Table of Contents |
---|
This document details some of the considerations of concern to a DuraCloud administrator.
...
Access Control Lists (ACLs)
Prior to DuraCloud v1.3.1, control over access to spaces was limited to setting the space-level permission to either OPEN or CLOSED. An OPEN space permitted anonymous reads of content within that space, whereas a CLOSED space disallowed any reads or writes of content within that space by unauthenticated users. As of DuraCloud v1.3.1, the space-level access control mechanisms have been richened.Access control in DuraCloud is set at the space level. Users and groups can be provided read and write access to a space.
- Users and Groups
- Access is granted to users, groups, or combinations thereof
- Users are those with credentials to access an account
- Groups are collections of users that are created in the Management Console
- Rights
- When assigning a space ACL, users and/or groups groupsv are granted one of two rights
- READ allows reading any content within that space
- WRITE allows reading, adding, and modifying any content within that space
- When assigning a space ACL, users and/or groups groupsv are granted one of two rights
- Public (anonymous) Access
- There is a special group named 'public' that can only be granted READ access to a space
- If the 'public' group has READ access, then unauthenticated (anonymous) reads of content are permitted on that space
- Use
- REST API can be used to programmatically create, update, and delete space ACLs
- DurAdmin provides authorized users to update space ACLs in the web interface
- REST API can be used to programmatically create, update, and delete space ACLs