Versions Compared

Version Old Version 16 New Version Current
Changes made by

Alessandro Domanico

Alessandro Domanico

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Page Properties
label

Status

Status
colourYellowGreen
titleIN PROGRESSDONE

Impact

Status
colourYellow
titleMEDIUM
(core+api+ui) or
Status
colourRed
titleHIGH
(core+api+ui+gui)

Driver

Alessandro Domanico 

Approver

Alessandro Domanico

Stakeholders

Antonio Verni Niccolò Pasquetto Riccardo Costa Paurav Munshi Alessandro Falezza Andrei Dodu

Informed

Ilario Gavioli

Due date

Outcome

Option 1: RBAC

...

It would be nice to use the same DB tables, by adding new ones

Options considered

Option 1:

Option 2:

Description

RBAC

ABAC

Pros and cons

(plus) There’s a React guideline

(plus) It is already implemented

(minus) Doesn’t provide fine graned policies as ABAC

(plus) provides fine graned policies for accessing resources (see examples)

(minus) it requires a new complex architecture (see architecture)

Estimated cost

Status
colourGreen
titleLOW

Status
colourYellow
titleMEDIUM

Action items

  •  To define a permissions’ schema pattern
  •  To create a Jira issue with the specifications (
    Jira Legacy
    serverSystem JIRAJira
    serverIdf0d90336-9135-337c-8387-a97c21b1155f
    keyOP-727868
    )

Outcome

Different analysis led to the same conclusion: in order to improve (in the short-term) the actual permissions system in the web application (core+api+ui) with minimum changes it will be enough to develop the proposed solution (Paurav Munshi) which introduces:

...