<h3>How It Works</h3>
<p>{{ __(
"Airship uses a whitelist access controls system based on three concepts:"
) }}</p>
<ol>
<li><strong>{{ __("Contexts") }}</strong>: {{ __("Where are you in the application?") }}</li>
<li><strong>{{ __("Actions") }}</strong>: {{ __("What are you trying to do?") }}</li>
<li><strong>{{ __("Rules") }}</strong>: {{ __("Which users/groups are allowed to perform which actions in which contexts?") }}</li>
</ol>
<p>{{ __(
"A particular permissions request can match many contexts, especially if there are overlapping patterns. " ~
"When this happens, every context is validated and the permission request is only granted if they all succeed. " ~
"If there are no contexts matching a particular request, the request is refused (unless the user is an admin)."
) }}</p>
<p>{{ __(
"Each Cabin has its own set of possible actions (e.g. 'create', 'read', 'update', and 'delete')."
) }}</p>
<p>{{ __(
"Rules grant a particular user or group the ability to perform a particular action within a particular context. " ~
"Rules can only be used to allow access, not deny access. (That's what white-list means.)"
) }}</p>
<p>{{ __(
"If you set a rule to allow a group to perform an action within a given context, " ~
"then all of that group's descendants will also be allowed."
) }}</p>
|
Download
