A substantial application codebase comprising thousands of API endpoints required uplifting, which meant working with ownership teams across the entire organization. Millions of existing customers expecting 24/7 uptime meant delicate project phasing was needed to succeed. An inventory of the existing authorization checks accrued over decades of product development had to be established and migrated to new resources and policies. The new policies would be integrated alongside existing ACL checks, then validated that they accurately met all existing authorization security requirements. The client could only migrate users to the new system after they were fully satisfied that the new authorization system would not disrupt any existing functionality.
SitePen was brought into the project to lead the resource policy migration effort within the system backend and to help enhance the frontend application to support fine-grained feature toggling based on the new resource model.
The backend policy migration process involved several major phases:
Analyzing the ACL checks that the product’s existing service endpoints were performing.
Defining new resources and policies to match the existing checks.
Integrating the new authorization primitives throughout the application, in parallel with the existing ACL system, to avoid disrupting users.
Validating that the new authorization decisions accurately met the existing security requirements.
Switching over to use the new resources and policies for authorization enforcement.
This process was iterated across the application codebase to cover all existing authorization requirements. The team continuously deployed new authorization features as they were migrated, with SitePen liaising with all owners responsible for each area to approve, release, and deploy the new checks.
Frontend work included implementing new feature requirements that specified how configurable resource actions translated into new or modified user workflows, for example, to allow for read-only reviewer users or workflow approvers that only had access to a subset of an organization’s data. Given the broad scope of the project, this process included feature analysis to understand the existing functionality and how it could be extended to support new requirements across the entire suite of application capabilities and workflows. Once a consistent and achievable implementation had been agreed upon, SitePen helped the client to implement the new user interface functionality.
SitePen successfully migrated thousands of the most-used authorization checks within the product and helped implement many of the new front-end requirements, enabling the client to meet their project goals.
Decoupling authorization decision-making from the main accounting product allows authorization policies to be developed and deployed independently, reducing turnaround time when adding or modifying resources. The client can now resolve critical user or product security issues separately from the heavyweight deployment pipeline of the whole application codebase, minimizing security risks through immediate resolution. Separating resources and their policies from the product implementation also allows the creation of fine-grained roles that give users greater flexibility in how they structure their workflows across the product.