From 8a3950fa8d069639c5319dd175313378924029c5 Mon Sep 17 00:00:00 2001
From: Frederick Muriuki Muriithi
Date: Mon, 31 Oct 2022 07:14:50 +0300
Subject: Topics: topics/authentication/authentication-authorisation-design.gmi

* topics/authentication/authentication-authorisation-design.gmi: Add
  notes on groups and roles. Also link in related issues.
---
 .../authentication/authentication-authorisation-design.gmi   | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

(limited to 'topics')

diff --git a/topics/authentication/authentication-authorisation-design.gmi b/topics/authentication/authentication-authorisation-design.gmi
index e31b760..447e5fe 100644
--- a/topics/authentication/authentication-authorisation-design.gmi
+++ b/topics/authentication/authentication-authorisation-design.gmi
@@ -9,8 +9,8 @@
 ## Authorisation
 
 * Users (authenticated)
-* Groups (users are members and you have a group leader) - every user belongs to one group!
-* Roles define access control (groups have flexible roles) - group can create unique roles
+* Groups (users are members and you have a group leader) - every user belongs to one group! Groups own the resources.
+* Roles define access control (groups have flexible roles) - group can create unique roles. Roles are essentially collections of privileges.
 * Resources (pretty flexible, give access to roles) - every data resource is owned by one group!
 * Some users can add themselves to groups/roles
 * Local database should be independent from other services and copied as a file (SQLite with JSON?)
@@ -19,3 +19,11 @@
 ## Web front-end
 
 * Web front-end which allows management of these users/groups/roles/resources
+
+## Some Related Issues
+
+The following issues are related to this topic.
+
+* issues/authorisation Clean Up Authorisation (contains extra info)
+* topics/authentication/replace-hard-coded-auth-with-gn-proxy Replace Hard coded authentication with gn-proxy
+* topics/authentication/user-info Put user info in the a/c name in the menu
-- 
cgit v1.2.3