Using Eartho for Role-Based Access Control (RBAC)
Implementing Role-Based Access Control in Eartho
Role-Based Access Control (RBAC) allows users to perform actions based on a predefined set of permissions. Using Eartho, you can create hierarchical spaces to manage roles and permissions effectively. Hereβs how you can set up RBAC in your application.
Scenario Overview
Suppose you are building an application where different roles have specific permissions:
Owner: Can edit any part and control the access of other users.
Writers: Can edit content and add comments.
Commenters: Can add comments and view content.
Readers: Can only view content.
Steps to Implement RBAC
1. Create Top-Level Spaces
Create a top-level space to represent the main area of control in your application.
Access the Eartho Creators Dashboard: Log in to your Eartho Creators Dashboard.
Navigate to Spaces: Go to the Spaces section.
Create a New Space:
Click on the "Create Space" button.
Fill in the necessary details for the new Space (e.g., Space name, description).
Click "Save" to create the Space.
2. Create Nested Spaces for Roles
Within each top-level space, create nested spaces to represent roles like Owner, Writer, Commenter, and Reader.
Select the Top-Level Space: From the Spaces section, select the top-level Space you just created.
Create Nested Spaces:
Navigate to the Sub-Spaces section within the selected Space.
Click on the "Add Sub-Space" button.
Create a nested space for each role (Owner, Writer, Commenter, Reader).
Fill in the necessary details for each nested space.
Click "Save" to create each nested space.
3. Define Access Points for Each Role
Access points within each nested space will define the actions users can perform.
Select the Nested Space: From the Sub-Spaces section, select a nested space (e.g., Writer).
Navigate to Access Points: Go to the Access Points tab within the nested space.
Create Access Points:
Click on the "Add Access Point" button.
Define access points for different actions specific to the role (e.g., edit, comment, read).
Click "Save" to create the access points.
4. Add Users to Nested Spaces
Assign users to the appropriate nested spaces to grant them the corresponding roles.
Navigate to User Management: Within the nested space, go to the User Management tab.
Add Users:
Click on the "Add User" button.
Enter the user details (e.g., email, name).
Click "Save" to add the user to the nested space.
5. User Authentication and Authorization
Ensure users are authenticated and authorized based on their roles and access points within the nested spaces.
User Authentication: Ensure that users are authenticated against the access points of their respective nested spaces when they log in.
Apply Roles and Permissions: Apply the roles and permissions configured in the nested spaces to control user access and actions within the top-level space.
Example Workflow
Letβs say you are setting up RBAC for a general application:
Create Top-Level Space:
Create a top-level space named "Main Application".
Within "Main Application", create nested spaces: "Owner", "Writer", "Commenter", "Reader".
Create Access Points:
Define access points within each nested space:
Owner: Full permissions (edit, read, write, control access).
Writer: Edit and write permissions.
Commenter: Write comments and read permissions.
Reader: Read-only permissions.
Assign Users to Nested Spaces:
Add users to the appropriate nested spaces within "Main Application":
Alice (Owner): Full access in the "Owner" space.
Bob (Writer): Can edit and write in the "Writer" space.
Carol (Commenter): Can comment and read in the "Commenter" space.
Dave (Reader): Can only read in the "Reader" space.
User Authentication and Authorization:
Authenticate users based on their nested space access points.
Apply roles and permissions to control user actions within the top-level space.
By following these steps, you can effectively implement role-based access control using Eartho, ensuring that users have the appropriate permissions to perform their tasks within your application.
Last updated