Skip to content

adapt replication-backend to give access only to own user's notifications_xxx DB #172

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
1 of 2 tasks
sleidig opened this issue Jan 28, 2025 · 1 comment
Open
1 of 2 tasks
Labels
Status: Complex Issue advanced, particularly challenging topic that requires extensive knowledge of the code base

Comments

@sleidig
Copy link
Member

sleidig commented Jan 28, 2025

  • Check and possible adapt the Permission system in the replication-backend as we introduce additional databases (notifications-<USER_ID>). Do the endpoints still function as expected?
  • Adapt the permission system to grant/deny access to a whole user-specific database:
    • e.g. by default a user should always access the CouchDBs for that account (notifications-<MY_USER_ID>) but never those of other accounts (notifications-<OTHER_USER_ID>).
    • an explicit permission for the NotificationEvent entity type shouldn't be required in Config:Permissions (because the access is handled by splitting it into the user-specific couchdb)
    • How do we encode or hard-code these rules?
    • Implement the additional checks
@sleidig sleidig self-assigned this Jan 28, 2025
@sleidig sleidig added the Status: Complex Issue advanced, particularly challenging topic that requires extensive knowledge of the code base label Feb 7, 2025
@sleidig sleidig removed their assignment Feb 7, 2025
@sleidig sleidig transferred this issue from Aam-Digital/ndb-core Feb 11, 2025
@sleidig
Copy link
Member Author

sleidig commented Feb 12, 2025

The sync with additional CouchDB's (other than "app" also syncing "notifications-xxx") seems to work fine without explicit changes to replication-backend

@sleidig sleidig changed the title adapt replication-backend for handling multiple databases adapt replication-backend to give access only to own user's notifications_xxx DB Mar 14, 2025
@sleidig sleidig moved this from Planned (current "sprint") to Todo (ready for work) in All Tasks & Issues Mar 14, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Status: Complex Issue advanced, particularly challenging topic that requires extensive knowledge of the code base
Projects
Status: Todo (ready for work)
Development

No branches or pull requests

1 participant