User and rights management

A developed system of access rights differentiation is implemented in Tengri.

The principles are supported:

DAC — discretionary access control
RBAC — role-based access control

Key concepts of a rights differentiation system

Protected Object: An entity to which access (privileges) can be granted.

Role: An entity to which access rights (privileges) can be granted. Roles can be assigned to users or to other roles.

Privilege: A specific level of access to an entity. Assigned to users or roles.

User: An identifier associated with a person or service. A user is an object that can be granted privileges and/or roles.

Operations with objects of the rights differentiation system