core/oc-doc
6
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
33bfe79f66
oc-doc/docs/access_control.md
ycc 33bfe79f66 doc upt
2024-11-25 15:45:05 +01:00

825 B
Raw Blame History

General architecture

Each OpenCloud instance will provide an OpenId interface. This interface may be connected to an existing LDAP Server or a dedicated one.

User rights definition

Each OpenCloud instance will manage it's users and their permissions :

  • a user has permition to start a distributed workflow in using remote peers
  • a user has administrative rights and may change the service exchenge rates
  • a user is limited to view financial information on the instance
  • a user belongs to a group (that may represent a project, a department,...)

Authentication process

Each OpenCloud peer will accept a company as a whole. Upon user connection, it will receive user rights form the origninating OpenId connect server and apply them. ex: specific pricing for a group (company agreement, project agreement, ...)