mirror of
https://github.com/juanfont/headscale.git
synced 2024-11-26 08:53:05 +00:00
docs(acls-proposal): wording comment
A hidden thing was implied in this document is that each person should have his own namespace. Hidden information in spicification isn't good. Thank's @kradalby for pointing it out.
This commit is contained in:
parent
c364c2a382
commit
55d746d3f5
1 changed files with 6 additions and 0 deletions
|
@ -72,6 +72,12 @@ This implementation would render useless the sharing feature that is currently
|
||||||
implemented since an ACL could do the same. Simplifying to only one user
|
implemented since an ACL could do the same. Simplifying to only one user
|
||||||
interface to do one thing is easier and less confusing for the users.
|
interface to do one thing is easier and less confusing for the users.
|
||||||
|
|
||||||
|
To better suit the ACLs in this proposition, it's advised to consider that each
|
||||||
|
namespaces belong to one person. This person can have multiple devices, they
|
||||||
|
will all be considered as the same user in the ACLs. OIDC feature wouldn't need
|
||||||
|
to map people to namespace, just create a namespace if the person isn't
|
||||||
|
registered yet.
|
||||||
|
|
||||||
As a sidenote, users would like to write ACLs as YAML. We should offer users
|
As a sidenote, users would like to write ACLs as YAML. We should offer users
|
||||||
the ability to rules in either format (HuJSON or YAML).
|
the ability to rules in either format (HuJSON or YAML).
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue