Project

General

Profile

« Previous | Next » 

Revision 798e2a2a

Added by Marc Dequènes over 13 years ago

  • ID 798e2a2a480a2748786ec20da669e6ba6aa30ce1

[doc] very early begining for an internal documentation (using markdown)

View differences:

doc/ch_internal_guide.txt
#
# CyborgHood Internal Guide
#
A. General Cyborghood map:
--------------------------
Frontend Service
Cyborgs Cyborgs
mail ------\ /------ ldap
(banya) | | (librarian)
| |
term -------------- command -------------- dns
(???) | | runner | | (mapmaker)
| | (???) | |
web -----/ | | | \------ …
(???) | | |
| | |
\---- auth -----/
(guard)
B. Real User Interaction Flow:
------------------------------
The frontend cyborgs are trusted for 'su' operations. They talk with auth-cb to validate an identity (providing login/passwd, GPG key fingerprint, …),
and ensure authorization rules are enforced too. auth-cb is also responsible for logging user sessions, asting as a complete AAA.
The command runner receives a list of comands to execute on behalf of a user, being another bot or a real user proxied by a frontend cyborg. The
contacting cyborg negociate a security token from auth-cb, then ask auth-cb to produce a copy of the token for the command runner, possibly limited
through time, space, or other criterias. The command runner can then use this token when talking to other cyborgs, to work with them using rights
restrited to what the user is really authorized to. Obviously, the command runner is entrusted to not misuing or keeping tokens. It has no direct
contact with users, only trusted frontend bots.
The command runner gather replies from other cyborgs, compute a global result for the task, and generate appropriate text messages for the user if
needed. The locale arrangement is used to exchange translated messages from a frontend bot to the command runner bot. It may be used to retrieve
messages from another bot in other circonstances (subtask delegation for example).
C. Frontend Cyborgs as Ouput:
-----------------------------
A frontend bot may be used to notify a user, for example:
- send a mail to one of his addresses
- display an alert on the terminal
- display a message in the web interface through AJAX eventing
- …
TODO: how does it work?
D. API Calls:
-------------
Replies to API call:
:messages =>
:info => list of codes
:warning => list of codes
:error => list of codes
:result => API method dependent
TODO: more details; generic codes + bot-specific codes ?

Also available in: Unified diff