packit-service icon indicating copy to clipboard operation
packit-service copied to clipboard
verified publisher icon packit

Permission checks are done per-job, not per-installation

Open lachmanfrantisek opened this issue 2 years ago • 3 comments

This task is to not do any permission check right after the Packit service setup but to do it on a job-level basis.

Why?

  • We already have a few job-only checks.
  • We don't need to require permissions that are not relevant when a user doesn't use a particular job.
  • For GitLab, the automatic FAS mapping after the installation does not work => we need to handle this somehow. (Related to #1707 )
  • Requirements can be more easily documented and the reasoning is easier to provide.

TODO:

  • [x] #1964 (:exclamation: high priority)
  • [ ] ~#1990 (:exclamation: high priority)~
  • [ ] ~#2052 (:exclamation: high priority)~
  • [ ] #1850 (lowe priority)
  • [ ] packit/packit.dev#620 (low priority)
  • [ ] #1965 (low priority)

lachmanfrantisek avatar Jan 16 '23 11:01 lachmanfrantisek

Output from Packit 2023/Q1 planning meeting:

  • What's the benefit? easier, clearer installation for the users; better UX in general

  • Who will benefit? all (new) users

lbarcziova avatar Jan 16 '23 13:01 lbarcziova

After a team discussion, we didn't pick this as a top Packit team priority for the next quarter and preferred epics with bigger user benefits. (Sadly, we have limited resources.) If anyone wants to help us with this, we will be really glad. We are open to any collaboration and have successfully implemented/started multiple affords thanks to people outside of the Packit team.

lachmanfrantisek avatar Sep 27 '23 13:09 lachmanfrantisek