The Ceptor Identity Management database API has support for a series of ACLs to ensure proper security access when accessign accessing the user database.
What is an ACL
...
As a general rule, if an ACL is not created, all users have access to the functionality it protects, but if it is created, only the users belonging to the groups defined by the ACL has the proper rights to it, all other users does dousers has not have the right.
ACL List
...
ACL Name | Description |
attr.<attribute>.read | Restricts the access to read a certain <attribute> to certain users. For example, if an acl called “attr.firstname.read” exists, only the users with the proper access is allowed to read the attribute “firstname”. |
attr.<attribute>.write | Like attr.<attribute>.read, only users with this ACL are allowed to write (change or delete) the given attribute. Note that if the ACL does not exist for a given attribute, all users has have access to delete or change the attribute. |
attr.<attribute>.create | If this ACL exists for a given attribute, only users who have it are allowed to create this new attribute if it doesn’t already exists exist for a user. |
user.create | Only users with this ACL can create new users |
user.read | Users with this ACL can view other users |
user.write | If a user does not have this attribute, he is not able to make changes to other users at all. |
profile.read | Users with this ACL, have the right to read profiles |
profile.create | This ACL is required in order to create new profiles |
profile.write | ACL needed to make changes to existing profiles, including deletions. |
profile.assignall | Users with this ACL, are able to assign all existing profiles to other users. This particular ACL overrides checks for the profile.<profileID>.assign ACL. |
profile.<profileID>.assign | Users with this ACL, are able to assign the given <profileID> to other users. |
group.read | Required in order to read lists of groups |
group.create | Users must have this ACL to be able to create new groups |
group.write | Users cannot update/delete groups without this |
acl.create | In order to create new ACLs, a user must have this ACL |
acl.write | Required to write or delete an existing ACL |
organisation.read | To read the list of organizations, users must have this ACL |
organisation.create | Required to create new organizations |
organisation.write | Required to write or delete an organization |
revisionlog.read | Restricts access to the revision log, so only users with this ACL are allowed to read the contents of the revisionlog. |
nonreplog.read | Restricts access to the nonrep-log, so only users with this ACL are allowed to read the contents of the log. |
batchcommand.execute | Execution of batch commands require requires this ACL. |
challenge.read | This ACL is required to read challenges |
challenge.write | Required to write/update challenges |
custcmd.execute | Required to execute custom commands |
user.search.ownorg | If a user has this ACL, he is allowed to search within his own organisations. |
user.search.allorgs | Allows a user to search for users not belonging to his own organization. Without this, a user is only allowed to search for other uses belonging to the same organisation as the one performing a search (if he has the user.search.ownorg ACL). Note that user.search.org.<orgid> might still restrict the list of organisations actually allowed to search. Note that this ACL does not give the user the right to search within his own organisations, but it only gives him the right to search within all other organisations. |
user.search.specificorgs | Overrides the other properties, user.search.allorgs and user.search.ownorg by specifying that the user only has access to those organisations that specifically are *granted* by an ACL (user.search.org.<orgid>) – if the ACL for an organisation is not defined, the user will not have access to it. This can be use used to grant a specific user access to only a few specific organisations, defaulting to no access.
Note: If a user has this ACL, the ACLs user.search .allorgs and user.search.ownorg will be ignored for him. |
user.search.org.<orgid> | Even if a user has access to search in all organisations, this ACL can restrict access to a single organisation, which means that if this ACL is present, the user must have it in order to search users in this specific organisation. Note that this ACL can also be used to restrict searches in a users own organisation too. |
organisation.read.ownorg organisation.read.allorgs organisation.read.specificorgs organisation.read.org.<orgid> | Functions like user.search.ownorg, users.search.allorgs, user.search.specificorgs and user.search.org.<orgid> but is used to restrict the list of organisations that can be found by a user, instead of restricting searches on users. |
list.nonreplog.read | To view the non-repudiation log, access to this ACL is required. |
list.revisionlog.read | Required to view the revision log |
list.transactionlog.read | Required to view the transaction log |
ppadmin.read | Allows the user readonly actions using the administration client. |
ppadmin.write | Allows the user to update items using the administration client. |
ppadmin.configuration-management.manage.read | Allows the user to read the Ceptor configuration using the administration client – if this ACL does not exist, ppadmin.read and ppadmin ACLs will be checked. |
ppadmin.configuration-management.manage.write | Allows the user to update the Ceptor configuration using the administration client – if this ACL does not exist, ppadmin.read and ppadmin ACLs will be checked. |
ppadmin.status-management.general.read | Allows the user to view status of running servers, and read log entries from the log server using the administration client. |
ppuseradmin.access | Allows the user access to the web user administration client (apart from any group relations) |
...