Skip to content

User-based File Access Control: a proposal #13

Open
Open
User-based File Access Control: a proposal#13
Labels
Feature
@ajantis

Description

@ajantis
ajantis
opened on Oct 19, 2015

User-based File Access Control

We'd like to have a way to restrict access to file resources per user or group.

This issue is a place for all related discussions about a solution and its architecture.

Users and Groups in C3

A user in C3 Web can have multiple groups assigned to him.
And each file resource has an owner (a User) and a group owner (a Group).

Each request for C3 file resource can contain an information about the user which is trying to access it.
If this information is omitted it's not taken into account when C3 Access Manager components is about to make a decision whether to allow access or not.

If information about user trying to access resource is provided then two things are considered:

  • User identity itself (User ID)
  • List of users's group (Group IDs)
  1. If user is an owner of the file resource then the 'resource owner access' is verified (Read & Write).
  2. If the file resource is owned by one of the users's group then the 'group owner access' is verified (Read or Write).
  3. If neither of the first two is true then an access for 'others' is checked for this resource: whether other users have any (Read or Write) access to a resource or not.

The main idea behind user-based access control is providing user authorisation for file resources. Authentication is not part of the scope.

Implementation

The implementation can be split into a few parts:

  1. Extending file system metadata: add a notion of ‘Owner’ and ‘Owner group’ (Should it be optional?).
  2. Add support for ‘user’ and ‘user's groups’ info in REST API Requests.
  3. Search should respect user-based access control rules if they are applicable and filter out results accordingly.
    It’s assumed that filtering out should be done solely in the server-side because of performance and, more importantly, security concerts.

Important Notes

  1. C3 is NOT responsible for maintaining a users repository.
  2. C3 is NOT responsible for users authentication (only authorising access to C3 resources). See the difference: http://www.cyberciti.biz/faq/authentication-vs-authorization/

Search

When a search query is submitted then the scope of the search should depend on resources access control for a given (if given) user.
I.e. if a user doesn't have any access for some file resource then this resource should not be returned in the response with search results.

Metadata

Metadata

Assignees

No one assigned

    Labels

    Feature

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions