Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: set all resource policies' allowed_roles to superadmin and admin. #2033

Draft
wants to merge 2 commits into
base: main
Choose a base branch
from
Draft

chore: set all resource policies' allowed_roles to superadmin and admin. #2033

wants to merge 2 commits into from
+37 −9

Conversation

agatha197
Copy link
Contributor

@agatha197 agatha197 commented Apr 18, 2024
edited
Loading

Modify the allowed_roles to allow creation, reading, update, and deletion of resource policies for both superadmin and admin within their respective domains.

Checklist: (if applicable)

  • Milestone metadata specifying the target backport version
  • Mention to the original issue
  • Installer updates including:
    • Fixtures for db schema changes
    • New mandatory config options
  • Update of end-to-end CLI integration tests in ai.backend.test
  • API server-client counterparts (e.g., manager API -> client SDK)
  • Test case(s) to:
    • Demonstrate the difference of before/after
    • Demonstrate the flow of abstract/conceptual models with a concrete implementation
  • Documentation
    • Contents in the docs directory
    • docstrings in public interfaces and type annotations

@agatha197 agatha197 added type:bug Reports about that are not working comp:manager Related to Manager component effort:easy Need to understand only a specific region of codes (good first issue, easy). impact:invisible This change is invisible to users (internal changes). urgency:1 If no other duties are available, volunteer to help. labels Apr 18, 2024
@agatha197 agatha197 added this to the 24.03 milestone Apr 18, 2024
@agatha197 agatha197 self-assigned this Apr 18, 2024
@github-actions github-actions bot added the size:M 30~100 LoC label Apr 18, 2024
@agatha197 agatha197 changed the title fix: set all resource policies' allowed_roles to superadmin and admin. misc: set all resource policies' allowed_roles to superadmin and admin. Apr 18, 2024
@agatha197 agatha197 changed the title misc: set all resource policies' allowed_roles to superadmin and admin. chore: set all resource policies' allowed_roles to superadmin and admin. Apr 18, 2024
kyujin-cho
kyujin-cho reviewed Apr 29, 2024
View reviewed changes
Copy link
Member

@kyujin-cho kyujin-cho left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

By allowing these mutations to plain admin will there by any chance of the user crossing its domain boundary and altering settings of projects residing in other domain?

@agatha197 agatha197 marked this pull request as draft May 10, 2024 09:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kyujin-cho kyujin-cho kyujin-cho left review comments

@fregataa fregataa Awaiting requested review from fregataa

Assignees

@agatha197 agatha197

Labels
comp:manager Related to Manager component effort:easy Need to understand only a specific region of codes (good first issue, easy). impact:invisible This change is invisible to users (internal changes). size:M 30~100 LoC type:bug Reports about that are not working urgency:1 If no other duties are available, volunteer to help.
Projects
None yet
Milestone
24.03
Development

Successfully merging this pull request may close these issues.
2 participants
@agatha197 @kyujin-cho