Skip to content

Scoped groups

References: #395 (closed), #486 (closed), permission design blueprint.

Permission checks in Debusine will be based on groups, that are created inside scopes.

Groups for a scope have unique names within the scope: for example, the debian and lts scopes will both likely have distinct groups called admin.

We cannot customize Django's Group model to be unique by Scope, so we need to create a new Group model.

Note that User.groups already exists from Django, so we have to use User.debusine_groups.

Likely next actions:

  • Create a new Group model
  • Make Group unique by Scope
Edited by Enrico Zini
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information