coollabsio
[Bug]: Team Member Permissions
Description
The current permission structure for team grants the same level of deletion authority to all team members, irrespective of their role (owner, admin, or regular member). This means that any team member has the authority to delete any deployed service or project, regardless of who created it.
Minimal Reproduction (if possible, example repository)
Proposed Permission Structure:
Owner:
- Has full access to manage all services and projects.
- Can create, edit, delete, deploy, and view all projects.
- Deployed services and projects remain hidden by default until explicitly exposed by the owner. Admin:
- Can manage and delete services and projects created by members, but not those created by the owner. Member:
- Can only delete their own deployments.
- Can view and collaborate on assigned projects.
Bonus: Consider a "User" role for a Non-Technical Member.
- Can deploy required Template
- Gets direct link access.
- Delete own deployments.
- limited side bar items
Deployed services and projects remain hidden by default unless granted specific access by owner or admin.
Exception or Error
No response
Version
v4.0.0-beta.285
Id need this to work as expected as well. The possibility of any team member having root level privileges (especially through "command center") is too much of a concern to move everything to coolify for me.
In fact, this is a situation that has also bothered me.
It is a very dangerous hierarchical logic flaw, especially for companies that use Coolify as a solution, I hope that this wonderful team that provides us with such a useful tool like this can fix this bug.
Any Chance to give a user only access to one Resource without giving access to the entire Team?
