PostHog
feat: WIP rbac
Problem
Very WIP - testing out ideas and feasability
Changes
- Major refactor of how we do permissioning at an object and resource level.
- Standardises ExplicitTeamPermissions, FeatureFlag access, DashboardCollaborators all into a single
AccessControlconcept. - Allows configuring of AccessControls at an object level (i.e. No one can access my Notebook by default unless I give them access)
- Allows configuring of AccessControls at a resource level (i.e. Generally is someone able to edit Feature flags or not)
- AccessControls can be specified per-user or per-role
TODO
- [x] Base UI
- [x] Replace ExplictTeamMembership UI with new one
- [x] Make default be "all access" with ability to change it to no access.
- [x] Change routes to always be actions of other endpoints (for editing)
- [x] Add indicator of whether you can edit access or not
- [x] Replace FeatureFlag Permissions UI with new one
- [x] Replace Roles UI with new one
- [x] Make the default be "view"
- [ ] Fix it so you can deselect an override
- [x] Put back in paygate controls
- [x] Feature flag it
- [ ] How to add an access control as you create? If we don't default to scoped to the user then what do we do đ¤
- [x] Implement new permissions for Projects
- [x] Implement new permissions for main things for now - Dashboards, Insights, Flags, Notebooks, Experiments, Surveys, Plugins, EAF
- [x] Fix clashing permissions issues...
- [ ] Fix nested things like for dashboards -> insights
- [x] Account for the creator of a thing should always be able to see the thing (i guess?)
- [x] Optimize caching of various DB calls
- [x] Fix listing of resources to include access control info efficiently
Follow up / out of scope
https://github.com/PostHog/posthog/issues/21222
đ Stay up-to-date with PostHog coding conventions for a smoother review.
How did you test this code?
đ¸ UI snapshots have been updated
1 snapshot changes in total. 0 added, 1 modified, 0 deleted:
-
chromium: 0 added, 1 modified, 0 deleted (diff for shard 2) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.
Size Change: +285 B (0%)
Total Size: 1.05 MB
âšī¸ View Unchanged
| Filename | Size | Change |
|---|---|---|
frontend/dist/toolbar.js |
1.05 MB | +285 B (0%) |
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
đ¸ UI snapshots have been updated
1 snapshot changes in total. 0 added, 1 modified, 0 deleted:
-
chromium: 0 added, 1 modified, 0 deleted (diff for shard 2) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.
đ¸ UI snapshots have been updated
2 snapshot changes in total. 0 added, 2 modified, 0 deleted:
-
chromium: 0 added, 2 modified, 0 deleted (diff for shard 1) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.
đ¸ UI snapshots have been updated
2 snapshot changes in total. 0 added, 2 modified, 0 deleted:
-
chromium: 0 added, 2 modified, 0 deleted (diff for shard 1) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.
đ¸ UI snapshots have been updated
2 snapshot changes in total. 0 added, 2 modified, 0 deleted:
-
chromium: 0 added, 2 modified, 0 deleted (diff for shard 1) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.
đ¸ UI snapshots have been updated
1 snapshot changes in total. 0 added, 1 modified, 0 deleted:
-
chromium: 0 added, 1 modified, 0 deleted (diff for shard 2) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.
đ¸ UI snapshots have been updated
1 snapshot changes in total. 0 added, 1 modified, 0 deleted:
-
chromium: 0 added, 1 modified, 0 deleted (diff for shard 2) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.
đ¸ UI snapshots have been updated
1 snapshot changes in total. 0 added, 1 modified, 0 deleted:
-
chromium: 0 added, 1 modified, 0 deleted (diff for shard 1) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.
đ¸ UI snapshots have been updated
2 snapshot changes in total. 0 added, 2 modified, 0 deleted:
-
chromium: 0 added, 2 modified, 0 deleted (diff for shard 1, diff for shard 2) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.
đ¸ UI snapshots have been updated
1 snapshot changes in total. 0 added, 1 modified, 0 deleted:
-
chromium: 0 added, 1 modified, 0 deleted (diff for shard 2) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.
