README update
This commit is contained in:
parent
a7cfe5423c
commit
a9908893ab
53
README.rst
53
README.rst
|
@ -19,11 +19,11 @@ Features
|
|||
--------
|
||||
|
||||
Policy administration:
|
||||
- Define RBAC policies
|
||||
- Define policies based on RBAC and ABAC rules
|
||||
|
||||
ACS administration:
|
||||
- The access control system possess its access control system that governs ACS
|
||||
and all the policies
|
||||
- The access control system possesses its access control system that governs
|
||||
ACS and all the policies
|
||||
|
||||
Web interface:
|
||||
- Web interface to define policies
|
||||
|
@ -32,7 +32,6 @@ Web interface:
|
|||
Other:
|
||||
- Define objects with regexp
|
||||
- Permission delegations
|
||||
- Define ABAC permissions
|
||||
|
||||
Comming soon...
|
||||
- Permission limited life time
|
||||
|
@ -49,32 +48,44 @@ Dependencies
|
|||
Quick Start
|
||||
-----------
|
||||
|
||||
Before running the ACS application, you must execute:
|
||||
** Before running the ACS application, you must execute the initialization
|
||||
script **
|
||||
|
||||
python manage.py syncdb \
|
||||
&& python manage.py initialize-acs <username> [--existing]
|
||||
Initialization script:
|
||||
- Initialize ACS.
|
||||
- Create a root user with all rights.
|
||||
- Inject the attribute definitions in the database.
|
||||
|
||||
The application is initialized with a single root administrator.
|
||||
Run with:
|
||||
python manage.py initialize-acs <username> [--existing] \
|
||||
[--without-abac] [--reload-abac]
|
||||
|
||||
With the option [--existing], you empower an existing Django user.
|
||||
Else you create that user. You will be able to add other root administrators
|
||||
through the Web interface.
|
||||
--existing
|
||||
The user already exists in the database.
|
||||
Else, the user is created.
|
||||
|
||||
To reset the database from acs and reinitialized the application, execute:
|
||||
--reload-abac
|
||||
Skip the initial configuration and update the
|
||||
attribute definitions.
|
||||
|
||||
python manage.py sqlclear acs | python manage.py dbshell \
|
||||
&& python manage.py syncdb \
|
||||
&& python manage.py initialize-acs <username> [--existing]
|
||||
*** Be sure to use --reload-abac option if it is not the first
|
||||
time the script is run and it is not expected to reinitialize
|
||||
ACS ***
|
||||
|
||||
A successful initialization ends with the message:
|
||||
--without-abac
|
||||
Only the initial configuration.
|
||||
|
||||
---> Successful initialization
|
||||
Reinitialization:
|
||||
python manage.py sqlclear acs | python manage.py dbshell \
|
||||
&& python manage.py syncdb \
|
||||
&& python manage.py initialize-acs <username> [--existing] \
|
||||
[--without-abac] [--reload-abac]
|
||||
|
||||
[Optionnal] If you plan to set ABAC permissions, you need to inject attribute
|
||||
definitions used to map namespaces. Check these definitions in
|
||||
acs/abac/namespaces.json and attribute_mapping.json. Then run:
|
||||
If you want to clear all the attribute definitions use
|
||||
python manage.py sqlclear abac
|
||||
|
||||
python manage.py load-abac
|
||||
WARNING: The reinitialization or rerunning the initialization script
|
||||
assume that you want to reset ACS and you will loose all policies.
|
||||
|
||||
To run the application with the django embedded server, launch the following
|
||||
command:
|
||||
|
|
Reference in New Issue