local-it/mitgliederverwaltung
2
3
Fork 0
Code Issues 66 Pull requests 6 Projects 3 Releases Packages 1 Activity Actions

[FEATURE]: Authorization #376

New issue
Closed
opened 2026-01-27 13:23:37 +01:00 by simon · 1 comment
simon commented 2026-01-27 13:23:37 +01:00
Owner
Copy link

Description

Implement permission-based access control for groups, ensuring only administrators can manage groups while all users with member read permission can view them.

Estimated effort: 1-2h

Acceptance criteria

  • Groups added to all permission sets (read access for all, manage for admins only)
  • Authorization policies implemented for Group resource
  • UI permission checks implemented (hide create/edit/delete buttons for non-admins)
  • Only admins can create groups
  • Only admins can edit groups
  • Only admins can delete groups
  • All users with member read permission can view groups
  • Permission enforcement tested

External or internal Dependencies

  • All previous issues (Feature must be functional)
## Description Implement permission-based access control for groups, ensuring only administrators can manage groups while all users with member read permission can view them. **Estimated effort:** 1-2h ## Acceptance criteria - [ ] Groups added to all permission sets (read access for all, manage for admins only) - [ ] Authorization policies implemented for Group resource - [ ] UI permission checks implemented (hide create/edit/delete buttons for non-admins) - [ ] Only admins can create groups - [ ] Only admins can edit groups - [ ] Only admins can delete groups - [ ] All users with member read permission can view groups - [ ] Permission enforcement tested ## External or internal Dependencies - All previous issues (Feature must be functional)
simon added this to the Optional: I can group members milestone 2026-01-27 13:23:37 +01:00
simon added the
enhancement
S
 labels 2026-01-27 13:23:37 +01:00
simon added this to the Sprint 11: 08.01-29.01 project 2026-01-27 13:23:37 +01:00
simon self-assigned this 2026-01-28 10:52:40 +01:00
simon modified the project from Sprint 11: 08.01-29.01 to Sprint 12: 29.01.- 19.02 2026-01-29 11:16:40 +01:00
moritz commented 2026-02-04 12:10:51 +01:00
Owner
Copy link

Done in #404
But I decided for now to manage group via normal_user role (write access for member editing) because groups are a similar concept like CustomFieldValues for member filtering. We can talk in our next meeting if this make sense.

Done in https://git.local-it.org/local-it/mitgliederverwaltung/issues/404 But I decided for now to manage group via normal_user role (write access for member editing) because groups are a similar concept like CustomFieldValues for member filtering. We can talk in our next meeting if this make sense.
Sign in to join this conversation.
main
Branches Tags
Clear current reference
main
renovate/renovate-renovate-43.x
renovate/ghcr.io-sebadob-rauthy-0.x
renovate/mix-dependencies
feature/export_csv
feature/ui-for-adding-members-groups
feature/373-member-view-groups-integration
speed-up-drone
persist-sort-order
feature/128_playwright_a11y_test
feature/backpex-migration
feature/backpex_translation
feature/36_add_primerlive
Clear current reference
No results found.
Labels
Clear labels   
bug

Something is not working

  
duplicate

This issue or pull request already exists

  
enhancement

New feature

  
help wanted

Need some help

  
high priority

   
invalid

Something is wrong

  
L

5 h

  
low priority

   
M

3 h

  
medium priority

   
needs refinement

   
optional

   
question

More information is needed

  
S

1 h

  
UX research

   
wontfix

This won't be fixed

No labels
bug
duplicate
enhancement
help wanted
high priority
invalid
L
low priority
M
medium priority
needs refinement
optional
question
S
UX research
wontfix
Milestone
Clear milestone
No items
No milestone
Optional: I can group members
Projects
Clear projects
No items
No project
Sprint 12: 29.01.- 19.02
Assignees
Clear assignees
No assignees
simon
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: local-it/mitgliederverwaltung#376
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?