Permissions Scheme
Permissions
A user only has permissions to a group of resources. The clearest way to see this is that a user cannot interact with any other user's fields.
Examples of resources are: fields, labors and management zones.
When a user creates a field, he has absolute permissions on all the information associated with it.
On the other hand, users can share their fields or farms with one or several selected users, enabling (total) Read, Write, Edit or Administration permission over them.
In this way, the group of resources over which a user has permissions are those that he/her has created (absolute permissions) and those that have been shared with him/her (Read, Write, Edit or Administration permissions).
User’s features
What a user can do in Auravant is normally determined by the features of its Plan and/or its Add-ons.
Each action on a resource is a Feature: Create, Read, Update and Delete (CRUD). For example: Create fields, Read user labors and Update management zones.
Extensions Claimsets
A Claimset is a set of features assigned to a version of an Extension. When an Extension tries to perform an action on a resource, it will be checked if the current version includes the necessary feature in its Claimset.
That is why when installing an Extension, the user will see in detail which are the features of the current version and will decide if he/she wants to authorize it.
Final Permissions
In short: *An Extension will be able to interact only with resources over which the user has permissions.
- The possible interactions on those resources arise from the intersection between the user's features and the Claimset of the current version.