Per-Project Authorization

[thombergs]

Implement the following roles:

PlatformAdmin - has read and write access to every project in coderadar and can also change general settings of coderadar.

ProjectAdmin - a ProjectAdmin can configure a repository/project, that is analyzed by coderadar. E.g. he can change the file patterns that should be analyzed.

ProjectUser - a ProjectUser has read-only access to the projects he is assigned to.

The first user who logs in is the platform admin of coderadar. He can create projects and has the permission to make any other user an admin. There must at least be one platform admin at any time.

[thombergs]

blocked by #202

[jo2]

Wouldn't it be good start the coderadar platform in 'private mode' to prevent random users to log in before the intended platfromadmin and get admin permissions? This way the intended platformadmin could grant public access to the platform after setting all configurations.

[maximAtanasov]

I propose the following concept:

Each user in Coderadar gets assigned to a team and has privilleges for that team (Member, Admin, etc.)
Projects get assigned to a particular team (or multiple teams if that's desired).
Each user can then see which teams they're in and browse the projects for those teams.
Users with the admin role in a team can configure projects and add/remove other users.
If a user is not in any team yet and adds a project, then a new team with the project name is created.
The graph structure would look something like this:

What is everyone else's opinion on this?

[maximAtanasov]

completed in #411