đ¸ UI snapshots have been updated
1 snapshot changes in total. 0 added, 1 modified, 0 deleted:
-
chromium: 0 added, 1 modified, 0 deleted (diff for shard 2) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.
đ¸ UI snapshots have been updated
1 snapshot changes in total. 0 added, 1 modified, 0 deleted:
-
chromium: 0 added, 1 modified, 0 deleted (diff for shard 2) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.
đ¸ UI snapshots have been updated
1 snapshot changes in total. 0 added, 1 modified, 0 deleted:
-
chromium: 0 added, 1 modified, 0 deleted (diff for shard 2) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.
đ¸ UI snapshots have been updated
1 snapshot changes in total. 0 added, 1 modified, 0 deleted:
-
chromium: 0 added, 1 modified, 0 deleted (diff for shard 2) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.
đ¸ UI snapshots have been updated
7 snapshot changes in total. 0 added, 7 modified, 0 deleted:
-
chromium: 0 added, 7 modified, 0 deleted (diff for shard 1, diff for shard 2) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.
đ¸ UI snapshots have been updated
1 snapshot changes in total. 0 added, 1 modified, 0 deleted:
-
chromium: 0 added, 1 modified, 0 deleted (diff for shard 2) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.
đ¸ UI snapshots have been updated
4 snapshot changes in total. 0 added, 4 modified, 0 deleted:
-
chromium: 0 added, 4 modified, 0 deleted (diff for shard 1) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.
đ¸ UI snapshots have been updated
2 snapshot changes in total. 0 added, 2 modified, 0 deleted:
-
chromium: 0 added, 2 modified, 0 deleted (diff for shard 2) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.
đ¸ UI snapshots have been updated
2 snapshot changes in total. 0 added, 2 modified, 0 deleted:
-
chromium: 0 added, 2 modified, 0 deleted (diff for shard 2) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.
đ¸ UI snapshots have been updated
1 snapshot changes in total. 0 added, 1 modified, 0 deleted:
-
chromium: 0 added, 1 modified, 0 deleted (diff for shard 2) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.
đ¸ UI snapshots have been updated
1 snapshot changes in total. 0 added, 1 modified, 0 deleted:
-
chromium: 0 added, 1 modified, 0 deleted (diff for shard 2) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.
đ¸ UI snapshots have been updated
1 snapshot changes in total. 0 added, 1 modified, 0 deleted:
-
chromium: 0 added, 1 modified, 0 deleted (diff for shard 2) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.
đ¸ UI snapshots have been updated
1 snapshot changes in total. 0 added, 1 modified, 0 deleted:
-
chromium: 0 added, 1 modified, 0 deleted (diff for shard 2) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.
đ¸ UI snapshots have been updated
1 snapshot changes in total. 0 added, 1 modified, 0 deleted:
-
chromium: 0 added, 1 modified, 0 deleted (diff for shard 2) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.
đ¸ UI snapshots have been updated
1 snapshot changes in total. 0 added, 1 modified, 0 deleted:
-
chromium: 0 added, 1 modified, 0 deleted (diff for shard 2) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.
đ¸ UI snapshots have been updated
1 snapshot changes in total. 0 added, 1 modified, 0 deleted:
-
chromium: 0 added, 1 modified, 0 deleted (diff for shard 2) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.
đ¸ UI snapshots have been updated
3 snapshot changes in total. 0 added, 3 modified, 0 deleted:
-
chromium: 0 added, 3 modified, 0 deleted (diff for shard 1, diff for shard 2) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.
đ¸ UI snapshots have been updated
1 snapshot changes in total. 0 added, 1 modified, 0 deleted:
-
chromium: 0 added, 1 modified, 0 deleted (diff for shard 1) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.
đ¸ UI snapshots have been updated
1 snapshot changes in total. 0 added, 1 modified, 0 deleted:
-
chromium: 0 added, 1 modified, 0 deleted (diff for shard 1) -
webkit: 0 added, 0 modified, 0 deleted
Triggered by this commit.
đ Review this PR's diff of snapshots.