diff --git a/Connector-Spaces.md b/Connector-Spaces.md index 51a07a3..b7c4d0a 100644 --- a/Connector-Spaces.md +++ b/Connector-Spaces.md @@ -7,7 +7,11 @@ objects: WebDAV server, Nextcloud account, Seafile server, or SMB share. Profiles are administered in settings at system or tenant scope, with the same inheritance and limit semantics used by mail-server profiles. -2. A linked file space binds one concrete remote folder or library path from an +2. A governed credential profile defines reusable authentication material for + one provider or for any compatible provider. Credentials are administered + separately from connection profiles and can carry their own allow/deny + policy. +3. A linked file space binds one concrete remote folder or library path from an allowed profile to a user or group. Linked spaces appear beside "My files" and group file spaces in the files module. @@ -22,11 +26,19 @@ Connection profile: - endpoint URL and optional base path - scope: `system` or `tenant` for administered profiles; user/group profiles may be allowed later only when policy explicitly permits them -- credential mode: anonymous, environment reference, secret reference, or a - future encrypted secret store +- optional credential profile id - capabilities: browse, sync, import, optional write when a provider supports it - profile-local policy for allow/deny rules +Credential profile: + +- provider: a specific provider or any provider +- scope: `system` or `tenant` for administered credentials +- credential mode: anonymous, environment reference, secret reference, or + encrypted stored password/token +- username and redacted secret configuration +- credential-local policy for allow/deny rules + Connector policy: - system policy is the baseline @@ -34,7 +46,8 @@ Connector policy: lower-level relaxation - future user/group policy may narrow tenant policy for self-service links - policies can allow or block providers, profile ids, endpoint URLs, external - path prefixes, credential inheritance, and local linked-space creation + path prefixes, credential ids, credential inheritance, and local linked-space + creation Linked connector space: @@ -73,14 +86,17 @@ Implemented: - provider descriptors for Seafile, Nextcloud, WebDAV, and SMB - database-backed connector profiles with system and tenant scope -- encrypted stored password/token support for database profiles +- database-backed connector credentials with system and tenant scope +- encrypted stored password/token support for database credentials - JSON/environment-defined connector profiles with system, tenant, user, group, and campaign visibility -- connector allow/deny policy enforcement before browse/import/sync +- connector allow/deny policy enforcement before browse/import/sync, including + provider, connection profile, credential profile, and path checks - read-only browse endpoints - import and sync into managed files with provenance and revision metadata - audit events for connector import, sync, and access -- settings/admin UI sections for system and tenant file connections +- settings/admin UI sections for system and tenant file connections and + credentials - linked connector-space rows owned by users or groups - file-space API responses that include linked connector spaces - Files UI entry point to create linked connector spaces from a browsed remote @@ -101,8 +117,9 @@ Missing: 1. Persist governed connector profiles and policies. - `file_connector_profiles` exists for system and tenant profiles. + - `file_connector_credentials` exists for system and tenant credentials. - Environment JSON profiles remain bootstrap/compatibility profiles. - - Profile CRUD endpoints exist for database-backed profiles. + - Profile and credential CRUD endpoints exist for database-backed records. - Remaining: `file_connector_policies` plus effective policy/explain output. 2. Add linked connector spaces.