azaion/admin
1
0
Fork 0
mirror of https://github.com/azaion/admin.git synced 2026-04-23 07:36:33 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
5286b6b8e36f90339d6a2a0e7251ac0034c66433
admin/_docs/00_problem/problem.md
T
Oleksandr Bezdieniezhnykh d320d6dd59 [AZ-189] [AZ-190] [AZ-191] [AZ-192] [AZ-193] [AZ-194] [AZ-195] Add e2e blackbox test suite 
Made-with: Cursor
2026-04-16 06:25:36 +03:00

39 lines
2.5 KiB
Markdown
Raw Blame History

# Problem Statement
## What is this system?
The Azaion Admin API is the backend management service for the Azaion Suite — a platform for AI-powered data annotation workflows. The suite includes desktop client software (annotators, dataset explorers) that must be securely distributed and controlled.
## What problem does it solve?
The Azaion platform needs to:
1. **Control who can use the software** — only registered, authorized users should access the annotation tools. Different users have different permission levels (operators can annotate, validators can review, admins can manage everything).
2. **Bind software to specific hardware** — prevent unauthorized copying or redistribution of proprietary software components (AI models, DLLs). Each user's resources must be tied to their specific physical machine.
3. **Securely distribute software updates** — deliver installers and resource files (AI models, DLLs) to authorized users, encrypted such that only the intended user on the intended hardware can use them.
4. **Manage the user base** — admins need to create accounts, assign roles, enable/disable users, reset hardware bindings, and track activity (last login).
5. **Support annotation queue coordination** — users participate in annotation queues and need to maintain per-user offset tracking to resume work across sessions.
## Who are the users?
| User Type | Role(s) | What They Do |
|-----------|---------|-------------|
| Annotators | Operator | Use the desktop client to annotate data; submit annotations to queues |
| Validators | Validator | Review annotations from queues, explore datasets |
| Companion PCs | CompanionPC | Automated annotation devices (e.g., OrangePi) |
| Resource Uploaders | ResourceUploader | Upload DLLs and AI models to the server |
| System Administrators | ApiAdmin | Full control: user management, resource management, all operations |
## How does it work at a high level?
1. An admin creates user accounts via the API (or admin web panel at admin.azaion.com)
2. Users authenticate via email/password and receive a JWT token
3. On first resource access, the client sends its hardware fingerprint, which is stored for the user
4. When downloading resources, the API encrypts files using a key derived from the user's email, password, and hardware hash — only that specific user on that specific machine can decrypt
5. Installers (production and staging) are distributed to authenticated users without per-user encryption
6. Users maintain annotation queue offsets that persist across sessions
Reference in New Issue View Git Blame Copy Permalink