Teleco Demo Application
Pink Mobile is a simple mobile plan management application that demonstrates the basic principles of fine-grained authorization by applying the impersonation of three different user personas: Customer, Representative, and Manager.
By utilizing this simple web application based on Node.js, you can learn how to model fine-grained authorization using Permit, and how to enforce policy decisions in your application.
Take a look at the application in action -
Modeling Fine-Grained Authorization
The first step to understanding fine-grained authorization is to find the appropriate policy model for our needs. We will use the plane model to explain the different aspects of policy modeling. Authorization can be divided into several different decoupled planes; the control plane (the configuration of the rules), the data plane (the data that helps us make decisions), and the enforcement plane (the actual enforcement of the rules). The decoupling of these plains helps us ensure that policies are streamlined and easy to manage.
In the following sections, we will go over each of the planes and see how our application handles them.
While we are using the Permit Node.js SDK to configure permissions, you can also use the Permit dashboard to configure fine-grained authorization for your application.
Control Plane
The control plane is where all the policy rules and the entities required to create fine-grained rules are configured. Here's a diagram with the entities used in our application:
You can view the full configuration in the setup.js file
Let's go over each of the entities and see how we configured them in our application -