We have logins but they dont control access, access will be defined in the project config json as a project owner (1 email that can access) and from the rds isaric-auth db.
How the db will work is project owner can add via a modal another email that can access the project.
Access control will therefore be:
- is project public (is_public flag in json)
- is project_owner (project_owner filed in json)
- has a project_user entry in project_users table, this can only be added if logged in as project_owner
We have logins but they dont control access, access will be defined in the project config json as a project owner (1 email that can access) and from the rds isaric-auth db.
How the db will work is project owner can add via a modal another email that can access the project.
Access control will therefore be: