Skip to content

Permissions

Jump to bottom
Armin Burgmeier edited this page Aug 8, 2014 · 2 revisions

Access Control Lists

Gobby has a system for setting Access Control Lists (ACLs). In order to be used, the server needs to be set up such that it can associate user accounts to client connections. At the moment, the only way to do this is to use client-side certificates with the certificate-auth infinoted plugin. In future versions, also username/password based logins and external user authentication might be implemented.

User Authorization

For each entry in the infinote directory tree, permissions for each known user can be set, plus permissions for the so-called default account, which is in effect for unauthenticated clients. For each node, the permission for a user can be set to "yes", "no" or "default". The "default" option is not allowed for the root node of the tree for the default account.

When it is being checked whether a certain operation is allowed for a certain user on a given node, then first the permission of that particular node is checked. If it is set to "yes", the operation is allowed. If it is set to "no", the operation is not allowed. If it is set to "default", the result is inherited from the setting of the default account. If the permission is also set to "default" for the default account, the permission is looked up from the parent directory. Eventually, the last node that can be checked is the root node for the default account, where the permission must be set to either "yes" or "no".

Available Permissions

There are three different types of permissions:

  • Permissions that apply to leaf nodes, i.e. documents in the document tree.
  • Permissions that apply to directory nodes. This includes all permissions that apply to leaf nodes, even if they don't have an immediate effect on the directory itself, so that they can be inherited by the documents within the directory. There are additional permissions for directories which are not available for leaf nodes.
  • Permissions that apply to the root node. The root node is a special directory node, so the available permissions include those for all directory nodes. In addition, all server-wide permissions are set on the root node of the directory tree.

In Gobby, the permissions can be seen and changed when selecting the Permissions option when right-clicking on a node in the document tree, if corresponding permissions are granted to the user. Care should be taken when changing permissions, since one can accidentally revoke one's own permission to change permissions.

In the following, the available permissions are described in detail.

Document Permissions

  • can-subscribe-session: If set, the user is allowed to subscribe to the session and see its content, such as the document text, and follow all changes that the participants are making.
  • can-join-user: If set, the user is allowed to join a subscribed session, which allows the user to make changes to the document. If this is not set but can-subscribe-session is, then the user basically has read-only access to the document.
  • can-query-acl: The user is allowed to see the full ACL of the node, if the server-wide permission can-query-account-list is also set. Otherwise, only the permissions for the default account and for the user herself are available.
  • can-set-acl: The user is allowed to change the ACL of the node, if both the server-wide permission can-query-account-list and the can-query-acl permission are set as well. Any permission for any user can be altered.

Directory Permissions

  • can-add-document: If set, new documents are allowed to be added within the directory.
  • can-add-subdirectory: If set, new subdirectories are allowed to be added within the directory.
  • can-sync-in: If set, the user is allowed to create documents that do not start empty. If only can-add-document is set but not can-sync-in, then only empty documents can be created.
  • can-explore-node: If set, the user is allowed to list the contents of the directory.
  • can-remove-node: If set, the user is allowed to remove nodes that are inside the directory, but not necessarily the directory itself. The root node can never be removed.

Server-Wide Permissions

  • can-subscribe-chat: If set, the user is allowed to subscribe to the global server chat, to see what others are writing. If the can-join-user permission is set on the root node as well, then the user can also write herself in the chat.
  • can-query-account-list: If set, the user is allowed to query the list of all available user accounts from the server. This is required when viewing or changing the permissions for a node, for users other than the default account and the user herself.
  • can-create-account: If set, the user is allowed to send a certificate request to the server, and the server will then create a new account and send the client a signed certificate. See also the certificate-auth infinoted plugin. This permission can only be enabled if the server is set up such that certificate creation is possible.
  • can-override-account: If set, and the user makes a certificate request for a user that exists already, a new certificate for that user is created, and the previous one becomes invalid. If this is not set and a user with the name in the certificate request exists already, the request is rejected.
  • can-remove-account: If set, the user is allowed to delete user accounts from the server. Even if this is set, at the moment, there is no user interface in Gobby to perform this operation.

.

Clone this wiki locally