User management

User roles

There are three types of user’s roles in Quobis wac:

  • admin: Used for reporting roles and management. These users will have access to all the content on the system and will not be limited by permissions and/or capabilities

  • user: for standard uses, they are limited by user/domain capabilities.

  • anonymous: intended for external users with a limited scope of time or a single session

Users on the system are organized on Domains. The domains allow to spread capabilities and provide services on a limited way to a selected group of users. Different use cases could take advantage of this concept, like different companies sharing the same instance, or maybe different offices of the same company. Every resource on the system belongs to a domain, so there is a default domain configured on the system. There is a base domain called quobis but extra domains can be created based on your use case requirements.

User IDs

Users have a unique identifier, the UUID. The UUID is defined as an unique identifier of a working element on the system. It can refer to a user, a group or to any other entity that can be referred on the system. This is used to resolve usernames, alias and any other element user-friendly to refer to a functional element. Any action in the system where users are involved needs to identify that users. On a hierarchic structure, following the URI conventions:

<resource>://<resource_id>/<subresource>/<subresource_id>

It will look for example:

wac://0/user/5732ecddd378c9b50d8f1c14

Consider it as an UID of the user. This is an internal concept to enable features like multi-tenancy, multi-domain, credentials abstraction, etc…

<username>@<domain>

The userID is unique in the system, any request to create the same username on the same domain will be rejected.