Giscuit
Prev Next

Access control list

Introduction

Access control list (ACL) provides a lightweight and flexible implementation for privileges management. In general, an application may utilize such ACL's to control access to certain protected objects by other requesting objects.

For the purposes of this documentation:

  • a resource is an object to which access is controlled.
  • a role is an object that may request access to a Resource.

Put simply, roles request access to resources. For example, if a parking attendant requests access to a car, then the parking attendant is the requesting role, and the car is the resource, since access to the car may not be granted to everyone.

Roles can inherit other roles. For example if a manager extends parking atendant and the accountant he can access everything that the accounant and parking atendent can.

To see an example of managing roles and rules check Access control list.

Rules

Adding

To add a new rule click the Add button at the bottom of the rules data table, this will add a new row to the begining of the data table. Double click on a cell to modify it's contents.


Editing

To edit a rule you need to double click on the cell of the data table.

Rules data table fields description:

Role. Name of the role that requests access to a resource

Resource. Name of the resource

Privelege. Name of the privelege

Group. Name of the group. Identifies where in the system this rules will be used.


Deleting

To delete a rule click on it's id field, this will enable the delete button, click on it to delete the rule.


Roles

Adding

To add a new role click the Add button at the bottom of the roles data table, enter your role name and click Add button, this will add a new role to the end of the data table.


Editing

You can edit the roles that will be inherited by double clicking on the Extends cell of the data table.

Roles data table fields description:

Key. Name of the role

Extends. Roles that will be inherited


Deleting

To delete a role click on it's key field, this will enable the delete button, click on it to delete the role.


Default roles

There are a few default roles added upon installation:

  • admin_users. Users that extend this role have access to Users administration section and can manage users.
  • admin_news. Users that extend this role have access to News administration section and can manage news.
  • admin_data. Users that extend this role can create their own tables and layers.
  • admin_data_share. Users that extend this role can share their layers with other users.


Prev Up Next
Database Administrator Preferences

COPYRIGHT ® 2012, VEC