Giters

ballerine-io / ballerine

Open-source infrastructure and data orchestration platform for risk decisioning

Home Page:https://www.ballerine.com

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Enable Role-Based Access Control on Backend endpoints

alonp99 opened this issue · comments

commented

Task Definition

What?
Introduce Role-Based Access Control (RBAC) on the backend by adding roles decorators and guards to restrict access to certain endpoints based on user roles.

Why?
To ensure that sensitive operations (e.g., making decisions on a case) are only accessible by users with appropriate roles, enhancing security and operational integrity.

How?

  • Follow the guide provided in the reference article: Role-Based Access Control in NestJS.
  • Implement a Roles decorator to annotate endpoints with required roles.
  • Create a RolesGuard that checks authenticated users' roles against those required by an endpoint.
  • Integrate this guard with the application's global security context.

Acceptance Criteria:

  • Roles decorator and RolesGuard are implemented and functional.
  • Only users with appropriate roles can access restricted endpoints.
  • Documentation is updated to reflect how to use these new RBAC features.