs/grafana/latest/administration/roles-and-permissions/,
>>>>> but majorly restrictions around server nodes.
>>>>>
>>>>
>>>> Many of those aren't relevant to pgAdmin, but one that did stand out is
>>>> the ability to create/delete folders. That might well be useful to control.
>>>>
>>>
>>> So we have 2-3 now. Let me dig in all the modules if I can find more
>>> useful permissions.
>>>
>>>>
>>>> --
>>>> Dave Page
>>>> pgAdmin: https://www.pgadmin.org
>>>> PostgreSQL: https://www.postgresql.org
>>>> pgEdge: https://www.pgedge.com
>>>>
>>>>
>>>
>>> --
>>> Thanks,
>>> Aditya Toshniwal
>>> pgAdmin Hacker | Sr. Staff SDE II | *enterprisedb.com*
>>> <https://www.enterprisedb.com/;
>>> "Don't Complain about Heat, Plant a TREE"
>>>
>>
>>
>> --
>> Thanks,
>> Aditya Toshniwal
>> pgAdmin Hacker | Sr. Staff SDE II | *enterprisedb.com*
>> <https://www.enterprisedb.com/;
>> "Don't Complain about Heat, Plant a TREE"
>>
>
>
> --
> Dave Page
> pgAdmin: https://www.pgadmin.org
> PostgreSQL: https://www.postgresql.org
> pgEdge: https://www.pgedge.com
>
>
--
Thanks,
Aditya Toshniwal
pgAdmin Hacker | Sr. Staff SDE II | *enterprisedb.com*
<https://www.enterprisedb.com/;
"Don't Complain about Heat, Plant a TREE"
^ permalink raw reply [nested|flat] 15+ messages in thread
* Re: Role based access control discussion
2025-03-13 06:16 Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 10:06 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 10:25 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 10:57 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 11:07 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 11:24 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 13:18 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 13:55 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 15:17 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-17 09:10 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-17 09:30 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-17 09:38 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
@ 2025-03-17 10:09 ` Dave Page <[email protected]>
2025-03-17 10:11 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
0 siblings, 1 reply; 15+ messages in thread
From: Dave Page @ 2025-03-17 10:09 UTC (permalink / raw)
To: Aditya Toshniwal <[email protected]>; +Cc: pgadmin-hackers
Hi
On Mon, 17 Mar 2025 at 09:39, Aditya Toshniwal <
[email protected]> wrote:
> Hi Dave,
>
> On Mon, Mar 17, 2025 at 3:00 PM Dave Page <[email protected]> wrote:
>
>> Hi
>>
>> On Mon, 17 Mar 2025 at 09:11, Aditya Toshniwal <
>> [email protected]> wrote:
>>
>>> Hi Dave,
>>>
>>> Essentially, the permissions can be based on the menus:
>>>
>>> Object Explorer
>>>
>>> 1. Manage Server Create/Edit/Remove.
>>> 2. Create database object (user could still be able to create using
>>> query tool)
>>>
>>> Definitely not the second one. We shouldn't do anything that is enforced
>> in the database server - it's unlikely the two permissions systems will
>> remain in sync for more than a few minutes, and we shouldn't be duplicating
>> server functionality anyway.
>>
> Yeah. So should I proceed with the implementation?
>
If that’s what Akshay wants you working on, then sure :-)
>>
>>> Tools
>>>
>>> 1. Tool access like query tool, backup, etc.
>>>
>>> Storage Manager:
>>>
>>> 1. Create/Edit/Delete file.
>>> 2. Create/Edit/Delete folders.
