From 6d421c1f3ab419ec744af68aa3dc533611750209 Mon Sep 17 00:00:00 2001 From: MasterGunner Date: Sat, 28 Sep 2019 23:19:26 -0300 Subject: [PATCH] Update SecurityModel.md --- SecurityModel.md | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/SecurityModel.md b/SecurityModel.md index 0c18877..5161496 100644 --- a/SecurityModel.md +++ b/SecurityModel.md @@ -16,11 +16,13 @@ only have a single update event every few minutes, we can authenticate only as n Currently the only exposed actions that require authentication are Editor-based ones, so we aren't assigning roles or having granular permissions. Actions available via Thrimshim are: -* `get_row`: Return a single row from the database by ID. Unauthenticated. -* `get_all_rows`: Return the entire events table (or specific subsets of it), for building dashboards. Unauthenticated -* `update_row`: Updates row in the Events table. Authenticated and limited to Editors and Admins (who can update different sets of rows). Authenticated. -* `manual_link`: Override the `video_link` field in the Events Table, in case of a manual upload. Authenticated. -* `reset_row`: Clear `state` and `video_link` columns and reset `state` to 'UNEDITED' in Events table. Authenticated. +* Unauthenticated Actions + * `get_row`: Return a single row from the database by ID. Unauthenticated. + * `get_all_rows`: Return the entire events table (or specific subsets of it), for building dashboards. Unauthenticated +* Authenticated Actions + * `update_row`: Updates row in the Events table. + * `manual_link`: Override the `video_link` field in the Events Table, in case of a manual upload. + * `reset_row`: Clear `state` and `video_link` columns and reset `state` to 'UNEDITED' in Events table. ### Admin Access Node admins will connect directly to the database via third party tools (such as pgAdmin) for tasks such as adding members or manually overwriting the Events table. @@ -29,6 +31,7 @@ Node admins will connect directly to the database via third party tools (such as #### Members Table -columns | type | description --------------------------- | ---------------------------------- | ----------- -`user_email` | `TEXT NOT NULL` | The email account used for the member's Google sign in. +columns | type | description +------------| --------------------| ----------- +`email` | `TEXT NOT NULL` | The email account used for the member's Google sign in. (Primary Key) +`name` | `TEXT NOT NULL` | The public username of the user (for administration purposes)