notifications icon indicating copy to clipboard operation
notifications copied to clipboard
verified publisher icon opensearch-project

[FEATURE] - Add setting to control user access

Open markdboyd opened this issue 2 months ago • 1 comments

Is your feature request related to a problem?

Currently, this plugin has hard-coded logic to allow users to access each other's notification objects if they share any backend roles:

https://github.com/opensearch-project/notifications/blob/main/notifications/notifications/src/main/kotlin/org/opensearch/notifications/security/UserAccessManager.kt#L60

We would like to support limiting access to users who share all backend roles, not just one.

What solution would you like?

We would like to support limiting access to users who share all backend roles, not just one.

Perhaps a setting could be added to the plugin settings allowing control over how much backend roles are evaluated to determine access. The options could be:

  • intersect - The current behavior where users sharing any roles will have access
  • all - The new behavior where users have to share all backend roles to have access

What alternatives have you considered?

None

Do you have any additional context? Add any other context or screenshots about the feature request here.

markdboyd avatar Oct 03 '25 20:10 markdboyd

Catch All Triage - 1 2 3

@toepkerd can a maintainer take a look at this feature request?

/cc @cwperks

andrross avatar Oct 27 '25 16:10 andrross