Access control in Telerik Platform determines who can access your app data and Business Logic.
These are the security concepts used in Telerik Platform:
Data stored in Telerik Platform is secured through an Access Control Lists (ACLs)-based permissions model. This means that for each resource that you want to secure there is a list of all security principals that are allowed to access it along with their access level. This is in contrast to the security model where each security principal stores information on what resources it is allowed to access.
Data resources that you can secure in Telerik Platform include content types and content type items.
Using the data security model is important because it allows you to secure all data access pathways, including the Backend Services RESTful API. Implementing security logic solely on a client app level isn't recommended.
You can learn about the various components of the Telerik Platform security system in these articles:
- Security principals—User Accounts and Roles
- Type-level permissions—Control which security principles can access a specified content type and what permissions they have
- Item-level permissions—Control which security principles can access a specified content type item and what permissions they have
Your Business Logic uses the same security system as data. You can control which roles can execute Cloud Functions and Stored Procedures.
With Cloud Code for Data you cannot directly set permissions because it inherits the permissions of the security principal that executes the underlying data requests.