Permissions model for Linz
This document describes the proposed permissions model for Linz.
Background
At present, the goal for Linz is not to be a fully fledged CMS, but rather a fully fledged web content administration system.
Linz currently doesn't:
- get involved in publishing
- view caching, or know absolutely anything about the 'public view' of your website
Content administration permissions
Despite the above, a permissions model is required to enable configuration in which certain groups of users, can perform certain actions, and others can't.
The following needs to be taken into consideration:
- Linz doesn't have a specific User type
- this can be configured be defining the mongoose model name, the username key, the password key
- you can override the default password check functionality
- There are no groups, or permissions or ACL of any kind
As you can see, it's quite simple at this stage and will hopefully remain so.
Flexible permissions
With the above considerations, the permissions system needs to be very flexible, and highly configurable as is the user system.
The following design goals should allow such a system:
- Linz knows what action is taking place, and by whom
- What and who can be provided to an external function to determine if an action should be allowed
- Linz doesn't need to know anything about the implementation of a particular permission
- by default, Linz will allow all actions, so restrictions will need to be added as required
- Linz will hand off to external functions to determine allowed actions (with no-op ones by default)
- Linz should use a very simple asynchronous API for integration
Examples
The following list a few examples:
- view a model (to display in the navigation, and view the models index)
- edit a model
- delete a model
- create a model
- customAction on a model
Flexible API
The following simple, yet flexible method signature will allow for easy integration and flexibility in implementing the permissions system:
actionFn (userId, action, model, callback)
Parameters
userid
: String
The id of the user requesting the action.
action
: String
The action the user wants to make.
model
: String
, or Object
, or undefined
The model in context of the action. This may be undefined for global, non-model specific actions however.
callback
: Function
A function to call with the result with following signature callback(error, success)
Default implementation
As mentioned the default implementation will allow everything, and should look something like:
function actionFn (user, action, model, callback) {
callback(null, true);
}
Future considerations
At this point, there are no custom navigation capabilities within Linz, but this will come. At that time, we'll have to provide for wrapping permissions around those too.