Currently, controller lacks a permission management system, which poses significant security risks. This issue is used to track issues related to the permission management framework:
Technical Proposal
We plan to use Casbin for authz (authorization).
For authc (authentication), we will support the local user system (for small-scale testing purposes only), OIDC, and the gateway.
Specific implementation details will be discussed in the corresponding sub-issues.
Sub-issues
Currently, controller lacks a permission management system, which poses significant security risks. This issue is used to track issues related to the permission management framework:
Technical Proposal
We plan to use Casbin for authz (authorization).
For authc (authentication), we will support the local user system (for small-scale testing purposes only), OIDC, and the gateway.
Specific implementation details will be discussed in the corresponding sub-issues.
Sub-issues