10. Authentication & Authorization¶
10.1. Overview¶
The tool’s authentication is the method used to provide the control over the request of accessing the resources (documents, reports, views...). To keep it simple, we use here a pretty basic implementation inspired from the role-based access control.
Each user is assigned to a role which decides which resources she/he has access to.
In brief, we can assume that there’s a role for each product in order to view the reports related to it (might be web view or Jasper).
10.2. Registration & Role granting¶
The registration procedure is implemented using the django_registration project. Here below is situated the capture of the registration window.
Once this step is completed, the user will be asked to check his/her email to proceed with the confirmation.
As mentioned above, each user once created will be given a basic role, in order to change this, a request will have to be made to the administrator who has a super role enough to modify accordingly.
See also