XYZ - Developer Guide
  • Introduction
  • Licence
  • Deploying
    • Local Deployments
  • Access
    • Access Control List (ACL)
    • User account registration
    • Password reset
    • Failed login attempts
  • Environment Settings
    • Hosting
    • Access Control
    • Workspace Connections
    • 3rd party API keys
  • Workspaces
    • Title
    • Documentation
    • Locate
    • Locales
      • Gazetteer
    • Layers
      • Tile Layer
      • PostGIS Data Layers
      • Cluster Layer
      • GeoJSON Layer
      • MapBox Vector Tile (MVT) Layer
      • Grid (Hex) Layer
      • Filter
    • Locations
      • infoj
        • Groups
        • Filter
        • Lookups
        • withSelect
        • Table definition
        • Ordered list
        • Geometry
    • Editing
    • Access Restrictions & Filter
    • Workspace Checks
  • Routes
    • / (root)
    • /proxy/request
    • /api
      • /gazetteer
        • /autocomplete
        • /googleplaces
      • /layer
        • /cluster
        • /extent
        • /geojson
        • /grid
        • /mvt/:z/:x/:y
      • /location
        • /edit
          • /delete
          • /image/delete
          • /image/upload
          • /draw
          • /draw/catchment
          • /catchment/create
          • /catchment/delete
          • /update
        • /select
          • /id
          • /cluster
          • /latlng/contains
          • /latlng/nnearest
          • /latlng/intersects
          • /aggregate
        • /field/range
    • /auth
      • /login
      • /register
      • /token
        • /api
        • /renew
      • /user
        • /admin
        • /verify
        • /approve
        • /update
        • /delete
    • /workspace
      • /get
      • /load
      • /admin
      • /admin/json
  • Infrastructure
    • _xyz
      • host
      • layer
      • location
      • mapview
      • tableview
    • Dependencies
      • Webpack
      • SASS
    • Testing
    • Security
      • JWT token
      • Strategy
      • SQL Injections
    • Server
    • Client
Powered by GitBook
On this page
  1. Access

Access Control List (ACL)

PreviousAccessNextUser account registration

Last updated 6 years ago

The Access Control List (ACL) is a PostgreSQL table which stores all private and admin user accounts.

Give the necessary roles to the PostgreSQL account defined in the environment settings the backend will generate a new ACL table from this schema.

create table if not exists users
(
	"_id" serial not null,
	email text not null,
	password text not null,
	verified boolean,
	approved boolean,
	admin boolean,
	verificationtoken text,
	approvaltoken text,
	failedattempts integer default 0,
	password_reset text,
	api text
);

and strategy which depend on this ACL table schema will be discussed in detail in the section of this documentation.

The connection details for the ACL must be provided in the .

A default admin account admin@geolytix.xyz (password: admin123) will be inserted into a newly created ACL table.

This account can be used to login and approve the first newly registered admin account. The default account should be removed as soon as a new private admin account with a valid email has been defined.

XYZ security
infrastructure
Access Control Environment Settings