Feature/permission matrix#9641
Open
Daena-Crosby wants to merge 17 commits intoHumanSignal:developfrom
Open
Conversation
feat: resize left-right sidebar (Task #9)
Daena-Crosby
requested review from
a team,
hlomzik and
nick-skriabin
as code owners
👷 Deploy request for label-studio-docs-new-theme pending review.Visit the deploys page to approve it
|
👷 Deploy request for heartex-docs pending review.Visit the deploys page to approve it
|
✅ Deploy Preview for label-studio-storybook ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
✅ Deploy Preview for label-studio-playground ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Pull Request Description
This PR introduces a canonical permission matrix with role‑based access control and audit logging. It defines two roles—Admin and Annotator—with granular permissions across eight resource types: Users, Projects, Tasks, Annotations, Labels/Taxonomy, Export, API Keys, and Audit Logs.
Key components include:
permissions.json) serving as the single source of truth for all permission decisions.Rollout Strategy
The rollout is staged in three phases. Phase 1, delivered in this PR, establishes the core infrastructure: the matrix, JWT role embedding, guards, and audit logging. Phase 2 will extend RoleBasedPermission to all remaining API routes. Phase 3 will add comprehensive integration tests to ensure 100% coverage of matrix combinations across endpoints.
Testing Status
Unit tests confirm correct matrix loading, role extraction, permission checks, and audit log creation. JWT payloads include roles for both admin and annotator users, and unauthenticated users default to annotator. AuditLog entries are correctly recorded. However, integration tests are missing, and many routes still lack RoleBasedPermission enforcement.
Risks and Notes
The most pressing risk is incomplete route protection: only six views are currently guarded, leaving more than twenty exposed. AuditLog volume may become significant in high‑traffic deployments, requiring monitoring and possible archiving. Role assignment is tied to Django Group membership, which may not scale to multi‑organization setups.
General notes emphasize that
permissions.jsonmust remain the single source of truth, with no hardcoded role checks elsewhere. Default role assignment follows the principle of least privilege, ensuring unassigned users cannot access restricted resources.Reviewer Guidance
Reviewers should verify that
permissions.jsonaccurately reflects the intended permission matrix, confirm AuditLog indexing performance in staging, and ensure that Phase 2 applies RoleBasedPermission to all remaining views. JWT authorization headers should also be validated at the frontend or gateway level.This structure makes the information easier to digest, highlighting the current state, what’s included, what’s missing, and what reviewers should focus on. Would you like me to also condense this into a short executive summary (like a one‑paragraph overview for leadership), or keep it detailed for technical reviewers?