Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Section
bordertrue


Column

Table of Contents

Table of Contents
exclude(Table of Contents|Read on|Assigning Roles to Users|Configuration of Microservices using Profiles|Managing PermissionsAUTHENTICATION Service|Authentication against the Core API|Configuring Services using Profiles)



Introduction

The Core API protects documents against access by unauthorized persons through a permission system. Each user has one or more roles in this system, giving them access to various documents for specified actions. The user-role-mapping manages the assignment of roles to users. In yuuvis® Momentum, this mapping is managed separately from the authentication process itself and can be configured according to the customers' needs. Furthermore, in the configuration of yuuvis® AUTHENTICATION service, access conditions can be defined individually for each API endpoint.

...

The actions of a permission specify access rights for specific purposes, whereby a distinction is currently made between read access, delete access and write access. The actions can be combined by simply adding multiple actions to the permission.

readpermission to receive objects in search results and to call various GET endpoints to a special object
deletepermission to delete objects content or metadata
writepermission to update objects or to move the content of objects

Conditions

Conditions are statements in the proprietary CMIS-based query language that define the subset of documents in the system affected by a permission. If the condition for a document is met (meaning evaluating the query language expression returns 'true'), the owner of the role gets to access that document. For example, conditions can limit access to a permission to a specific type of object or hide documents that are older than a specific date from a user. The conditions are appended to all requests from the role owner and thereby act as filters for the corresponding search results. 

...