Unless I'm mistaken, there is currently no authorization layer in Hubs. Nothing checks that only johnsmith can edit the johnsmith hub, or that only members of the design team can edit the designteam hub.
Is somebody working on that? Since I think we need it before we can consider a public release, I propose to find a library that would allow us to set and enforce those authorizations, and implement it in the current codebase. At the moment I think the main requirement is auth based on group membership. The library should allow us to assign people to groups based on their FAS groups, but I believe this is more the scope of the authentication library, so I shouldn't matter here.
What do you think? Is it a good time to start working on that?
I may be a little late to the meeting today. I have an appt 10-11, and
I'm not anticipating it taking the full hour, but if it does it'll take
me ~10 min to drive back home to hop on laptop. Sorry for the late
notice, I had thought it was 930-1030 until I checked my calendar this
Here's the meetbot minutes of today's meeting:
- Shillman is doing two prototype tests this week (originally scheduled to be in person but remote now bc of snow and some other issues)
- Sayan and rtnpro met about the ircb/hubs integration, minutes are here: https://meetbot.fedoraproject.org/meetbot/teams/waartaa-devel/waartaa-dev...
- Mo did a quick summary of the IRC meeting minutes in this meeting, check full log for it
- abompard and mizmo also had a discussion about next steps for the halp widget
- jcline catch up on irc design and make sure we can communicate with the irc network during the registration wizard
- mizmo to start working on updating / iterating irc chat / user list widget mockups
- mizmo to mock up config UI for halp widget
- abompard to investigate custom template for config UI; autocomplete and 'shopping list' for hubs
- mizmo to mock up config UI for setting hub IRC channel
- (shillman to complete two more prototype tests for regional hubs + document)