Uploaded image for project: 'Acumos'
  1. Acumos
  2. ACUMOS-3659

Restrict catalogs based on role

    XMLWordPrintable

    Details

    • Epic Name:
      Restrict catalogs based on role
    • Sprint:
      Demeter Bugfix Sprint-4

      Description

      Requirement: 

      • Provide granular access level control on federated catalogs/models, so that the models federated from company1 are not completely open to all employees in company2.
      • Above requirement also aligns with requirement tracked here at item#15 - https://wiki.acumos.org/display/MOB/Demeter+proposal

      Proposed solution/implementation details (please create below dev tasks and assign to appropriate resources):

      1. New Portal screen to allow admin to manage (create, edit, delete) user access roles
      2. Revise Portal catalog management screen to allow admin to view, add, delete access roles for a catalog.
      3. Revise Portal user management screen to allow admin to view, add, delete access roles for a user
      4. CDS provide new endpoints to view, add, delete access roles for a catalog
      5. CDS Query support to 1) retrieve catalogs based on user's role and 2) retrieve models based on accessible catalogs and user's role.
      6. Portal update the "Select Favorite Catalogs" screen by using above CDS role based catalogs query to show the accessible catalogs to logged-in user.
      7. Portal update the "Marketplace" screen to filter the list of models  by using the above CDS role based models query to retrieve models based on accessible catalogs and user's role.
      8. Federation create newly federated catalogs as restricted with no roles assigned

      Use case:

      1. Company2 subscribes to Company 1's "Comp1 catalog" and federation copies over catalog. After the copy, only admin users can see the catalog.
      2. Company2's admin creates role "Comp1 restricted role" in Company2 Portal.
      3. Company2's admin assigns role "comp1 restricted role" to catalog "Comp1 catalog".
      4. Company2's admin assigns User1 to role "comp1 restricted role".
      5. User1 is the only non-admin user who can view the "Comp1 catalog" from Portal's market place.

       

      18 Nov 2019 - Everyone agreed at 3pm meeting to go-ahead with above requirement and also with the solution focused in single system (rather than using multiple Acumos instances).

       

        Attachments

          Issue Links

          # Subject Branch Project Status CR V

            Activity

              People

              Assignee:
              tausifk Tausif Khanooni
              Reporter:
              talasila Manoop Talasila
              Votes:
              0 Vote for this issue
              Watchers:
              11 Start watching this issue

                Dates

                Created:
                Updated: