FD1 Security Model and Authorisation

FD1 systems implement an indepth security model relating to the fact that servers may contain quite sensitive information. Once a user has been authenticated then every request they make is checked to verify if it is permitted due to security rules.

Quick Notes

• Access to each API EndPoint can be enabled or disabled
• Access to complete tables of data (eg suppliers) can be enabled or disabled, allowing read,write,control and delete seperately
• In some cases, you can further refine access to columns within a table (eg only allow "admin" to see suppliers.password)
• Users are granted access to "roles" (eg staff, admin, intern, marketing)
• Roles are granted permission to allow or block resources (endpoints, data tables)
• If a user is allowed access from any role they possess, they are permitted. This applies even if one role blocks access. This makes reasoning about security much easier. example. A user has roles "staff" and "admin". The staff role is blocked from seeing historic products; but Fd1 will allow access as the admin role grants that ability
• Roles can contain other roles, as well as direct permissions. eg "store manager", probably includes the role "staff"
• Roles can conditionally apply. The role "edit customers" might apply only when the user is in specific countries. So a manager on holiday may lose access to edit or even view customers