Allow different tenants than the owner to manage records in a domain (zone)

Registered by Bharath

Tenant A owns a domain "dev.example.com" and it wants users who are part of dev organization to be able to manage their own records within the domain (zone). For example, tenant B creates records within the domain. Tenant B should be able to manage only records owned by tenant B though the domain could be owned by tenant A. Of course, tenant A has full control over all the records within the domain it owns. This will have impact on API access, Database etc

It will be possible to limit user access to records and domain based on permissions and filters. The permissions will be - read only, manage records, and manage zones. Each of these permissions can also have filters to provider even more granular access. The ability to limit which zones, record types, and data a user can read or manage will be possible with the filters. A user will be placed in a role which will define the permissions and filters they have.

Blueprint information

Status:
Not started
Approver:
None
Priority:
Undefined
Drafter:
Bharath
Direction:
Needs approval
Assignee:
None
Definition:
Discussion
Series goal:
None
Implementation:
Unknown
Milestone target:
None

Related branches

Sprints

Whiteboard

(?)

Work Items

This blueprint contains Public information 
Everyone can see this information.