GET user permissions per project and environment

[tiagoapolo]

Is your feature request related to a problem?

Users can now have permissions directly, through groups, through roles, or through roles attached to groups. Most of times it's difficult and time consuming to debug which permissions a user has. Also, there's no dedicated endpoint that returns all users permissions on a project and environment level.

Describe the solution you'd like.

We need an endpoint for providing a users permissions and where the permission is coming from, derived from group, roles, roles attached to groups and direct permissions. Also, display permissions per project and environment level (e.g. User A is in Group B ( Permissions come from Role C, which are "View Project", ...)

Describe alternatives you've considered

/api/v1/environments/{environment_api_key}/user-permissions/{id}/all
/api/v1/projects/{project_id}/user-permissions/{id}/all
/api/v1/organisations/{org_id}/user-permissions/{id}/all

{
    "admin: boolean,
    "permissions":  
    [
       {
          "permission_key": string,
          "tags": number[],
          "is_directly_granted": boolean, // if true means that is also a user granted permission
          "derived_from": {
              "groups": Group[] // or for simplicity sake just {id: number; name: string }
              "roles": Role[] // or for simplicity sake just {id: number; name: string }
          }
      },
      ...
   ]
}

Additional context

No response

[gagantrivedi]

I have created the following api:

The only difference in the response structure is that tags is part of the role instead of permissions, because a user can have the same permission through different roles with different tags.

[tiagoapolo]

That works for me 😊

[gagantrivedi]

Implemented here: #5408