Changes between Version 1 and Version 2 of UserGuidelines/Admin/Permissions


Ignore:
Timestamp:
06/23/12 16:12:33 (13 years ago)
Author:
Fran Boon
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • UserGuidelines/Admin/Permissions

    v1 v2  
    1 == Access Control & Permissions ==
     1= Access Control & Permissions =
    22
    3 The default system has most data available to Read by anonymous users & Edit/Delete by registered users.
     3There are a number of different security policies available to allow either a simple system or else provide advanced functionality:
     4 * [wiki:S3AAA S3AAA] - Sahana's Access Control system
     5
     6The default security policy has most data available to Read by anonymous users & Edit/Delete by registered users.
    47
    58Registered Users are added to Roles.
     9 * The 1st registered user gets the 'Administrator' role (id 1) by default
    610 * All registered users get the 'Authenticated' role (id 2) by default
    7  * The 1st registered user gets the 'Administrator' role (id 1) by default
    811
    9 === Control access to a Module ===
    10 Add an {{{access = "|x|",}}} line to the relevant module section in {{{models/000_config.py}}}.
    11  - where 'x' is the ID of the role that should be allowed access to the module
     12== Control access to a Module ==
     13If all you need to do is to limit access to the controllers within 1 module, then this can be done whilst staying in the simple security policy.
    1214
    13 This both hides the menu item & blocks access to the whole /module/ hierarchy.
     15You can configure options in the modules configuration in {{{private/templates/<template>/config.py}}} or {{{models/000_config.py}}}:
     16* Add an {{{access = "|x|",}}} line to the relevant module section.
     17 * 'x' is the ID of the role that should be allowed access to the module
     18* This both hides the menu item & blocks access to the whole /module/ hierarchy.
    1419
    15 === Control access to a Function ===
    16  * BluePrintAuthorization#Functionrestriction
     20== Control access to Functions & Tables ==
     21You need to go up to security level 4, or above, in your {{{private/templates/<template>/config.py}}} or {{{models/000_config.py}}}:
     22{{{
     23settings.security.policy = 3 # Apply Controller ACLs
     24}}}
     25or:
     26{{{
     27settings.security.policy = 4 # Apply both Controller and Function ACLs
     28}}}
    1729
    18 === Control access to a Resource ===
    19  * BluePrintAuthorization#Resourcerestriction
     30You then need to populate specific access permissions in the {{{s3_permission}}} table in the database.
     31* If there are no permissions defined for any user for a resource, then access is unrestricted.
     32* If a permission is defined for any user then all other users have no access at all unless explicitly granted (Users with the Administrator role are exempt - they always have access).
    2033
    21 === Control access to a Record ===
    22  * BluePrintAuthorization#Recordrestriction
     34In order for these checks to be done, then you need to set that module as {{{restricted=True}}} in your {{{private/templates/<template>/config.py}}} or {{{models/000_config.py}}}:
     35* [wiki:S3AAA#ControllerRestriction]
     36
     37== Control access to Tables ==
     38If you want to control access to the data in a table, no matter by which controller it is accessed, then you need to go up to security level 5, or above, in your {{{private/templates/<template>/config.py}}} or {{{models/000_config.py}}}:
     39{{{
     40settings.security.policy = 5 # Apply Controller, Function and Table ACLs
     41}}}
     42
     43Note: Controllers which don't use the S3 framework can bypass this security, so you should not develop such custom controllers where you need to keep the data secure.
     44
     45== Control access to Records ==
     46Records can be owned by individuals or Organisations (including Branches, Teams & Facilities).
     47
     48This allows control of access by Realm - so staff of 1 Organisation can see their records of a certain type yet not those for another Organisation in the same database.
     49
     50You need to go up to security level 6, or above, in your {{{private/templates/<template>/config.py}}} or {{{models/000_config.py}}}:
     51{{{
     52settings.security.policy = 6: Apply Controller, Function, Table ACLs and Entity Realm
     53}}}
     54
     55This functionality can be extended to support Hierarchy so that data restrcited to a single organisation can be amde avaialble to all branches of that Organisation (however data owned by the Branch is by default only visible to members of the Branch):
     56{{{
     57settings.security.policy = 7: Apply Controller, Function, Table ACLs and Entity Realm + Hierarchy
     58}}}
     59
     60This functionality can be extended yet further by allowing organisations to share their private data with selected individuals, teams, facilities and organisations that they wish to (this is done by delegating the access role to that other entity, as they can now decide which of their people get the access):
     61{{{
     62settings.security.policy = 8: Apply Controller, Function, Table ACLs, Entity Realm + Hierarchy and Delegations
     63}}}
     64
     65
     66Record Approval is currently being developed to limit access until approved, in addition to all the other options.
    2367
    2468----