>>>
>>>
>>> On Thu, Mar 13, 2025 at 8:47 PM Aditya Toshniwal <
>>> [email protected]> wrote:
>>>
>>>>
>>>>
>>>> On Thu, Mar 13, 2025 at 7:25 PM Dave Page <[email protected]> wrote:
>>>>
>>>>>
>>>>>
>>>>> On Thu, 13 Mar 2025 at 13:19, Aditya Toshniwal <
>>>>> [email protected]> wrote:
>>>>>
>>>>>>
>>>>>>
>>>>>> On Thu, Mar 13, 2025 at 4:54 PM Dave Page <[email protected]> wrote:
>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Thu, 13 Mar 2025 at 11:07, Aditya Toshniwal <
>>>>>>> [email protected]> wrote:
>>>>>>>
>>>>>>>> Hi Dave,
>>>>>>>>
>>>>>>>> On Thu, Mar 13, 2025 at 4:27 PM Dave Page <[email protected]>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Thu, 13 Mar 2025 at 10:26, Aditya Toshniwal <
>>>>>>>>> [email protected]> wrote:
>>>>>>>>>
>>>>>>>>>> Hi Dave,
>>>>>>>>>>
>>>>>>>>>> On Thu, Mar 13, 2025 at 3:36 PM Dave Page <[email protected]>
>>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>>> Hi
>>>>>>>>>>>
>>>>>>>>>>> On Thu, 13 Mar 2025 at 06:16, Aditya Toshniwal <
>>>>>>>>>>> [email protected]> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> Hi Hackers,
>>>>>>>>>>>>
>>>>>>>>>>>> I have started looking into a feature where users have
>>>>>>>>>>>> requested for custom roles. The roles can then be assigned permissions.
>>>>>>>>>>>> Here's what I think how it can be done:
>>>>>>>>>>>>
>>>>>>>>>>>> 1. Create a framework for roles based access control.
>>>>>>>>>>>> 2. Allow adding/editing/deleting roles from UI.
>>>>>>>>>>>> 3. User management dialog can be converted to a tab to get
>>>>>>>>>>>> extra space for other stuff.
>>>>>>>>>>>> 4. pgAdmin can have some predefined permissions. The
>>>>>>>>>>>> permissions can then be used to validate at the API levels and UI.
>>>>>>>>>>>> 5. New permissions cannot be added from UI as it will
>>>>>>>>>>>> require code changes. They can be added based on user requests.
>>>>>>>>>>>> 6. Admin can allow these permissions to the roles and roles
>>>>>>>>>>>> can be assigned to users.
>>>>>>>>>>>> 7. Permissions will be used to
>>>>>>>>>>>> 8. Admin role remains static with no changes allowed.
>>>>>>>>>>>>
>>>>>>>>>>>> Let me know your thoughts on this. If everything looks good
>>>>>>>>>>>> then I will proceed.
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> What permissions would we support initially?
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Based on https://github.com/pgadmin-org/pgadmin4/issues/7310, we
>>>>>>>>>> can start with not allowing users to register a server. We'll start 1 or 2
>>>>>>>>>> may be, the intention is to create a framework which will allow us to keep
>>>>>>>>>> adding permissions on future requests.
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> The reason I ask is that there's no point in creating a framework
>>>>>>>>> if we just end up with a single permission for adding/removing servers. I
>>>>>>>>> think it makes sense to be sure there are likely to be other permissions
>>>>>>>>> before committing to something likely to be a lot more complex than just
>>>>>>>>> adding an attribute to a user.
>>>>>>>>>
>>>>>>>>
>>>>>>>> I understand, but there have been many user requests for custom
>>>>>>>> roles. I agree that adding a complex thing like RBAC just for one single
>>>>>>>> permission is an overkill. But based on my past experience - users will
>>>>>>>> come up with more permissions once they see that they can tweak the
>>>>>>>> permissions now.
>>>>>>>> What do you suggest we can do?
>>>>>>>>
>>>>>>>
>>>>>>> I do agree, there is the possibility for additional roles to come
>>>>>>> up, however, I'm struggling to think what makes sense right now. RBAC
>>>>>>> access to tools like psql or the Query Tool don't make much sense - if you
>>>>>>> can login to the database server, then there's nothing to stop you just
>>>>>>> running psql anyway and bypassing any RBAC we might implement. I suppose
>>>>>>> there might be an argument that pgAdmin is being used as a "gateway" to a
>>>>>>> server on an otherwise inaccessible network, but then I worry that that
>>>>>>> opens a whole other can of worms around locking down ways for users to
>>>>>>> execute queries through pgAdmin that we might never have previously
>>>>>>> considered to be a problem.
>>>>>>>
>>>>>>> You say there have been many user requests for custom roles. What
>>>>>>> roles were they asking for?
>>>>>>>
>>>>>> Roles similar to what Grafana provides
>>>>>> https://grafana.com/docs/grafana/latest/administration/roles-and-permissions/,
>>>>>> but majorly restrictions around server nodes.
>>>>>>
>>>>>
>>>>> Many of those aren't relevant to pgAdmin, but one that did stand out
>>>>> is the ability to create/delete folders. That might well be useful to
>>>>> control.
>>>>>
>>>>
>>>> So we have 2-3 now. Let me dig in all the modules if I can find more
>>>> useful permissions.
>>>>
>>>>>
>>>>> --
>>>>> Dave Page
>>>>> pgAdmin: https://www.pgadmin.org
>>>>> PostgreSQL: https://www.postgresql.org
>>>>> pgEdge: https://www.pgedge.com
>>>>>
>>>>>
>>>>
>>>> --
>>>> Thanks,
>>>> Aditya Toshniwal
>>>> pgAdmin Hacker | Sr. Staff SDE II | *enterprisedb.com*
>>>> <https://www.enterprisedb.com/;
>>>> "Don't Complain about Heat, Plant a TREE"
>>>>
>>>
>>>
>>> --
>>> Thanks,
>>> Aditya Toshniwal
>>> pgAdmin Hacker | Sr. Staff SDE II | *enterprisedb.com*
>>> <https://www.enterprisedb.com/;
>>> "Don't Complain about Heat, Plant a TREE"
>>>
>>
>>
>> --
>> Dave Page
>> pgAdmin: https://www.pgadmin.org
>> PostgreSQL: https://www.postgresql.org
>> pgEdge: https://www.pgedge.com
>>
>>
>
> --
> Thanks,
> Aditya Toshniwal
> pgAdmin Hacker | Sr. Staff SDE II | *enterprisedb.com*
> <https://www.enterprisedb.com/;
> "Don't Complain about Heat, Plant a TREE"
>
^ permalink raw reply [nested|flat] 15+ messages in thread
* Re: Role based access control discussion
2025-03-13 06:16 Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 10:06 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 10:25 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 10:57 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 11:07 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 11:24 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 13:18 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 13:55 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 15:17 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-17 09:10 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-17 09:30 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-17 09:38 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-17 10:09 ` Re: Role based access control discussion Dave Page <[email protected]>
@ 2025-03-17 10:11 ` Aditya Toshniwal <[email protected]>
2025-03-17 10:17 ` Re: Role based access control discussion Dave Page <[email protected]>
0 siblings, 1 reply; 15+ messages in thread
From: Aditya Toshniwal @ 2025-03-17 10:11 UTC (permalink / raw)
To: Dave Page <[email protected]>; +Cc: pgadmin-hackers
On Mon, Mar 17, 2025 at 3:39 PM Dave Page <[email protected]> wrote:
> Hi
>
> On Mon, 17 Mar 2025 at 09:39, Aditya Toshniwal <
> [email protected]> wrote:
>
>> Hi Dave,
>>
>> On Mon, Mar 17, 2025 at 3:00 PM Dave Page <[email protected]> wrote:
>>
>>> Hi
>>>
>>> On Mon, 17 Mar 2025 at 09:11, Aditya Toshniwal <
>>> [email protected]> wrote:
>>>
>>>> Hi Dave,
>>>>
>>>> Essentially, the permissions can be based on the menus:
>>>>
>>>> Object Explorer
>>>>
>>>> 1. Manage Server Create/Edit/Remove.
