root/doc/ch_internal_guide.txt @ a1df93fe
798e2a2a | Marc Dequènes (Duck) | #
|
|
# CyborgHood Internal Guide
|
|||
#
|
|||
A. General Cyborghood map:
|
|||
--------------------------
|
|||
Frontend Service
|
|||
Cyborgs Cyborgs
|
|||
mail ------\ /------ ldap
|
|||
(banya) | | (librarian)
|
|||
| |
|
|||
term -------------- command -------------- dns
|
|||
(???) | | runner | | (mapmaker)
|
|||
| | (???) | |
|
|||
web -----/ | | | \------ …
|
|||
(???) | | |
|
|||
| | |
|
|||
\---- auth -----/
|
|||
(guard)
|
|||
B. Real User Interaction Flow:
|
|||
------------------------------
|
|||
The frontend cyborgs are trusted for 'su' operations. They talk with auth-cb to validate an identity (providing login/passwd, GPG key fingerprint, …),
|
|||
and ensure authorization rules are enforced too. auth-cb is also responsible for logging user sessions, asting as a complete AAA.
|
|||
The command runner receives a list of comands to execute on behalf of a user, being another bot or a real user proxied by a frontend cyborg. The
|
|||
contacting cyborg negociate a security token from auth-cb, then ask auth-cb to produce a copy of the token for the command runner, possibly limited
|
|||
through time, space, or other criterias. The command runner can then use this token when talking to other cyborgs, to work with them using rights
|
|||
restrited to what the user is really authorized to. Obviously, the command runner is entrusted to not misuing or keeping tokens. It has no direct
|
|||
contact with users, only trusted frontend bots.
|
|||
The command runner gather replies from other cyborgs, compute a global result for the task, and generate appropriate text messages for the user if
|
|||
needed. The locale arrangement is used to exchange translated messages from a frontend bot to the command runner bot. It may be used to retrieve
|
|||
messages from another bot in other circonstances (subtask delegation for example).
|
|||
C. Frontend Cyborgs as Ouput:
|
|||
-----------------------------
|
|||
A frontend bot may be used to notify a user, for example:
|
|||
- send a mail to one of his addresses
|
|||
- display an alert on the terminal
|
|||
- display a message in the web interface through AJAX eventing
|
|||
- …
|
|||
TODO: how does it work?
|
|||
D. API Calls:
|
|||
-------------
|
|||
Replies to API call:
|
|||
:messages =>
|
|||
:info => list of codes
|
|||
:warning => list of codes
|
|||
:error => list of codes
|
|||
:result => API method dependent
|
|||
TODO: more details; generic codes + bot-specific codes ?
|