The Ceptor Identity Management database API has support for a series of ACLs to ensure proper security access when accessing the user database.
What is an ACL
An ACL (Access Control List) is a method that can be used to restrict certain actions to certain users.
Most API functions in Ceptor UserAdmin are protected by one or more ACL's – in order for a user to execute the given functionality, he must be a member of one of the groups that are assigned to the ACL.
An ACL has any number of usergroups as a member, if a user is a member of one or more of the listed groups, he has access to the functionality which the ACL protects.
As a general rule, if an ACL is not created, all users have access to the functionality it protects, but if it is created, only the users belonging to the groups defined by the ACL has the proper rights to it, all other users dousers has not have the right.
Restricts the access to read a certain <attribute> to certain users. For example, if an acl called “attr.firstname.read” exists, only the users with the proper access is allowed to read the attribute “firstname”.
Like attr.<attribute>.read, only users with this ACL are allowed to write (change or delete) the given attribute. Note that if the ACL does not exist for a given attribute, all users have access to delete or change the attribute.
If this ACL exists for a given attribute, only users who have it are allowed to create this new attribute if it doesn’t already exist for a user.
Only users with this ACL can create new users
Users with this ACL can view other users
If a user does not have this attribute, he is not able to make changes to other users at all.
Users with this ACL, have the right to read profiles
This ACL is required in order to create new profiles
ACL needed to make changes to existing profiles, including deletions.
Users with this ACL, are able to assign all existing profiles to other users. This particular ACL overrides checks for the profile.<profileID>.assign ACL.
Users with this ACL, are able to assign the given <profileID> to other users.
Required in order to read lists of groups
Users must have this ACL to be able to create new groups
Users cannot update/delete groups without this
In order to create new ACLs, a user must have this ACL
Required to write or delete an existing ACL
To read the list of organizations, users must have this ACL
Required to create new organizations
Required to write or delete an organization
Restricts access to the revision log, so only users with this ACL are allowed to read the contents of the revisionlog.
Restricts access to the nonrep-log, so only users with this ACL are allowed to read the contents of the log.
Execution of batch commands requires this ACL.
This ACL is required to read challenges
Required to write/update challenges
Required to execute custom commands
If a user has this ACL, he is allowed to search within his own organisations.
Allows a user to search for users not belonging to his own organization. Without this, a user is only allowed to search for other uses belonging to the same organisation as the one performing a search (if he has the user.search.ownorg ACL). Note that user.search.org.<orgid> might still restrict the list of organisations actually allowed to search.
Note that this ACL does not give the user the right to search within his own organisations, but it only gives him the right to search within all other organisations.
Overrides the other properties, user.search.allorgs and user.search.ownorg by specifying that the user only has access to those organisations that specifically are *granted* by an ACL (user.search.org.<orgid>) – if the ACL for an organisation is not defined, the user will not have access to it. This can be used to grant specific user access to only a few specific organisations, defaulting to no access.
Note: If a user has this ACL, the ACLs user.search .allorgs and user.search.ownorg will be ignored for him.
Even if a user has access to search in all organisations, this ACL can restrict access to a single organisation, which means that if this ACL is present, the user must have it in order to search users in this specific organisation.
Note that this ACL can also be used to restrict searches in a users own organisation too.
Functions like user.search.ownorg, users.search.allorgs, user.search.specificorgs and user.search.org.<orgid> but is used to restrict the list of organisations that can be found by a user, instead of restricting searches on users.
To view the non-repudiation log, access to this ACL is required.
Required to view the revision log
Required to view the transaction log
Allows the user readonly actions using the administration client.
Allows the user to update items using the administration client.
Allows the user to read the Ceptor configuration using the administration client – if this ACL does not exist, ppadmin.read and ppadmin ACLs will be checked.
Allows the user to update the Ceptor configuration using the administration client – if this ACL does not exist, ppadmin.read and ppadmin ACLs will be checked.
Allows the user to view status of running servers, and read log entries from the log server using the administration client.
Allows the user access to the web user administration client (apart from any group relations)