Config Domains - Gadreel/divconq GitHub Wiki
The Domains feature described here only applies if you are using the default Auth and Domains modules. Which is the case if you are running the demo.
Add this section near the top of the config file, right under the root element is fine:
<Domains>
<Domain Id="[domain id]" Title="[title for domain]">
<Name>[repeat tag for each associated domain name]</Name>
<User Id="[user id]"
Username="[user name]"
First="[first name]" Last="[last name]"
Email="[primary email address]"
Password="[user password, plain text]"
>
<AuthTag>[repeat tag for each authorization tag]</AuthTag>
</User>
</Domain>
</Domains>
- Id: any unique number within the list of domains is fine
- Title: can be anything, just how it will show up in a status report or option list
- Name: list one or more domain names associated with this Domain
- Id: any unique number within the list of domain users is fine
- Username: any unique string within the list of domain users is fine
- First: can be anything, just how it will show up in a status report or option list
- Last: can be anything, just how it will show up in a status report or option list
- Email: can be anything, just how it will show up in a status report or option list
- Password: password of the user, as this is just for demo only plain text is supported
- AuthTag: list one or more tags representing what the user is authorized for
The AuthTag is the first and highest level of authorization in DivConq and currently the only level supported. AuthTags primarily indicate what Services you are allowed to see and call. Just because a user can "call" a service doesn't mean the service will allow the call, any call may be rejected.
Since DivConq is deeply service based, filtering what services a user can even see/call is a big step toward reduction of attack footprint. The list of AuthTags may be extended by custom development or third party modules, however, the default list in DivConq is:
- Guest: user is guest and may only see/call services accessible to Guest
- User: user has been verified
- PowerUser: verified and allowed to call advanced features/scripts but minimal config access
- Admin: allowed to do any and all config for the current domain
- SysAdmin: allowed to do any and all config for any domain, any settings, any operation. Not restricted.
The entire list of tags travels with the user (the OperationContext
) as part of each call to services, so it is best to keep the list small. If extending DivConq try not to add more than a few dozen tags and generally users should not need more than a handful. If you find your design is outgrowing these suggestions then reduce number of tags and add another layer of authorization checks under this layer.
One thing to keep in mind is that just because a service cannot be called by a user directly does not mean the service is completely unusable by that user. Consider an Email Service. The Email Service is marked for Admin
access. Anyone with Admin
access can call the email service directly and send what ever emails they like.
But what about sending emails as part of Password Recovery? Surely even Guest
can send emails to themselves? Well they can but not by calling the Email Service directly. The Password Recovery service is callable by Guest
which in turn can decide if the recovery request is valid or not. The Password Recovery service may call Email Service, even if the user is Guest
.
How does that work? Once you make a call to a service your OperationContext
is elevated for that call. From within that call the user can call yet other services as if they where SysAdmin. Thus it is vital that Password Recovery be coded carefully because once the user (the OperationContext
) is in Password Recovery they have the rights to everything. Although this sounds ominous it is no more dangerous than a SQL Injection or other such attack. If you code correctly users cannot damage your system - if you don't some really bad things can happen.
<Domains>
<Domain Id="1" Title="Root and Local">
<Name>localhost</Name>
<Name>root</Name>
<Name>root.awww.com</Name>
<Name>local.awww.com</Name>
<User Id="0"
Username="root"
First="root" Last="ROOT"
Email="[email protected]"
Password="A1s2d3f4"
>
<AuthTag>PowerUser</AuthTag>
<AuthTag>Admin</AuthTag>
<AuthTag>SysAdmin</AuthTag>
</User>
<User Id="1"
Username="awhite"
First="Andy" Last="White"
Email="[email protected]"
Password="abc123"
>
<AuthTag>PowerUser</AuthTag>
<AuthTag>Admin</AuthTag>
<AuthTag>SysAdmin</AuthTag>
</User>
<User Id="2"
Username="pwhite"
First="Pat" Last="White"
Email="[email protected]"
Password="temp123"
>
<AuthTag>PowerUser</AuthTag>
</User>
</Domain>
<Domain Id="2" Title="Customer One">
<Name>one.awww.com</Name>
<User Id="1"
Username="awhite"
First="Andy" Last="White"
Email="[email protected]"
Password="abc123"
>
<AuthTag>PowerUser</AuthTag>
<AuthTag>Admin</AuthTag>
<AuthTag>SysAdmin</AuthTag>
</User>
<User Id="2"
Username="cwhite"
First="Carter" Last="White"
Email="[email protected]"
Password="a1s2d3"
>
<AuthTag>PowerUser</AuthTag>
</User>
</Domain>
<Domain Id="3" Title="Customer Two">
<Name>two.awww.com</Name>
<User Id="1"
Username="awhite"
First="Andy" Last="White"
Email="[email protected]"
Password="abc123"
>
<AuthTag>PowerUser</AuthTag>
<AuthTag>Admin</AuthTag>
<AuthTag>SysAdmin</AuthTag>
</User>
</Domain>
</Domains>
Only configure this for the dcFileServer - never for dcFileGateway.
To change the path of the File Store for a given domain include a Settings
<Domains>
<Domain Id="[domain id]" Title="[title for domain]">
<Name>[repeat tag for each associated domain name]</Name>
<User Id="[user id]"
Username="[user name]"
First="[first name]" Last="[last name]"
Email="[primary email address]"
Password="[user password, plain text]"
>
<AuthTag>[repeat tag for each authorization tag]</AuthTag>
</User>
<Settings FileStorePath="[path to files for this domain]" />
</Domain>
</Domains>
For example:
<Domains>
<Domain Id="1" Title="Root and Local">
<Name>localhost</Name>
<Name>root</Name>
<Name>one.awww.com</Name>
<User Id="0"
Username="root"
First="root" Last="ROOT"
Email="[email protected]"
Password="A1s2d3f4"
>
<AuthTag>PowerUser</AuthTag>
<AuthTag>Admin</AuthTag>
<AuthTag>SysAdmin</AuthTag>
</User>
<Settings>
<FileServer FileStorePath="./files/store/one" />
</Settings>
</Domain>
<Domain Id="2" Title="Customer One">
<Name>one.awww.com</Name>
<User Id="1"
Username="awhite"
First="Andy" Last="White"
Email="[email protected]"
Password="abc123"
>
<AuthTag>PowerUser</AuthTag>
</User>
<Settings>
<FileServer FileStorePath="./files/store/two" />
</Settings>
</Domain>
</Domains>