azaion/admin
1
0
Fork 0
mirror of https://github.com/azaion/admin.git synced 2026-06-21 22:21:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
837b1f23748bf6288f3ac7b502fb063049a144b2
admin/_docs/02_document/modules/common_entities_role_enum.md
T
Oleksandr Bezdieniezhnykh a77b3f8a59 [AZ-529] [AZ-530] Cycle-2 documentation refresh 
Refreshes _docs/02_document/ to reflect the cycle-2 auth-modernization
+ CMMC hardening landings (AZ-531..AZ-538). Authoritative source for
the ripple set is ripple_log_cycle2.md.

Covered:
- architecture.md (section 1 rewritten, ADRs 6-9 added)
- data_model.md (sessions, audit_events, user columns, migrations)
- system-flows.md (F1 rewritten; F11-F17 added; F2/F7/F9 minor)
- module-layout.md (cycle-2 sub-component table)
- diagrams/flows/flow_login.md (dual-token + MFA)
- components/{01_data_layer,03_auth_and_security,05_admin_api}
- modules/ (12 new, 8 modified — full Argon2id/ES256/MFA/refresh
  /mission/session/audit/jwks rollup)
- tests/{blackbox,security,traceability-matrix}

Step 13 (Update Docs) output for cycle 2.

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-05-14 09:22:53 +03:00

2.6 KiB
Raw Blame History

Module: Azaion.Common.Entities.RoleEnum

Purpose

Defines the authorization role hierarchy for the system.

Cycle 2 (2026-05-14) noteService = 60 added by AZ-535 for service-to-service verifier identities (satellite-provider, gps-denied, ui). Each verifier deployment provisions one Role=Service user; the role is gated to read /sessions/revoked only (via revocationReaderPolicy) and is not valid for any user-facing endpoint.

Public Interface

Enum Value Int Value Description
None 0 No role assigned
Operator 10 Annotator access only; can send annotations to queue
Validator 20 Annotator + dataset explorer; can receive annotations from queue
CompanionPC 30 Companion PC role (UAV / aircraft identities; AZ-533 mission tokens are bound to these via aircraft_id)
Admin 40 Admin role
ResourceUploader 50 Data-only — apiUploaderPolicy was removed in the post-cycle-1 AZ-183 revert. The seed uploader@azaion.com user keeps this role for negative-auth tests.
Service 60 AZ-535 — service-to-service identity for verifiers polling /sessions/revoked. NOT valid for any user-facing endpoint.
ApiAdmin 1000 Full access to all operations

Internal Logic

Integer values define a loose hierarchy; higher values don't necessarily imply more permissions — policy-based authorization in Program.cs maps specific roles to policies.

Dependencies

None.

Consumers

  • User.Role property type
  • RegisterUserRequest.Role property type
  • Program.cs — authorization policies (apiAdminPolicy, revocationReaderPolicy cycle 2)
  • AuthService.CreateToken — embeds role as claim
  • AzaionDbSchemaHolder — maps Role to/from text in DB (text enum → Enum.Parse(typeof(RoleEnum), v); the new Service value parses through the existing converter without migration)
  • UserService.GetUsers — filters by role
  • UserService.ChangeRole — updates user role
  • MissionTokenService.Issue — validates aircraft_id resolves to a CompanionPC user
  • Program.cs IssueDualTokens — fires RevokeMissionsForAircraft when the authenticated user has Role = CompanionPC

Data Models

Part of the User entity.

Configuration

None.

External Integrations

None.

Security

Core to the RBAC authorization model. ApiAdmin has unrestricted access; Service is narrowly scoped to the /sessions/revoked verifier-poll feed; ResourceUploader is data-only after AZ-183 was reverted; other roles have endpoint-level restrictions.

Tests

None.

Reference in New Issue View Git Blame Copy Permalink