Skip to content

Instantly share code, notes, and snippets.

@sambacha

sambacha/acl_systems_rest.md

Created May 23, 2024 22:25
Show Gist options
  • Save sambacha/a5d1685e2e9e0debcf2079c8df638982 to your computer and use it in GitHub Desktop.
Save sambacha/a5d1685e2e9e0debcf2079c8df638982 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
acl_systems_rest.md

Access control matrix for account sharing system

Endpoint user1 user2 user3 user4
/balance GET GET GET GET
/transfers GET GET GET
POST POST
/settings PATCH

Table 1

This (fig. Table 1) shows an access control matrix for a banking website whereby user1 has reporting access (to view /balance only) and user2 has auditing access (read-only access to view balance and a list of transactions), user3 has read-write access (can create transactions), and user4 has full administrative access (can change account settings).

Threshold-based system

Endpoint user1 user2 user3 user4
/balance GET GET GET GET
$/$ transfers GET GET GET
$2 / 3:$ POST
/settings $3 / 3:$ PATCH

Table 2

This shows the access control matrix from fg. Table 2, updated for a threshold-based system. As before, user1 has read-only access to view the account bal- ance, but now, at least 2 of user2, user3, and user4 must agree to create a transfer, and all 3 must agree on all settings changes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment