Difference between revisions of "Access control"

From AMTech WikiDocs
Jump to: navigation, search
(Actors)
Line 1: Line 1:
 +
Access control is applied based on the info of the resource being accessed. Access control verification is always performed by validating access to the resource type (based on roles/actors) , access to the resource tenant and guest tenants (based on the user's tenant), and access to the resources owner (based on the user accessing the resource)
 
== Roles ==
 
== Roles ==
 
Roles are resources that define the access control policies for the core resources.
 
Roles are resources that define the access control policies for the core resources.

Revision as of 10:21, 3 March 2016

Access control is applied based on the info of the resource being accessed. Access control verification is always performed by validating access to the resource type (based on roles/actors) , access to the resource tenant and guest tenants (based on the user's tenant), and access to the resources owner (based on the user accessing the resource)

Roles

Roles are resources that define the access control policies for the core resources.

  • They specify the HTTP operations allowed on a given resource type.
  • They are associated to users
  • They are system managed.
  • There are 2 main roles : activityCreator and follower
  • Users with the roles activityCreator will have access to entity types and observation types
  • Users with the roles follower will have the access their actors define (link to actors here)

Actors

Actors are resources that defined access to specific entity types and notification types

  • They specify the HTTP operations allowed the the type
  • They are associated to users with the role follower via the subscription to a service or the invitation of new users
  • Actors can include a restriction to apply the access control using the target resource user (meaning that the access control will be applied verifying access to type, tenant and user)

Tenants

Users