Skip to content

Authorization for Blobs/Objects #1811

Description

@krowvin

Is your feature request related to a problem? Please describe.

Add the ability set specific users to be able to read and/or write certain files via required login.

Describe the solution you'd like
Make use of the work on

To allow the blob endpoint (objects) to be readable and/or writable by specific user lists/accounts.

Would like to see a role(s) added to support managing these user groups.

Ideally the blobs could also be in groups as well so that this does not require a 1 to many relation ship and could be many to many.

I.e.

Object group / blobs
forecasting-reports

  • forecast.txt
  • forecast.dss
  • forecast.json
  • etc

Users List
Forecast Users

Object group can map to User List

forecast-reports <-> Forecast Users
or
forecast.txt -> Forecast Users
or
forecast-reports <- bob@bob.com

Describe alternatives you've considered
Add files to S3 directly or place them in the public dir in our repo. Currently all blobs are listable.

Should this be worked on now, or wait and be done with the authorization work?

Additional context
Users currently place files places on the site and benefit from lack of discovery for unlisted content.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions