Rahmat Hidayat
Rahmat Hidayat
for a case when the invitation is not accepted by the user, we might need another access status called `canceled`/`ignored`
@ravisuhag we're assuming the invitation-based membership might be common for other providers (need to validate further). That aside, IMO `pending` and `canceled/ignored` statuses still can be relevant to `access` even...
@ravisuhag @AkarshSatija @mabdh @bsushmith @singhvikash11 need your help to go through this rfc 🙏
> There should be an admin page and the admin/approver could revoke this access from users later. @singhvikash11 currently anyone with the revoke API access can revoke any appeals, it's...
found an edge case: since provider resources are not synced to guardian in real time, when importing existing access from provider, there might be a chance it contains access from...
Have thought of merging this import access with the existing `FetchResources` process since for import access we are doing it for every resource in the provider. We can rename `FetchResources`...
as discussed, we will keep both processes decoupled until we see better use cases or requirements for that. Import Access will still be done through an API but user can...
If later we decided to do this, I vote for working on https://github.com/odpf/guardian/issues/242 first before working on this issue, so that we can have more confidence on the tests after...
this relates to https://github.com/odpf/guardian/issues/128, having dry-run capability on creating policy can help to validate the policy config
Instead, we can just have an enable/disable flag in the policy to allow users to create an appeal for another user to make it more straightforward. Also other things to...