(Engineer) Esha and (QA) Quinton may belong to the same team. When Quinton makes an environment, it should also be available to Esha and vise-versa. If Esha sets up CI to make environments on merge request, those should be available to Quinton.
Toolforge may not have a concept of teams, instead they have maintainers at the tool level. If each environment is a tool, then Catalyst may need to keep track of teams and sync tools/maintainers when new environments or team members are added.
- can we add and remove members from tools through the API
- can we leverage things from LDAP (e.g. groups) to manage team membership and access control
- can non-user account (i.e. clients) be given access to this LDAP
- should dealing with teams be left out of the scope of the prototype?
- what other ways could we hack on access control? (user specifies maintainers at creation time / CI run time?)