Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bug(permissions): handle DL / group emails for the permissions #327

Open
zereraz opened this issue Feb 18, 2025 · 0 comments
Open

bug(permissions): handle DL / group emails for the permissions #327

zereraz opened this issue Feb 18, 2025 · 0 comments
Labels
bug Something isn't working permissions anything related to the permission engine and rbac

Comments

@zereraz
Copy link
Contributor

zereraz commented Feb 18, 2025

As of now we don't handle permissions correctly for distribution list or group emails in google workspace.
Example: legal@xynehq.com we would put as is.

We need to add support for this in the permission aware RAG.

We would probably need these permissions

https://www.googleapis.com/auth/admin.directory.group.readonly
https://www.googleapis.com/auth/admin.directory.group.member.readonly

Then we keep syncing it.

Edge case:

  • If someone is removed or added to a group mail, how to know what files to update the permission to. This has perf implications too
  • Since we use Set for permissions, what if group email is removed but a user part of the group email still has access to a doc.
@zereraz zereraz added bug Something isn't working permissions anything related to the permission engine and rbac labels Feb 18, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working permissions anything related to the permission engine and rbac
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@zereraz