Difference between revisions of "Access control"
From AMTech WikiDocs
(→Roles) |
(→Actors) |
||
| Line 9: | Line 9: | ||
== Actors == | == Actors == | ||
| + | Actors are resources that defined access to specific entity types and notification types | ||
| + | * They specify the HTTP operations allowed the the type | ||
| + | * They are associated to users with the role follower via the subscription to a service or the invitation of new users | ||
| + | * Actors can include a restriction to apply the access control using the target resource user (meaning that the access control will be applied verifying access to type, tenant and user) | ||
| + | |||
== Tenants == | == Tenants == | ||
== Users == | == Users == | ||
Revision as of 09:19, 3 March 2016
Roles
Roles are resources that define the access control policies for the core resources.
- They specify the HTTP operations allowed on a given resource type.
- They are associated to users
- They are system managed.
- There are 2 main roles : activityCreator and follower
- Users with the roles activityCreator will have access to entity types and observation types
- Users with the roles follower will have the access their actors define (link to actors here)
Actors
Actors are resources that defined access to specific entity types and notification types
- They specify the HTTP operations allowed the the type
- They are associated to users with the role follower via the subscription to a service or the invitation of new users
- Actors can include a restriction to apply the access control using the target resource user (meaning that the access control will be applied verifying access to type, tenant and user)
