Support multiple LDAP groups per role #3

New Issue

nathan · 2024-01-05T15:31:10+11:00

nathan commented

2024-01-05 15:31:10 +11:00

Move LDAP groups out of Roles table and create a separate table that maps LDAP group to role, allowing many-to-one relationship between groups and role.

nathan commented

2024-01-08 21:40:06 +11:00

If we remove GroupId as a Foreign Key constraint on the users table, and create a new user-to-group mapping table, then a user can be a member of multiple groups.

Currently, a user can be a member of only one group. A group can be added to multiple safes. Multiple groups can be added to one safe, either readonly or readwrite.

If we remove GroupId as a Foreign Key constraint on the users table, and create a new user-to-group mapping table, then a user can be a member of multiple groups. Currently, a user can be a member of only one group. A group can be added to multiple safes. Multiple groups can be added to one safe, either readonly or readwrite.

nathan commented

2024-01-08 21:41:23 +11:00

So a user can have access to multiple safes.
A group can have access to multiple safes.
But a user can't be a member of more than one group. That seems ok to me.

So a user can have access to multiple safes. A group can have access to multiple safes. But a user can't be a member of more than one group. That seems ok to me.

nathan commented

2024-01-11 14:54:12 +11:00

Resolved by removing the concept of roles altogether.

nathan closed this issue

2024-01-11 14:54:12 +11:00

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: nathan/smt#3