Document separated connector credentials

2026-07-08 15:22:20 +02:00
parent b8cb5c908f
commit cad2fe13f8

@@ -7,7 +7,11 @@ objects:
WebDAV server, Nextcloud account, Seafile server, or SMB share. Profiles are
administered in settings at system or tenant scope, with the same
inheritance and limit semantics used by mail-server profiles.
2. A linked file space binds one concrete remote folder or library path from an
2. A governed credential profile defines reusable authentication material for
one provider or for any compatible provider. Credentials are administered
separately from connection profiles and can carry their own allow/deny
policy.
3. A linked file space binds one concrete remote folder or library path from an
allowed profile to a user or group. Linked spaces appear beside "My files"
and group file spaces in the files module.
@@ -22,11 +26,19 @@ Connection profile:
- endpoint URL and optional base path
- scope: `system` or `tenant` for administered profiles; user/group profiles
may be allowed later only when policy explicitly permits them
- credential mode: anonymous, environment reference, secret reference, or a
future encrypted secret store
- optional credential profile id
- capabilities: browse, sync, import, optional write when a provider supports it
- profile-local policy for allow/deny rules
Credential profile:
- provider: a specific provider or any provider
- scope: `system` or `tenant` for administered credentials
- credential mode: anonymous, environment reference, secret reference, or
encrypted stored password/token
- username and redacted secret configuration
- credential-local policy for allow/deny rules
Connector policy:
- system policy is the baseline
@@ -34,7 +46,8 @@ Connector policy:
lower-level relaxation
- future user/group policy may narrow tenant policy for self-service links
- policies can allow or block providers, profile ids, endpoint URLs, external
path prefixes, credential inheritance, and local linked-space creation
path prefixes, credential ids, credential inheritance, and local linked-space
creation
Linked connector space:
@@ -73,14 +86,17 @@ Implemented:
- provider descriptors for Seafile, Nextcloud, WebDAV, and SMB
- database-backed connector profiles with system and tenant scope
- encrypted stored password/token support for database profiles
- database-backed connector credentials with system and tenant scope
- encrypted stored password/token support for database credentials
- JSON/environment-defined connector profiles with system, tenant, user, group,
and campaign visibility
- connector allow/deny policy enforcement before browse/import/sync
- connector allow/deny policy enforcement before browse/import/sync, including
provider, connection profile, credential profile, and path checks
- read-only browse endpoints
- import and sync into managed files with provenance and revision metadata
- audit events for connector import, sync, and access
- settings/admin UI sections for system and tenant file connections
- settings/admin UI sections for system and tenant file connections and
credentials
- linked connector-space rows owned by users or groups
- file-space API responses that include linked connector spaces
- Files UI entry point to create linked connector spaces from a browsed remote
@@ -101,8 +117,9 @@ Missing:
1. Persist governed connector profiles and policies.
- `file_connector_profiles` exists for system and tenant profiles.
- `file_connector_credentials` exists for system and tenant credentials.
- Environment JSON profiles remain bootstrap/compatibility profiles.
- Profile CRUD endpoints exist for database-backed profiles.
- Profile and credential CRUD endpoints exist for database-backed records.
- Remaining: `file_connector_policies` plus effective policy/explain output.
2. Add linked connector spaces.