Ilmatar Module Ua 1.0.91
- Support project with your solutions
- Let open source grow
- Showcase your code
- Protect your intelectual property
- Influence project direction
- Support project evolution
- Ensure continuous development
Maslosoft Ilmatar Module Ua
Ilmatar user management module
Users and group management
This is module for managing users and users groups. This include creating and editing user accounts, registering, authenticating, managing access control and groups of users.
Group Role Based Access Control
Group role based access control is extension of Role-Based access control. Instead of applying roles to individual users, roles are applied to groups. Then users are added to groups to attach proper permissions. This has several advantages over attaching roles directly to users.
Reusable presets of permissions
Each group can define access to user actions and other scenarios. User can be attached to one or more groups. This results in merged permissions. Permissions are merged in secure way, so that in case of conflicting role access levels, permission is simply denied. This merge is done by incorporating different access levels. For each entity there are three possible values:
- Not set
Allow means that user have access to resource, unless he is member of group which has explicitly denied access.
When not set, it will denied access, unless some other group allows it. If in any group resource is set to deny, it will not allow access even if other group allowed it. While it might sound complicated, access resolving could be show in simple equation: