Versions Compared

Old Version 1

changes.mady.by.user Myrle Krantz

Saved on

compared with

New Version Current

changes.mady.by.user Markus Geiss

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Each service has a set of permissions defined.  When a service access another service, the user needs those permissions too.  Each permission can come in the flavors READ, WRITE, and DELETE.  If you give a user a permission in a service, you should give them all the permissions in the other services that one permission depends on. This page documents those permissions and their dependencies to make this easier:

Table of Contents
maxLevel2

provisioner

All provisioner endpoints are permissioned as system permissions.  The provisioner provides no other permissions, and no service depends on provisioner permissions.

...

Identity does not depend on other services. 

identity__v1__users

flavors: READ, WRITE

...

deposit-account-management

Depends on the services rhythm, accounting, and customer. The dependency to rhythm has no influence on configurable permissions.

deposit__v1__definition

flavors: READ, WRITE, DELETE 

deposit__V1__definition.READ

  • accounting__v1__account.READ
  • accounting__v1__ledger.READ

portfolio__v1_definitions.WRITE

  • accounting__v1__account.READ
  • accounting__v1__ledger.READ
  • accounting__v1__journal.WRITE

deposit__v1__instance

flavors: READ, WRITE

deposit__v1__instance.READ

  • accounting__v1__account.READ

deposit__v1__instance.WRITE

  • accounting__v1__account.WRITE
  • accounting__v1__ledger.READ

portfolio

Depends on the services rhythm, accounting, and customer.  The dependency to rhythm has no influence on configurable permissions.

...

flavors: READ, WRITE, DELETE

teller__v1__management.READ

  • office__v1__offices.READ
  • accounting_v1_account.READ

teller__v1__management.WRITE

  • office__v1__offices.READ
  • office__v1__offices.WRITE
  • office__v1__employees.READ
  • accounting__v1__account.READ
  • accounting__v1__journal.WRITE

teller__v1__operation

flavors: READ, WRITE

teller__v1__operation.WRITE

reporting

Reporting does not depend on other services.

...

  • office__v1__employees.READ
  • accounting__v1__account.READ
  • accounting__v1__journal.WRITE
  • deposit__v1__definition.READ
  • deposit__v1__instance.READ
  • deposit__v1__instance.WRITE
  • cheques__v1__management.READ
  • cheques__v1__transaction.WRITE
  • portfolio__v1__case.READ
  • portfolio__v1__case.WRITE

cheques

cheques__v1__management

flavors: READ, WRITE

cheques__v1_management.WRITE

  • accounting__v1__journal.READ
  • accounting__v1__journal.WRITE

cheques__v1_transaction

flavors: READ, WRITE

cheques__v1__transaction.READ

  • office__v1__offices.READ
  • accounting__v1__account.READ
  • accounting__v1__journal.WRITE

payroll

payroll__v1__

...

configuration

flavors: READ, WRITE

...

WRITE, DELETE

payroll__v1__configuration.WRITE

  • customer__v1__customer.READ
  • account__v1__account.READ

payroll__v1__distribution

payroll__v1__distribution.WRITE

  • customer__v1__customer.READ
  • account

...

  • __v1__

...

  • account.READ
  • accounting__v1_journal.WRITE

reporting

Reporting does not depend on other services.

reporting

...

__v1__general

flavors: READ, WRITE

 instance";