Page MenuHomePhabricator
Create Task
Maniphest T319535

Add authorization middleware to our main API
Closed, ResolvedPublic13 Estimated Story Points
Actions

Description

We need to add authorization middleware to our main API so that we can be sure that we can manage user permissions for authenticated users and be able to allow access to certain resources.

Acceptance criteria
We can manage access to resources for autneticated users.

To Do

  • add RBAC middleware to httpuitl submodule, we are using Casbin at the moment
  • add model and policy files to the repo
  • add model and policy files to the IaC
  • make sure that application can work with local model and policy as well as be able to take them from the environment varibles

Notes
You can base the solution on how we do things in this package and okapi-public-api, but make sure to add the code to httputil submodule.

Event Timeline

Protsack.stephan created this task.Oct 6 2022, 12:10 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptOct 6 2022, 12:10 PM
Protsack.stephan triaged this task as High priority.Oct 6 2022, 12:18 PM
Protsack.stephan updated the task description. (Show Details)
Protsack.stephan set the point value for this task to 13.Oct 6 2022, 2:54 PM
Protsack.stephan moved this task from To Be Estimated/To Be Discussed to Estimated /Discussed on the Wikimedia Enterprise board.Oct 6 2022, 3:07 PM
Protsack.stephan assigned this task to Alexander.lauie.Oct 18 2022, 12:57 PM
Protsack.stephan moved this task from Estimated /Discussed to In Progress on the Wikimedia Enterprise board.
AnnaMikla changed the task status from Open to In Progress.Oct 26 2022, 11:09 AM
AnnaMikla changed the task status from In Progress to Open.Oct 28 2022, 12:27 PM
AnnaMikla changed the task status from Open to In Progress.
Alexander.lauie moved this task from In Progress to Merge Request on the Wikimedia Enterprise board.Nov 8 2022, 11:53 PM
Alexander.lauie moved this task from Merge Request to In Progress on the Wikimedia Enterprise board.
Protsack.stephan moved this task from In Progress to Merge Request on the Wikimedia Enterprise board.Nov 21 2022, 5:45 PM
Alexander.lauie moved this task from Merge Request to Machine Readability PB on the Wikimedia Enterprise board.Dec 5 2022, 11:48 AM
Protsack.stephan moved this task from Machine Readability PB to Done Sprint 29 (17Nov-30Nov2022) on the Wikimedia Enterprise board.Dec 5 2022, 2:08 PM
Daria_Kevana changed the task status from In Progress to Open.Dec 5 2022, 4:32 PM
JArguello-WMF moved this task from Done Sprint 29 (17Nov-30Nov2022) to Done Sprint 28 (3Nov-16Nov2022) on the Wikimedia Enterprise board.Jul 14 2023, 3:30 PM
JArguello-WMF moved this task from Done Sprint 28 (3Nov-16Nov2022) to Done 31 on the Wikimedia Enterprise board.
JArguello-WMF closed this task as Resolved.Jul 14 2023, 3:35 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits