Skip to content

[DMS-845] Auth redesign #774

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
bradbanister merged 5 commits into from
Dec 19, 2025
Merged

[DMS-845] Auth redesign #774

Changes from 1 commit
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
850f763
[DMS-845] Auth redesign
bradbanister Dec 10, 2025
f77e2e4
Typos
bradbanister Dec 16, 2025
e28fe85
[DMS-845] clarity on within vs cross-strategy filtering predicates
bradbanister Dec 16, 2025
27ef7c9
[DMS-845] Idea for better performing recomputes
bradbanister Dec 17, 2025
8c0385a
Merge branch 'main' into DMS-845
bradbanister Dec 19, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Typos 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
  • Loading branch information
@bradbanister
bradbanister and Copilot authored Dec 16, 2025
commit f77e2e44be1744573f2d5fa2986117037d7f5232
10 changes: 5 additions & 5 deletions reference/design/auth/auth-redesign-subject-edorg-model.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -198,7 +198,7 @@ Notes:
- Future pathways (e.g., ProgramParticipation) can be added by introducing new
enum values.
- The combination `(SubjectType, SubjectIdentifier, Pathway)` can always be recomputed
from the corresponding relationship documents, see synchronization design is section 6.
from the corresponding relationship documents, see synchronization design in section 6.
- `Pathway` is a `smallint` with a locked mapping in `dms.AuthorizationPathway` (section 4.3).

### 3.4 EducationOrganization Hierarchy
Expand Down Expand Up @@ -326,7 +326,7 @@ responsibility”).
### 4.3 Locking Down `SubjectType` and `Pathway` Identifiers

This design stores `SubjectType` and `Pathway` as `smallint` for compact keys
and fast joins. However, using ad-hoc numeric enums is fragile: if the numeric
and fast joins. However, using ad hoc numeric enums is fragile: if the numeric
values drift between deployments (or between C# code and database seed data),
authorization can silently misbehave.

Expand Down Expand Up @@ -894,7 +894,7 @@ Notes:
- GIN on `QueryFields` filters by query parameters before paging.
- `DocumentSubject` + `SubjectEdOrg` joins are backed by narrow B‑tree indexes,
enabling fast existence checks.
- `totalCount` requests uses the same `WHERE` (including the `EXISTS`)
- `totalCount` requests use the same `WHERE` (including the `EXISTS`)
against `DocumentIndex`

### 7.2 Namespace‑Based and Other Non‑Relationship Auth
Expand Down Expand Up @@ -925,7 +925,7 @@ either as:
used in the write pipeline over `EdfiDoc` and the resource schema.
3. Invoke `ResourceAuthorizationHandler` for the `ExistingData` phase with the
appropriate strategies and the in‑memory `DocumentSecurityElements`.
3. Validators use `IAuthorizationRepository` (which now reads `SubjectEdOrg`)
4. Validators use `IAuthorizationRepository` (which now reads `SubjectEdOrg`)
to ensure at least one relevant subject membership intersects the caller’s
EdOrg filters.

Expand Down Expand Up @@ -1031,7 +1031,7 @@ All **database‑level** authorization logic that previously relied on

---

## 12. Open Questions and Future Enhancements
## 10. Open Questions and Future Enhancements

Areas for future refinement include:

Expand Down
Loading