As stated in Jira 1245, customers, especially those with administrative functions, have been requesting privileges to control all content, organisations and teams. For security reasons, there is no support for this use case in the current Quay UX/UI experience. As a result an explicit takeover has to occur, complicating the user experience as a whole.
For the 3.8 release cycle, the priority is focusing on creating superuser functionality and a UI that supports the superuser experience. The main objective of this epic is to scope out the work for engineering to break down and prioritize the large task of making the superuser completely self-autonomous across platform configuration functions.
The long term goal is to repurpose the new superuser UI for regular users, albeit without superuser privileges.
Why is this important:
Currently there is no way to do this in the Quay UI and therefore this can quickly become a burden on users, potentially discouraging users from continuing to use the platform in the future.
All the actions of the superuser are enabled and accessible to the administrator use case, including but not limited to the following actions. These tasks will be broken down into user stories:
- Logging in and out of the platform
- See all organization
- See all repositories in all organizations
- See all tags in a repository
- See security vulnerability and package manifest reports per tag
- Delete arbitrary tags
- Delete arbitrary repositories
- Delete arbitrary organizations
- Bulk-delete on tags / repos / organizations (i.e. select & delete multiple items at once)
- Create organizations
- Create repositories