>>>> 2. Create database object (user could still be able to create using
>>>> query tool)
>>>>
>>>> Definitely not the second one. We shouldn't do anything that is
>>> enforced in the database server - it's unlikely the two permissions systems
>>> will remain in sync for more than a few minutes, and we shouldn't be
>>> duplicating server functionality anyway.
>>>
>> Yeah. So should I proceed with the implementation?
>>
>
>
> If that’s what Akshay wants you working on, then sure :-)
>
I was waiting for confirmation if the pgAdmin team would accept it or not :)
>
>
>>>
>>>> Tools
>>>>
>>>> 1. Tool access like query tool, backup, etc.
>>>>
>>>> Storage Manager:
>>>>
>>>> 1. Create/Edit/Delete file.
>>>> 2. Create/Edit/Delete folders.
>>>>
>>>>
>>>> On Thu, Mar 13, 2025 at 8:47 PM Aditya Toshniwal <
>>>> [email protected]> wrote:
>>>>
>>>>>
>>>>>
>>>>> On Thu, Mar 13, 2025 at 7:25 PM Dave Page <[email protected]> wrote:
>>>>>
>>>>>>
>>>>>>
>>>>>> On Thu, 13 Mar 2025 at 13:19, Aditya Toshniwal <
>>>>>> [email protected]> wrote:
>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Thu, Mar 13, 2025 at 4:54 PM Dave Page <[email protected]> wrote:
>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On Thu, 13 Mar 2025 at 11:07, Aditya Toshniwal <
>>>>>>>> [email protected]> wrote:
>>>>>>>>
>>>>>>>>> Hi Dave,
>>>>>>>>>
>>>>>>>>> On Thu, Mar 13, 2025 at 4:27 PM Dave Page <[email protected]>
>>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Thu, 13 Mar 2025 at 10:26, Aditya Toshniwal <
>>>>>>>>>> [email protected]> wrote:
>>>>>>>>>>
>>>>>>>>>>> Hi Dave,
>>>>>>>>>>>
>>>>>>>>>>> On Thu, Mar 13, 2025 at 3:36 PM Dave Page <[email protected]>
>>>>>>>>>>> wrote:
>>>>>>>>>>>
>>>>>>>>>>>> Hi
>>>>>>>>>>>>
>>>>>>>>>>>> On Thu, 13 Mar 2025 at 06:16, Aditya Toshniwal <
>>>>>>>>>>>> [email protected]> wrote:
>>>>>>>>>>>>
>>>>>>>>>>>>> Hi Hackers,
>>>>>>>>>>>>>
>>>>>>>>>>>>> I have started looking into a feature where users have
>>>>>>>>>>>>> requested for custom roles. The roles can then be assigned permissions.
>>>>>>>>>>>>> Here's what I think how it can be done:
>>>>>>>>>>>>>
>>>>>>>>>>>>> 1. Create a framework for roles based access control.
>>>>>>>>>>>>> 2. Allow adding/editing/deleting roles from UI.
>>>>>>>>>>>>> 3. User management dialog can be converted to a tab to get
>>>>>>>>>>>>> extra space for other stuff.
>>>>>>>>>>>>> 4. pgAdmin can have some predefined permissions. The
>>>>>>>>>>>>> permissions can then be used to validate at the API levels and UI.
>>>>>>>>>>>>> 5. New permissions cannot be added from UI as it will
>>>>>>>>>>>>> require code changes. They can be added based on user requests.
>>>>>>>>>>>>> 6. Admin can allow these permissions to the roles and
>>>>>>>>>>>>> roles can be assigned to users.
>>>>>>>>>>>>> 7. Permissions will be used to
>>>>>>>>>>>>> 8. Admin role remains static with no changes allowed.
>>>>>>>>>>>>>
>>>>>>>>>>>>> Let me know your thoughts on this. If everything looks good
>>>>>>>>>>>>> then I will proceed.
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> What permissions would we support initially?
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Based on https://github.com/pgadmin-org/pgadmin4/issues/7310,
>>>>>>>>>>> we can start with not allowing users to register a server. We'll start 1 or
>>>>>>>>>>> 2 may be, the intention is to create a framework which will allow us to
>>>>>>>>>>> keep adding permissions on future requests.
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> The reason I ask is that there's no point in creating a framework
>>>>>>>>>> if we just end up with a single permission for adding/removing servers. I
>>>>>>>>>> think it makes sense to be sure there are likely to be other permissions
>>>>>>>>>> before committing to something likely to be a lot more complex than just
>>>>>>>>>> adding an attribute to a user.
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> I understand, but there have been many user requests for custom
>>>>>>>>> roles. I agree that adding a complex thing like RBAC just for one single
>>>>>>>>> permission is an overkill. But based on my past experience - users will
>>>>>>>>> come up with more permissions once they see that they can tweak the
>>>>>>>>> permissions now.
>>>>>>>>> What do you suggest we can do?
>>>>>>>>>
>>>>>>>>
>>>>>>>> I do agree, there is the possibility for additional roles to come
>>>>>>>> up, however, I'm struggling to think what makes sense right now. RBAC
>>>>>>>> access to tools like psql or the Query Tool don't make much sense - if you
>>>>>>>> can login to the database server, then there's nothing to stop you just
>>>>>>>> running psql anyway and bypassing any RBAC we might implement. I suppose
>>>>>>>> there might be an argument that pgAdmin is being used as a "gateway" to a
>>>>>>>> server on an otherwise inaccessible network, but then I worry that that
>>>>>>>> opens a whole other can of worms around locking down ways for users to
>>>>>>>> execute queries through pgAdmin that we might never have previously
>>>>>>>> considered to be a problem.
>>>>>>>>
>>>>>>>> You say there have been many user requests for custom roles. What
>>>>>>>> roles were they asking for?
>>>>>>>>
>>>>>>> Roles similar to what Grafana provides
>>>>>>> https://grafana.com/docs/grafana/latest/administration/roles-and-permissions/,
>>>>>>> but majorly restrictions around server nodes.
>>>>>>>
>>>>>>
>>>>>> Many of those aren't relevant to pgAdmin, but one that did stand out
>>>>>> is the ability to create/delete folders. That might well be useful to
>>>>>> control.
>>>>>>
>>>>>
>>>>> So we have 2-3 now. Let me dig in all the modules if I can find more
>>>>> useful permissions.
>>>>>
>>>>>>
>>>>>> --
>>>>>> Dave Page
>>>>>> pgAdmin: https://www.pgadmin.org
>>>>>> PostgreSQL: https://www.postgresql.org
>>>>>> pgEdge: https://www.pgedge.com
>>>>>>
>>>>>>
>>>>>
>>>>> --
>>>>> Thanks,
>>>>> Aditya Toshniwal
>>>>> pgAdmin Hacker | Sr. Staff SDE II | *enterprisedb.com*
>>>>> <https://www.enterprisedb.com/;
>>>>> "Don't Complain about Heat, Plant a TREE"
>>>>>
>>>>
>>>>
>>>> --
>>>> Thanks,
>>>> Aditya Toshniwal
>>>> pgAdmin Hacker | Sr. Staff SDE II | *enterprisedb.com*
>>>> <https://www.enterprisedb.com/;
>>>> "Don't Complain about Heat, Plant a TREE"
>>>>
>>>
>>>
>>> --
>>> Dave Page
>>> pgAdmin: https://www.pgadmin.org
>>> PostgreSQL: https://www.postgresql.org
>>> pgEdge: https://www.pgedge.com
>>>
>>>
>>
>> --
>> Thanks,
>> Aditya Toshniwal
>> pgAdmin Hacker | Sr. Staff SDE II | *enterprisedb.com*
>> <https://www.enterprisedb.com/;
>> "Don't Complain about Heat, Plant a TREE"
>>
>
--
Thanks,
Aditya Toshniwal
pgAdmin Hacker | Sr. Staff SDE II | *enterprisedb.com*
<https://www.enterprisedb.com/;
"Don't Complain about Heat, Plant a TREE"
^ permalink raw reply [nested|flat] 15+ messages in thread
* Re: Role based access control discussion
2025-03-13 06:16 Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 10:06 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 10:25 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 10:57 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 11:07 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 11:24 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 13:18 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 13:55 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-13 15:17 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-17 09:10 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-17 09:30 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-17 09:38 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-17 10:09 ` Re: Role based access control discussion Dave Page <[email protected]>
2025-03-17 10:11 ` Re: Role based access control discussion Aditya Toshniwal <[email protected]>
@ 2025-03-17 10:17 ` Dave Page <[email protected]>
0 siblings, 0 replies; 15+ messages in thread
From: Dave Page @ 2025-03-17 10:17 UTC (permalink / raw)
To: Aditya Toshniwal <[email protected]>; +Cc: pgadmin-hackers
On Mon, 17 Mar 2025 at 10:11, Aditya Toshniwal <
[email protected]> wrote:
>
>
> On Mon, Mar 17, 2025 at 3:39 PM Dave Page <[email protected]> wrote:
>
>> Hi
>>
>> On Mon, 17 Mar 2025 at 09:39, Aditya Toshniwal <
>> [email protected]> wrote:
>>
>>> Hi Dave,
>>>
>>> On Mon, Mar 17, 2025 at 3:00 PM Dave Page <[email protected]> wrote:
>>>
>>>> Hi
>>>>
>>>> On Mon, 17 Mar 2025 at 09:11, Aditya Toshniwal <
>>>> [email protected]> wrote:
>>>>
>>>>> Hi Dave,
>>>>>
>>>>> Essentially, the permissions can be based on the menus:
>>>>>
>>>>> Object Explorer
>>>>>
>>>>> 1. Manage Server Create/Edit/Remove.
>>>>> 2. Create database object (user could still be able to create
>>>>> using query tool)
>>>>>
>>>>> Definitely not the second one. We shouldn't do anything that is
>>>> enforced in the database server - it's unlikely the two permissions systems
>>>> will remain in sync for more than a few minutes, and we shouldn't be
>>>> duplicating server functionality anyway.
>>>>
>>> Yeah. So should I proceed with the implementation?
>>>
>>
>>
>> If that’s what Akshay wants you working on, then sure :-)
>>
>
> I was waiting for confirmation if the pgAdmin team would accept it or not
> :)
>
My concerns have been answered, so it's good with me.
--
Dave Page
pgAdmin: https://www.pgadmin.org
PostgreSQL: https://www.postgresql.org
pgEdge: https://www.pgedge.com
^ permalink raw reply [nested|flat] 15+ messages in thread
end of thread, other threads:[~2025-03-17 10:17 UTC | newest]
Thread overview: 15+ messages (download: mbox.gz follow: Atom feed)
-- links below jump to the message on this page --
2025-03-13 06:16 Role based access control discussion Aditya Toshniwal <[email protected]>
2025-03-13 10:06 ` Dave Page <[email protected]>
2025-03-13 10:25 ` Aditya Toshniwal <[email protected]>
2025-03-13 10:57 ` Dave Page <[email protected]>
2025-03-13 11:07 ` Aditya Toshniwal <[email protected]>
2025-03-13 11:24 ` Dave Page <[email protected]>
2025-03-13 13:18 ` Aditya Toshniwal <[email protected]>
2025-03-13 13:55 ` Dave Page <[email protected]>
2025-03-13 15:17 ` Aditya Toshniwal <[email protected]>
2025-03-17 09:10 ` Aditya Toshniwal <[email protected]>
2025-03-17 09:30 ` Dave Page <[email protected]>
2025-03-17 09:38 ` Aditya Toshniwal <[email protected]>
2025-03-17 10:09 ` Dave Page <[email protected]>
2025-03-17 10:11 ` Aditya Toshniwal <[email protected]>
2025-03-17 10:17 ` Dave Page <[email protected]>
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox