diff --git a/docs/src/content/docs/fr-ca/getting-started/auth.mdx b/docs/src/content/docs/fr-ca/getting-started/auth.mdx new file mode 100644 index 00000000..c86f5888 --- /dev/null +++ b/docs/src/content/docs/fr-ca/getting-started/auth.mdx @@ -0,0 +1,85 @@ +--- +title: Authentication & Authorization +--- + +Castopod handles authentication and authorization using `codeigniter/shield` +coupled with custom rules. Roles and permissions are defined at two levels: + +1. [instance wide](#1-instance-wide-roles-and-permissions) +2. [per podcast](#2-per-podcast-roles-and-permissions) + +## 1. Instance wide roles and permissions + +### Instance roles + +{/_ AUTH-INSTANCE-ROLES-LIST:START - Do not remove or modify this section _/} + +| role | description | permissions | +| ----------- | ----------------------------------- | ------------------------------------------------------------------------------------------------------ | +| Super admin | Has complete control over Castopod. | admin.\*, plugins.\*, podcasts.\*, users.manage, persons.manage, pages.manage, fediverse.manage-blocks | +| Manager | Manages Castopod's content. | podcasts.create, podcasts.import, persons.manage, pages.manage | +| Podcaster | General users of Castopod. | admin.access | + +{/_ AUTH-INSTANCE-ROLES-LIST:END _/} + +### Instance permissions + +{/_ AUTH-INSTANCE-PERMISSIONS-LIST:START - Do not remove or modify this section _/} + +| permission | description | +| ----------------------- | ------------------------------------------------------------------ | +| admin.access | Can access the Castopod admin area. | +| admin.settings | Can access the Castopod settings. | +| plugins.manage | Auth.instance_permissions.plugins.manage | +| users.manage | Can manage Castopod users. | +| persons.manage | Can manage persons. | +| pages.manage | Can manage pages. | +| podcasts.view | Can view all podcasts. | +| podcasts.create | Can create new podcasts. | +| podcasts.import | Can import podcasts. | +| fediverse.manage-blocks | Can block fediverse actors/domains from interacting with Castopod. | + +{/_ AUTH-INSTANCE-PERMISSIONS-LIST:END _/} + +## 2. Per podcast roles and permissions + +### Per podcast roles + +{/_ AUTH-PODCAST-ROLES-LIST:START - Do not remove or modify this section _/} + +| role | description | permissions | +| ------ | ----------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | +| Admin | Has complete control of podcast #{id}. | \* | +| Editor | Manages content and publications of podcast #{id}. | view, edit, manage-import, manage-persons, manage-platforms, manage-publications, manage-notifications, interact-as, episodes.view, episodes.create, episodes.edit, episodes.delete, episodes.manage-persons, episodes.manage-clips, episodes.manage-publications, episodes.manage-comments | +| Author | Manages content of podcast #{id} but cannot publish them. | view, manage-persons, episodes.view, episodes.create, episodes.edit, episodes.manage-persons, episodes.manage-clips | +| Guest | General contributor of the podcast #{id}. | view, episodes.view | + +{/_ AUTH-PODCAST-ROLES-LIST:END _/} + +### Per podcast permissions + +{/_ AUTH-PODCAST-PERMISSIONS-LIST:START - Do not remove or modify this section _/} + +| permission | description | +| ---------------------------- | -------------------------------------------------------------------------- | +| view | Can view dashboard and analytics of podcast #{id}. | +| edit | Can edit podcast #{id}. | +| delete | Can delete podcast #{id}. | +| manage-import | Can synchronize imported podcast #{id}. | +| manage-persons | Can manage subscriptions of podcast #{id}. | +| manage-subscriptions | Can manage subscriptions of podcast #{id}. | +| manage-contributors | Can manage contributors of podcast #{id}. | +| manage-platforms | Can set/remove platform links of podcast #{id}. | +| manage-publications | Can publish podcast #{id}. | +| manage-notifications | Can view and mark notifications as read for podcast #{id}. | +| interact-as | Can interact as the podcast #{id} to favourite, share or reply to posts. | +| episodes.view | Can view dashboards and analytics of podcast #{id}'s episodes. | +| episodes.create | Can create episodes for podcast #{id}. | +| episodes.edit | Can edit episodes of podcast #{id}. | +| episodes.delete | Can delete episodes of podcast #{id}. | +| episodes.manage-persons | Can manage episode persons of podcast #{id}. | +| episodes.manage-clips | Can manage video clips or soundbites of podcast #{id}. | +| episodes.manage-publications | Can publish/unpublish episodes and posts of podcast #{id}. | +| episodes.manage-comments | Can create/remove episode comments of podcast #{id}. | + +{/_ AUTH-PODCAST-PERMISSIONS-LIST:END _/}