Feature Request: Restrict users to specificy identities when updating entities #9161
Labels
feature
use for describing a new feature to develop
needs triage
use to identify issue needing triage from Filigran Product team
Comments
samczsun
added
feature
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Use case
I would like a way to ensure that a given user can only create entities with certain author identities. This is so that when my instance is sharing data with another instance, I can assure that the data (which only contains the author, and not the creator) is correctly attributed such that a compromised or malicious user can't create data and forge the author as someone else. This then allows recipients of the data to confidently use the data they receive from my instance depending on which user created it.
Current Workaround
I could write a microservice to monitor for new intel and assert that the author field, if set, is an approved identity. However, native support would be preferred.
Proposed Solution
Similar to how a user can be members of an organization, allow admins to select from all existing identities a subset of authorized identities that a user can use.
If the feature request is approved, would you be willing to submit a PR?
I can try, but I'm not very familiar with this codebase and would not have much time to iterate on feedback
The text was updated successfully, but these errors were encountered: