Added table for full admin access #165
Conversation
| __table_args__ = {"schema": "global"} | ||
| id = Column(UUID(as_uuid=True), primary_key=True, default=uuid.uuid4) | ||
| email = Column(String, unique=True) | ||
| meta_info = Column(JSON) |
There was a problem hiding this comment.
for now it is not used, but i added it for any additional configuration if we need it in future
There was a problem hiding this comment.
IMO we should be using a different approach here. Instead of the full_admin_access table, we should create a user_role (id, name) table and expand the user model to include user_role_id_fk. Role name should, for now, contain values user and admin (additionally maybe superuser for even more elevated permissions). We could default all existing users to the role user and only set admin or superuser manually (or through admin-dashboard).
This way, we can further expand on permissions in the future by adding a new table user_role_permissions (id, user_role_id_fk, permission_target, permission, permission_target_id NULLABLE) with e.g. record (<uuid>, <uuid>, 'refinery_project', 'read_write', <refinery_project uuid>).
There was a problem hiding this comment.
for now we keep it as currently implemented. We need to rework the role system at some point for the whole application and a partial but more complex solution will only add to the complexity when we have the change to implement. For now a simple lookup in a table is sufficient
Main PR: https://github.com/code-kern-ai/admin-dashboard/pull/75