GSoC-2026 Community Bonding Report: User Management and RBAC for istSOS Web Administration

1. Project & Contributor Information

● Project Name: User Management and RBAC for istSOS Web Administration
● Organization: OSGeo
● Mentors: Massimiliano Cannata, Daniele Strigaro, Claudio Primerano
● Contributor: Kinshuk Sanand

2. Primary Objectives

• Establish a reliable communication rhythm and feedback loop with mentors.

• Set up and verify the local development environment.

• Gain a deeper understanding of the system architecture.

3. Key Accomplishments

Work Done in Community Bonding period:

• I have setup my OSGeo Profile

• Added my project and repository details to the OSGeo Accepted Students 2026 Page

• Reviewed the OSGeo contributor instructions and the GSoC student guide

Community Interaction:

• Met with my mentors and discussed the expectations for this project.

• Had brief chats with other GSoC contributors to compare our progress.

Codebase Familiarity & Setup:

• Successfully built the project locally and configured the testing suite.

• Conducted a deep dive into the specific modules relevant to the project (e.g: geospatial mapping tools, role-based access control flows).

4. Next Steps (Entering Phase 1)

• Begin implementation of core RBAC backend improvements by adding automatic policy creation in POST /Users to remove the existing two-step workflow and initiating SQL-safe role switching improvements in functions.py to address injection risks early

• Finalize and document the external authentication design(link) boundaries, including its relation to OIDC and Grafana integration.

• Deliverable: Initial backend PR with user-creation improvements and role-switch hardening, along with a clear technical direction for the remaining work.