[Proposal] mid 2016 - end 2017 authentication (login), authorisation (roles and types of access)

Is that relevant in chest?

Please, @almereyda give a short and relevant description of what authentication and and authorisation is about

  • authentication …

  • autorisation …

what do we need that for…

… access control…

Is that already relevant, when we enable users to map in an open editor.

If I take wikipedia as an example, which I easily understand. How would it be there?

What is the authentication?: my login to the wiki system, as is my login here to discourse.
What is the authorisation? the roles I can get in the system and the different access of manipulation to the system that is connected to that role.

Do I get that right. What is to add, to make it understandable in discuss it with nuts and bolts?

@almereyda @gandhiano @species

I think there are two features we are trying to provide here:

  • access control for data - e.g. define who has access to see certain POIs
  • common authentication to the different tools

Access control could be well supported by LDAP, attributing roles, groups, etc. and keeping an (hierarchical) index of users.
However, based on the discussion we just had now, it might be that this is not necessary to be accommodated as part of TransforMap itself: TransforMap just stores a variable with a token for the domain/group/user which has the access to the variable and it’s at the end-site plugin (e.g. the Wordpress TransforMap plugin) that the access control should be dealt with.

Common authentication could be achieved with LDAP, OAuth or Persona and would be something that allows us to navigate, using the same login, through the different tools of TransforMap (discourse, owncloud, editor, OSM, …). If we want to support integration with OSM, we might want to use something that OSM may already support (OAuth?)

I suggest having common authentication in TransforMap tools as part of a mid 2016 milestone.

Access control on third-party platforms (such as Wordpress - Solawi/Transition Network, Django - wechange/wachstumswende, Drupal/Open Atrium - co-munity) to have on the first half of 2017.