diff options
author | Lars Wirzenius <liw@liw.fi> | 2018-11-24 20:55:56 +0200 |
---|---|---|
committer | Lars Wirzenius <liw@liw.fi> | 2018-11-24 20:55:56 +0200 |
commit | 3ce2c8b2a997ca27d6b60830ac08d87c3087505f (patch) | |
tree | 3f43d8b89d07ddc76756288846ee6fac46ff40e2 /README | |
parent | 006000ade8712a4866646fcc80613b1ae34a0e6a (diff) | |
download | muck-poc-3ce2c8b2a997ca27d6b60830ac08d87c3087505f.tar.gz |
Add: expanded description of access control
Diffstat (limited to 'README')
-rw-r--r-- | README | 8 |
1 files changed, 6 insertions, 2 deletions
@@ -20,8 +20,12 @@ expected signing key is a key Muck configuration item. I use Qvisqve for my OpenID provider, but any provider should work. Access control is currently very simplistic, but will be improved -later. The goal is to allow access to be specified per user, per -resource, and per operation. +later. Currently each resource is assigned an owner upon creation, and +each user (subject) can access (see, update, delete) only their own +resources. The goal is to allow access to be specified per user, per +resource, and per operation (Tomjon can allow Verence to see a +specific resource, but not update or delete). This will require the +OpenID provider to support groups. Muck is currently a single-threaded Python program using the Bottle.py framework and its built-in HTTP server. The production version of Muck |