Structr provides graph-based permission resolution to control access rights for non-admin users based on a domain security model. By setting rules for how access rights are propagated over relationships in the graph, the effective access permissions can be controlled.
In the above example, the schema is configured in such a way that users with the
maintains relationship to a
ProductGroup will have access to any
Product object in the group they maintain, but not to the subgroups of the given group.
Schema relationships that are configured to allow domain permission resolution are called active relationships. Active relationships are displayed in a different color than normal relationships in the schema editor.
When a non-admin user accesses a private object (e.g. a
Product node from the above example schema), Structr tries to find a connected path of active relationships from the user to the accessed entity. Each step of the path controls addition and removal of each of the four permission flags in Structr individually. The path will be evaluated sequentially, starting from the accessing user.
In detail: We assume that a user with the
maintains relationship on a given
ProductGroup tries to access a
Product contained in that group. Structr will then execute the following steps:
- Find a path from User to Product
- Evaluate the path, starting from the User entity
- Modify the effective permissions according to each step’s settings
- Collect the list of hidden properties according to each step’s settings
- Allow / deny access based on the evaluation result
- Store / cache the evaluated path
Successful path evaluation
User-[:maintains]->ProductGrouprelationship is configured to add the
ProductGroup-[:contains]->Productrelationship is configured to keep
- The effective permissions at the end of the evaluation process are
Unsuccessful path evaluation
Let’s assume a user wants to access a product that is not contained in the product group he/she has access to, but in a subgroup of the given group. In this case, Structr will not be able to find a connected path of active relationships and will fail the permission resolution.
Properties in the Hidden Properties input field are removed from the JSON output of an entity accessed over a permission resolution path. If you for example want to remove the properties
value from the JSON output of the
Product entity in the above example, the hidden properties input field should contain
- The Structr Knowledge Graph
- About Structr
- Getting Started
- Installation and Setup
- Working with Structr
- Advanced Topics