You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When a group extends another group, members inherit the highest permission level between the groups
Example: If a user has "writer" access in group A and "reader" access in group B, and group B extends group A, the user gets "writer" access in both groups
Problem Statement
There's a need to support permission level capping when extending groups, particularly for cases where organization-wide access should be restricted to specific permission levels (e.g., read-only access to billing documents).
Proposed Solution
Add role mapping capability to group extension with two possible API designs:
billing.extend(organizationGroup,"reader")
After this every member from organizationGroup that has a role that can be inherited (admin, reader, writer) is set to "reader" on billing.
It will be also possible to upgrade the roles from the source group:
billing.extend(organizationGroup, "writer")
With this extension every member from organizationGroup, even readers, will become a writer on billing.
The text was updated successfully, but these errors were encountered:
Current Behavior
Problem Statement
There's a need to support permission level capping when extending groups, particularly for cases where organization-wide access should be restricted to specific permission levels (e.g., read-only access to billing documents).
Proposed Solution
Add role mapping capability to group extension with two possible API designs:
After this every member from organizationGroup that has a role that can be inherited (admin, reader, writer) is set to "reader" on billing.
It will be also possible to upgrade the roles from the source group:
With this extension every member from organizationGroup, even readers, will become a writer on billing.
The text was updated successfully, but these errors were encountered: