gitpod icon indicating copy to clipboard operation
gitpod copied to clipboard
verified publisher icon gitpod-io

Epic: Foundations for Fine Grained Authorization

Open easyCZ opened this issue 3 years ago • 1 comments

Summary

This epic captures the work to improve the existing Gitpod Authorization and enable the capability to support fine grained authorization.

Context

Historically, the authorization model of gitpod is modelled around users and their team membership. In order to support Gitpod admins with finer-grained permissions, we also need to improve on our existing system.

Value

The Authorization Model is central to Gitpod operations. Without it, we cannot answer questions such as:

  • Does user X, have the ability to list workspaces of all members in a team?
  • Can user X setup billing for team T?

Tasks

Initial setup

  • [x] #15633
  • [x] #15634
  • [x] #15951
  • [x] #15952
  • [x] #16039

Populating SpiceDB

  • [x] #16102
  • [x] #16103
  • [x] #16239
  • [x] #16240

easyCZ avatar Jan 09 '23 12:01 easyCZ

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

stale[bot] avatar May 22 '23 04:05 stale[bot]