Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3

Table of Contents

This document details some of the considerations of concern to a DuraCloud administrator.

...

Access Control Lists (ACLs)

Prior to DuraCloud v1.3.1, control over access to spaces was limited to setting the space-level permission to either OPEN or CLOSED. An OPEN space permitted anonymous reads of content within that space, whereas a CLOSED space disallowed any reads or writes of content within that space by unauthenticated users. As of DuraCloud v1.3.1, the space-level access control mechanisms have been richened.Access control in DuraCloud is set at the space level. Users and groups can be provided read and write access to a space. 

  1. Users and Groups
    1. Access is granted to users, groups, or combinations thereof
    2. Users are those with credentials to access an account
    3. Groups are collections of users that are created in the Management Console
  2. Rights
    1. When assigning a space ACL, users and/or groups groupsv are granted one of two rights
      1. READ allows reading any content within that space
      2. WRITE allows reading, adding, and modifying any content within that space
  3. Public (anonymous) Access
    1. There is a special group named 'public' that can only be granted READ access to a space
    2. If the 'public' group has READ access, then unauthenticated (anonymous) reads of content are permitted on that space
  4. Use
    1. REST API can be used to programmatically create, update, and delete space ACLs
    2. DurAdmin provides authorized users to update space ACLs in the web interface