Permissions Re-Architecture RBAC to ABAC

Description

Full Spec: https://gist.github.com/mkraft/b3469299204c1d766eebe08c28f3ce27

At a high level, this proposal encompasses the conversion of Mattermost from a Role-Based Access Control (RBAC) authorization model to an Attribute-Based Access Control (ABAC) model. The switch to ABAC allows for a simpler framework of the existing authorization privileges. It expands the types of subjects that can be authorized to include plugins, CLIs, and any other non-person-entities or people without user profiles in Mattermost. It increases the flexibility of authorization rules to support more complex privileges and paves the way for future features like regulated users and ethical boundaries.

QA Test Steps

None

Mana

None

Assignee

Unassigned

QA Assignee

None

Reporter

Scott Bishel

Fix versions

Mattermost Team

Enterprise

Sprint

None

Labels

None

QA Testing Areas

None

GitHub Issue

None

Components

None

Epic Name

RBAC to ABAC
Configure