Skip to content

Implement user roles and permissions for Admin UI #37

New issue
New issue
Open
Open
Implement user roles and permissions for Admin UI#37
Labels
enhancementNew feature or request
Milestone
v3
@niteshpurohit

Description

@niteshpurohit
niteshpurohit
opened on Aug 6, 2025

Feature Request

Description:

Implement a role-based access control (RBAC) system for the Admin UI, allowing different levels of access (e.g., viewer, editor, admin) for managing materialized views.

Use Case:

In larger teams, it's important to control who can create, edit, or refresh materialized views. For example, a business analyst might have view-only access, while a data engineer has full control.

Proposed Solution:

  • Define a set of roles (e.g., :viewer, :editor, :admin).
  • Provide a way to map these roles to the host application's current_user (e.g., via a lambda in the initializer).
  • Enforce permissions in the UI and API endpoints based on the user's role.

RSpec Tests:

  • Configure the authorization callback for different roles.
  • (UI) As a 'viewer', visit the dashboard and verify that 'edit' and 'new' buttons are not visible.
  • (UI) As an 'editor', verify that CRUD buttons are visible and functional.
  • (API) Send a DELETE request as a 'viewer' and verify it is rejected with a 403 Forbidden status.

Checklist:

  • I have searched for a similar feature request and didn't find any duplicates.
  • I have included all the required information.
  • I have tagged the issue with the label "enhancement".

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Projects

    MatViews

    Status

    Backlog

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions