Skip to content

Role based access control#72

Open
tekrajchhetri wants to merge 27 commits intomainfrom
user-rbac
Open

Role based access control#72
tekrajchhetri wants to merge 27 commits intomainfrom
user-rbac

Conversation

@tekrajchhetri
Copy link
Copy Markdown
Collaborator

@tekrajchhetri tekrajchhetri commented May 4, 2026
edited
Loading

This PR adds the RBAC.

Please note that it also contains some old design doc info and can be ignored for this review.

Important: Merge #73 first before merging this.

tekrajchhetri and others added 27 commits February 5, 2026 14:06
@tekrajchhetri
images from poc and bbqs work from slack
b006711
@tekrajchhetri
design document for pi-grants-skills kg
b30502f
@tekrajchhetri
time added
d433500
@tekrajchhetri
removed "RDF-based Knowledge Graph"
33ab5d2
@tekrajchhetri
admin mermaid diagram added
1b362ed
@tekrajchhetri
Data Flow diagram added
e0f05e4
@tekrajchhetri
potential API endpoints added
a5fef76
@tekrajchhetri
added requirements and cleaned.
0d62a0a
@tekrajchhetri
UI info added
6b29e06
@tekrajchhetri
Update UI implementation guidelines for Next.js
111a874 
Emphasize component reusability and modular design in UI implementation using Next.js.
@tekrajchhetri
removed line
d636226
@tekrajchhetri
Merge branch 'design_docs' of github.com:sensein/BrainKB into design_…
0e1565c 
…docs
@tekrajchhetri
Create PI-Grant-Skills-Research-microservice.md
64ee4d2
@tekrajchhetri
Create PI-Grant-Skills-Research-model.md
ed4decc
@tekrajchhetri
removed Implementation (API Endpoints)
31c45b3
@tekrajchhetri
moved Sequence diagram and paper references added
1d7b621
@tekrajchhetri
Update requirements.txt
b48c17c
@tekrajchhetri
Update env.template
0389999
@tekrajchhetri
updated database to include OAuthIdentity information
6a2fb56
@tekrajchhetri
oauth + rbc information added
4c4f235
@tekrajchhetri
env variable info updated
b7a0a6f
@tekrajchhetri
globus + oauth handle for token generation
180e1f6
@tekrajchhetri
updated user management to store profile information + globus integra…
a32fc41 
…tion + oauth handling
@tekrajchhetri
added usermanagement
d2316ed
@tekrajchhetri
check diff env variables
3694364
@tekrajchhetri
Create README.unified-docker.md
b930756
@tekrajchhetri
Merge branch 'main' into user-rbac
17456bf
gemini-code-assist[bot]
gemini-code-assist Bot reviewed May 4, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@gemini-code-assist gemini-code-assist Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request integrates the usermanagement_service into the unified Docker deployment and significantly expands its functionality. Key additions include OAuth authentication support for GitHub, ORCID, and Globus, a comprehensive role-based access control (RBAC) system with permissions and page-level restrictions, and administrative capabilities such as user banning. The update also introduces an environment variable drift detection script and detailed design documentation. Review feedback identifies a security risk concerning encryption key fallbacks, data integrity concerns during profile deletion, and a recommendation to use SQLAlchemy's expression language for database queries to ensure consistency.

Comment thread usermanagement_service/core/security.py
Comment thread usermanagement_service/core/routers/user_management.py
Comment thread usermanagement_service/core/database.py
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@djarecka djarecka Awaiting requested review from djarecka

@puja-trivedi puja-trivedi Awaiting requested review from puja-trivedi

1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@tekrajchhetri