This is an archived project. Repository and other project resources are read-only.

Implement RBAC for S3Keys

S3 Keys

List Key

GET /users/:id/keys
Permission s3_key:list

S3PS asks AS if user is allowed to request this resource
Nobody can list keys of other users

Get Key

GET /users/:id/keys/:access_id
Permission s3_key:read

S3PS asks AS if user is allowed to request this resource
Nobody can access keys of other users

Create Key

POST /users/:id/keys
Permission s3_key:create

S3PS asks AS if user is allowed to create this resource
Nobody can create keys for other users

Delete Key

DELETE /users/:id/keys/:access_id
Permission s3_key:delete | s3_key:delete_any

S3PS asks AS if user is allowed to create this resource
Permission s3_key:delete_any can delete keys for other users

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information