Source code rules - Collaborate with Design Pod for RBAC

Goal

The goal of this issue is to evaluate collaboration between Framework for source code rules and the RBAC framework.

With the ongoing work in Design Pod for RBAC, we need to consider how these 2 frameworks should coexist both from a product standpoint, but also from a collaborative effort standpoint.

Overlaps

• Source code rules likely consume roles, users, and groups
• Both frameworks control who can do what

Differences

• Source code rules are more focused on the feature than user
• Source code rules have configuration of features
• Source code rules are sometimes triggered by an event
• may vs must
  • RBAC:: <user_role>may:{perform action}
  • Rules:: <user_role, system_object>must:{perform action}.

Intersection

Decision

Source code rules will be a consumer of the roles and possibly build a connection back to RBAC
Thread