The permission system

Labstory has a flexible system for controlling access to documents. It may be customized for local installations for most likely it will be similar to what it presented here.

The permissions are based on a Role-Based Access Model (RBAC). It is based on the following principles:

  • One role has permissions that are system wide (e.g. administrator privileges)
  • One role has permissions for one particular document (e.g. read access)
  • One role can inherit privileges of another role (the latter role is often used as a group)
  • TODO: One role may have have ownership of another role (e.g. owner of a group)
All roles are implicitly inheriting the permissions of the role u:guest. Thus anyone who is able to log in, by any means, will never have less privileges than the guest.

Obtaining a role on login

When logging in, the server assigns you roles depending on how you authenticated and the server configuration. You may for instance log in using your private cryptographic key, which commonly will assign you the role a:YourAuthorID. If you login by user/pass, you may obtain u:UserName. However, additional roles may be assigned depending on local fine tuning.

Permissions for roles

There are only a few permissions available for roles:

a  Administrator (can do anything)
c  Can create new documents
Unless you are an administrator, chance is that they will be already be set up for you and you will never have to think about them.

Permissions on documents

Permissions on a document apply to one particular role and the following ones are default:

v   Document is visible
r   Can read the document
e   Can edit the document (limited)
E   Can edit the document (full access)
d   Can delete document
s   Can share permissions with others

When a document is first created, some set of standard permissions will be applied to it. It is expected that the roles of the one that created it will at least get “vres”-access. This can be set by the administrator. After creating it, the user may wish to add additional permissions to let his/her group be able to read or edit it.

The limited edit access makes it illegal to modify signed parts of the document or delete signatures. Thus once a part of the document has been signed, the editing is locked for all future. New signatures may however be added at any time point, though with less value than had the document been signed right away.