Three-tier project visibility & admin role editing #40

Merged

qwc merged 1 commit from feature/project-visibility-global-access into main

2026-02-04 14:43:53 +01:00

qwc commented

2026-02-04 14:35:19 +01:00

Owner

Summary

Implements issue #37: Replace the binary public/private project model with a three-tier visibility system and add admin role editing.

Visibility Model

Visibility	Who can view	Governed by
`public`	Anyone, including anonymous	—
`private`	Authenticated users in the global access list	`access.private` config + admin UI
`custom`	Only users with explicit per-project access	Per-project access grants

Migration: is_public=true → public, is_public=false → custom (preserves current behavior exactly).

Key Changes

DB migration: Add visibility column, migrate from is_public (all 3 dialects)
Global access system: New global_access and global_access_grants tables for private visibility
Config: New access.private section with users, LDAP groups, and OAuth2 groups
Auth sync: LDAP/OAuth2 group membership resolved into global access grants at login
Admin UI: Visibility dropdown replaces checkbox; inline role editing on users page; new Global Access admin page
Built-in docs: Updated for the new visibility model

Commits (10)

DB migration for visibility column
Model & store changes (IsPublic → Visibility)
Global access tables and store
Config section & startup sync
Access check logic for three-tier model
LDAP/OAuth2 global access sync at login
Admin UI updates (visibility select, inline role editing)
Built-in documentation updates
Cleanup (.gitignore)
Admin UI for global access rules

Test plan

go test ./... passes
Existing public projects remain publicly accessible
Existing non-public projects remain accessible only to assigned users (migrated as custom)
New project with private visibility: only users/groups in global access list can view
Admin can manage global access rules via Admin > Global Access page
Admin can change user's global role from the users page
LDAP/OAuth2 users get global access resolved at login from group membership
API returns visibility field instead of is_public

Closes #37

🤖 Generated with Claude Code

## Summary Implements issue #37: Replace the binary public/private project model with a three-tier visibility system and add admin role editing. ### Visibility Model | Visibility | Who can view | Governed by | |---|---|---| | `public` | Anyone, including anonymous | — | | `private` | Authenticated users in the global access list | `access.private` config + admin UI | | `custom` | Only users with explicit per-project access | Per-project access grants | **Migration**: `is_public=true` → `public`, `is_public=false` → `custom` (preserves current behavior exactly). ### Key Changes - **DB migration**: Add `visibility` column, migrate from `is_public` (all 3 dialects) - **Global access system**: New `global_access` and `global_access_grants` tables for private visibility - **Config**: New `access.private` section with users, LDAP groups, and OAuth2 groups - **Auth sync**: LDAP/OAuth2 group membership resolved into global access grants at login - **Admin UI**: Visibility dropdown replaces checkbox; inline role editing on users page; new Global Access admin page - **Built-in docs**: Updated for the new visibility model ### Commits (10) 1. DB migration for visibility column 2. Model & store changes (IsPublic → Visibility) 3. Global access tables and store 4. Config section & startup sync 5. Access check logic for three-tier model 6. LDAP/OAuth2 global access sync at login 7. Admin UI updates (visibility select, inline role editing) 8. Built-in documentation updates 9. Cleanup (.gitignore) 10. Admin UI for global access rules ## Test plan - [ ] `go test ./...` passes - [ ] Existing public projects remain publicly accessible - [ ] Existing non-public projects remain accessible only to assigned users (migrated as `custom`) - [ ] New project with `private` visibility: only users/groups in global access list can view - [ ] Admin can manage global access rules via Admin > Global Access page - [ ] Admin can change user's global role from the users page - [ ] LDAP/OAuth2 users get global access resolved at login from group membership - [ ] API returns `visibility` field instead of `is_public` Closes #37 🤖 Generated with [Claude Code](https://claude.com/claude-code)

qwc added 1 commit

2026-02-04 14:35:20 +01:00

Add admin UI for global access rules

CI / test (pull_request) Successful in 1m11s

Details

CI / build (pull_request) Successful in 56s

Details

CI / docker (pull_request) Has been skipped

Details

144b1eda8a

New Global Access page under Admin for managing who can access
private-visibility projects. Supports adding/deleting rules for
users, LDAP groups, and OAuth2 groups. Config-sourced rules are
shown but cannot be deleted via UI.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

qwc merged commit 2a28a1979e into main

2026-02-04 14:43:53 +01:00

qwc deleted branch feature/project-visibility-global-access

2026-02-04 14:43:53 +01:00

qwc referenced this pull request from a commit

2026-02-04 14:43:55 +01:00

Merge pull request 'Three-tier project visibility & admin role editing' (#40) from feature/project-visibility-global-access into main

qwc referenced this pull request

2026-02-04 15:16:52 +01:00

Add configurable log level and debug logging for access checks #41