Cap-go
rights system
Describe the bug/issue Capgo access right list
admin ( allow impersonation) User account self access User account self delete Org write Org read ( outside of billing ) Org usage read Org billing write Org billing read Org users write Org users read Apps update Apps create Apps read App id write App id reqd Channels update Channels create Channels read Channels logs read Channel id write Channel id read Channel id log read Devices write Devices read Devices Logs read Bundles edit Bundles create Bundles read
then api key should switch to use the same system bur for them we will check twice in RLS once for the APIKEY itself and one for the user it belong to.
there is no more order of rights, or you have it or not
When user is added to org we will propose or to use basic preset or allow custom for each in the list.
Admin of the org should be granted all rights in the list ( there is no more rights orders)
If channel allow override, it should be add to all users as read who don’t have channels right. Or allow it in RLS by default
Override should be maybe renamed public, and should be default true (maybe )
We need to write migration for current right system for org + api key
Self access is a basic right user should have to use any auth access. When user delete his account but was part of org he doesn’t own he will not be deleted
