Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for change approval #117

Closed
6 tasks
rajdip-b opened this issue Feb 8, 2024 · 2 comments
Closed
6 tasks

Support for change approval #117

rajdip-b opened this issue Feb 8, 2024 · 2 comments
Assignees
@rajdip-b
Labels
help wanted Extra attention is needed scope: api Everything related to the API type: enhancement New feature or request
Milestone
Release v1

Comments

@rajdip-b
Copy link
Member

rajdip-b commented Feb 8, 2024

Description

Currently, anyone with the permissions can change anything they want. While this is good for small projects, as and when they grow, we would appreciate a little bit more control over how our data is modified.

That's when approvals can help us. Every workspace will have the option to opt in to approvals. If enabled, every change will go through a process of the workspace admins verifying the changes by themselves before they go live.

The target entities of change would be these:

  • Secret
  • Project
  • Environment
  • Configuration
  • Workspace role
  • Workspace Membership

Doing any sorts of update, creation or deletion will trigger these approval requests.

Solution

To implement this feature, we would need to add another entity in the prisma.schema file. Although we are open to discussions about the structure, we would really like to emphasize on the factor of accountability. An example schema might look something like this:

id    String
title    String
createdOn    Date
approvedOn    Date
rejectedOn    Date
status    PENDING|APPROVED|REJECTED
approvedBy    User
rejectedBy    User

project    Project?
environment    Environment?
workspaceRole    WorkspaceRole?
workspaceMembershiopp    WorkspaceMember?
secret    Secret?
configuration    Configuration?

After this, we would need a fully working CRUD API under /api/approval to manage the approvals. Note that only users with MANAGE_APPROVAL can act (approve/reject/view) the approvals of other users. Although, users can view their own approval requests.

Additional context

  • Add new entity in prisma.schema
  • Add module, controller and service
  • Add helper functions if required
  • Update existing UPDATE, CREATE, DELETE functionalities of the target entities to send in an approval request if workspace has approval flow enabled
  • Add appropriate unit tests
  • Add appropriate e2e tests
@rajdip-b rajdip-b added type: enhancement New feature or request help wanted Extra attention is needed scope: api Everything related to the API labels Feb 8, 2024
@rajdip-b rajdip-b added this to the Release v1 milestone Feb 8, 2024
@rajdip-b rajdip-b moved this to Todo in keyshade-api Feb 8, 2024
@rajdip-b rajdip-b mentioned this issue Feb 8, 2024
Closed
@rajdip-b rajdip-b self-assigned this Feb 26, 2024
@rajdip-b rajdip-b moved this from Todo to In progress in keyshade-api Feb 26, 2024
@rajdip-b
Copy link
Member Author

Change approval support

@rajdip-b
Copy link
Member Author

Fixed by #158

@github-project-automation github-project-automation bot moved this from In progress to Done in keyshade-api Apr 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rajdip-b rajdip-b

Labels
help wanted Extra attention is needed scope: api Everything related to the API type: enhancement New feature or request
Projects
keyshade-api
Status: Done
Milestone
Release v1
Development

No branches or pull requests
1 participant
@rajdip-b