diff options
| -rw-r--r-- | README | 76 | ||||
| -rw-r--r-- | demo.yaml | 105 |
2 files changed, 181 insertions, 0 deletions
@@ -0,0 +1,76 @@ +README for Effi membership register +============================================================================= + +This will become a web-based membership register for the Effi +association. + +The current goal is an MVP version that can be demoed at the fall +general meeting. There will be a running demo site, with some dummy +data. It will support the following use cases: + +* Admin can create new members via the API. +* Admin can list all members via the API. +* Admin can search for members (name, email) via the API. +* Admin can view a member's information via the API. +* Admin can update a member's information via the API. +* Admin can set a member's password via the API. +* A member can access the API, but only sees their own information. +* A member can log in via a web browser and see their own information. + +Authentication will be handled by Qvisqve. Any member can +authenticate. Data will be stored in Muck, including authentication +information. A custom facade application will provide the API. A +custom application will provide a server-side rendered front-end. + +The front-end application uses the facade API to access all data. + +Facade API +----------------------------------------------------------------------------- + +The facade will have an API like this: + +* `GET /search` — search for members +* `GET /memb` — get specific member +* `POST /memb` — add a member +* `PUT /memb` — update a member +* `DELETE /memb` — remove a member + +All operations require an access token from Qvisqve. The Muck header +conventions are used for metadata. + +A member's information looks like: + + { + "fullname": "James Bond", + "email": "007@example.com", + "member-number": "7", + "hometown": "London" + } + +(This is known to be insufficient. It's for demo purposes only, for +now. It will change.) + + +Resource types in Muck +============================================================================= + +* `subject` represents a human being whose information is stored in + the system + * contains nothing that isn't needed for authentication +* `password` stores the subject's password + * references `subject` resource id + * contains a salted, scrypt'd password +* `member` contains all non-authentication information about an Effi + member + * references `subject` resource id + * contains full name, membership number, home town, email address + +Authentication +----------------------------------------------------------------------------- + +For the demo I will create users manually. Later on, Qvisqve will need +to store subjects in Muck. + +For the demo, Muck will be changed to allow a user with the super scope +be able to set the owner of a resource. This is necessary so that admin +can create resources for members, but members can see them. diff --git a/demo.yaml b/demo.yaml new file mode 100644 index 0000000..b3677ba --- /dev/null +++ b/demo.yaml @@ -0,0 +1,105 @@ +demo: + label: | + Demo at fall GM + depends: + - demosite + +demosite: + label: | + There is a demo site + depends: + - qvisqve + - testusers + - admin + - effiapp + +qvisqve: + label: | + Qvisqve is + installed + +testusers: + label: | + Qvisqve has + several test + users and + an admin user + depends: + - qvisqve + - effitool + +effitool: + label: | + A command line + tool for API + access + depends: + - facade + +muck: + label: | + Muck is + installed + depends: + - qvisqve + +facade: + label: | + An Effi API is + installed + depends: + - qvisqve + - muck + +effiapp: + label: | + An Effi app is + installed + depends: + - seeown + +seeown: + label: | + Users can see their + own info via web browser + depends: + - facade + +admin: + label: | + Admin can do + anything + depends: + - adminseeany + - adminseeall + - adminedit + - admincreate + +adminseeany: + label: | + Admin can see + any user's info + depends: + - facade + +adminseeall: + label: | + Admin can list + all users + depends: + - facade + +adminedit: + label: | + Admin can edit + any user's info + depends: + - adminseeany + +admincreate: + label: | + Admin can add + users + depends: + - facade + |