Details
-
Type: New Feature
-
Status: Open
-
Priority: Major
-
Resolution: Unresolved
-
Affects Version/s: None
-
Fix Version/s: Short Term
-
Component/s: None
-
Labels:None
Description
Since our own use case for limiting access is rather specific, we're going to implement a modular access restriction system for support departments.
We will create something similar to the Order System antifraud setup where we have a directory (something like support_manager/components/department_restriction) and a factory + interface for fetching implementations.
Each implementation should have a name (to show in a dropdown selector) as well as a function for fetching necessary input fields, one for validating the data, and one for evaluating a user's access (non-authenticated users may need to be considered).
We'll want to ship with two options to start. One as described in CORE-4172 that limits access to having an active service from a list of selected packages. Then another that specifically integrates with the license system to see if the user has a service with valid support and updates (using logic that already should exist somewhere). This should give an error if the license module is not installed.
Issue Links
- duplicates
-
CORE-4172 Support Manager: Package restrictions by department
- Closed