Skip to main content

015. Implementing Role Based Access Control

Date: 2024-07-29

Status

Accepted

Context

Monitor Space Hazards has a wider range of functionality and users than previously on Monitor your Satellites. This includes the Track conjunction events and Track re-entry events services, both of which report to government employees on high risk events.

The sensitive nature of the information contained in these reports means that satellite operators, who previously had access to all functionalities on the service, should not be able to view their contents. This need for restrictions on what certain users can access therefore required us to implement a permissions model using Role Based Access Control (RBAC).

Decision

We agreed to develop an access control based permission model, and created 3 different user types, each with a number of user roles. These user types are based on the affiliated organisation of the user. Changing to a model based on user organisation was necessary for a clearer demarcation of user permissions, and easier scalability as the service grows.

Below you can see the user type, and the corresponding user roles, all of which have different permissions:

Satellite operator organisation:

  1. SATELLITE_OPERATOR_USER
  2. SATELLITE_OPERATOR
  3. SATELLITE_OPERATOR_ADMIN

Government organisations:

  1. GOVERNMENT_USER
  2. GOVERNMENT_ADMIN

Service owners:

  1. AGENCY_USER
  2. AGENCY_ADMIN
  3. AGENCY_ANALYST
  4. AGENCY_APPROVER
  5. AGENCY_SUPERUSER

User permissions are determined by API endpoint and formulated in the style access:method:org.

User type applies restrictions to what the user can view and action. This means that satellite operators are only able to view events associated with their organisation, whereas government organisations and service owners are able to view events and satellites for all organisations.

User role applies restrictions to the actions a user can take. For instance, admin roles allow the corresponding user to view, update and delete users for their organisation. This is not possible for other user types.

Consequences

Users who access the service will have different types of access to the different services and functionalities based on their user type and role.

This permissions model will continue to be used, and may be supplemented with more user types and roles as more users and services are added to Monitor Space Hazards.

This page was last reviewed on 29 July 2024. It needs to be reviewed again on 29 July 2025 .
This page was set to be reviewed before 29 July 2025. This might mean the content is out of date.