Skip to content

Commit 577f297

Browse files
RostislavDuginRostislavDugin
committed
FEATURE (access management): Add access management details & update SVG images
1 parent b0907ef commit 577f297

File tree

23 files changed

+848
-66
lines changed

23 files changed

+848
-66
lines changed

app/access-management/page.tsx

Lines changed: 333 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,333 @@
1+
import type { Metadata } from "next";
2+
import DocsNavbarComponent from "../components/DocsNavbarComponent";
3+
import DocsSidebarComponent from "../components/DocsSidebarComponent";
4+
import DocTableOfContentComponent from "../components/DocTableOfContentComponent";
5+
6+
export const metadata: Metadata = {
7+
title: "Access Management - Postgresus Documentation",
8+
description:
9+
"Learn how to manage access, roles, and permissions in Postgresus. Control who can sign up, create workspaces, and manage databases with workspace-level and system-level roles.",
10+
keywords: [
11+
"Postgresus access management",
12+
"user roles",
13+
"workspace permissions",
14+
"audit logs",
15+
"PostgreSQL backup security",
16+
"team collaboration",
17+
"access control",
18+
"workspace management",
19+
],
20+
openGraph: {
21+
title: "Access Management - Postgresus Documentation",
22+
description:
23+
"Learn how to manage access, roles, and permissions in Postgresus. Control who can sign up, create workspaces, and manage databases with workspace-level and system-level roles.",
24+
type: "article",
25+
url: "https://postgresus.com/access-management",
26+
},
27+
twitter: {
28+
card: "summary",
29+
title: "Access Management - Postgresus Documentation",
30+
description:
31+
"Learn how to manage access, roles, and permissions in Postgresus. Control who can sign up, create workspaces, and manage databases with workspace-level and system-level roles.",
32+
},
33+
alternates: {
34+
canonical: "https://postgresus.com/access-management",
35+
},
36+
robots: "index, follow",
37+
};
38+
39+
export default function AccessManagementPage() {
40+
return (
41+
<>
42+
{/* JSON-LD Structured Data */}
43+
<script
44+
type="application/ld+json"
45+
dangerouslySetInnerHTML={{
46+
__html: JSON.stringify({
47+
"@context": "https://schema.org",
48+
"@type": "TechArticle",
49+
headline: "Access Management - Postgresus Documentation",
50+
description:
51+
"Learn how to manage access, roles, and permissions in Postgresus. Control who can sign up, create workspaces, and manage databases with workspace-level and system-level roles.",
52+
author: {
53+
"@type": "Organization",
54+
name: "Postgresus",
55+
},
56+
publisher: {
57+
"@type": "Organization",
58+
name: "Postgresus",
59+
logo: {
60+
"@type": "ImageObject",
61+
url: "https://postgresus.com/logo.svg",
62+
},
63+
},
64+
}),
65+
}}
66+
/>
67+
68+
<DocsNavbarComponent />
69+
70+
<div className="flex min-h-screen">
71+
{/* Sidebar */}
72+
<DocsSidebarComponent />
73+
74+
{/* Main Content */}
75+
<main className="flex-1 px-4 py-6 sm:px-6 sm:py-8 lg:px-12">
76+
<div className="mx-auto max-w-4xl">
77+
<article className="prose prose-blue max-w-none">
78+
<h1 id="settings">Settings</h1>
79+
80+
<p>
81+
Postgresus is suitable both for single users and teams. This
82+
section is dedicated to the access management for teams.{" "}
83+
<strong>
84+
So if you are the only user in your Postgresus instance
85+
</strong>
86+
, you can skip this section.
87+
</p>
88+
89+
<p>
90+
Postgresus does not have a lot of settings. Actually, it only
91+
allows you to control:
92+
</p>
93+
94+
<ul>
95+
<li>Who can sign up in your Postgresus instance</li>
96+
<li>Who can create workspaces</li>
97+
<li>
98+
Who can manage databases, notifiers and storages within
99+
workspaces
100+
</li>
101+
</ul>
102+
103+
<h2 id="workspaces">Workspaces</h2>
104+
105+
<p>
106+
Workspace is a place where you{" "}
107+
<strong>group databases, notifiers and storages</strong>. You
108+
can add members to workspaces (and create multiple workspaces).
109+
</p>
110+
111+
<p>
112+
You can manage access management per workspace. For example:
113+
</p>
114+
115+
<ul>
116+
<li>
117+
you have a DevOps team responsible for 10 DBs of the project
118+
(so a couple of users inside a workspace);
119+
</li>
120+
<li>
121+
you have 3 different projects with different DBs and storages
122+
(so a couple of workspaces with different users);
123+
</li>
124+
<li>
125+
you have 5 independent DBs where different users can access
126+
each one (so user A has access to DB1, user B has access to
127+
DB2, user C has access to DB3, etc.).
128+
</li>
129+
</ul>
130+
131+
<img
132+
src="/images/access-management/users.png"
133+
alt="Workspaces"
134+
width={550}
135+
className="my-6 rounded-lg border border-gray-200"
136+
loading="lazy"
137+
/>
138+
139+
<p>
140+
If you allow users to sign up for your Postgresus and create
141+
their own workspaces (see{" "}
142+
<a href="#global-settings">global settings</a>), they will be
143+
able to create their own workspaces.
144+
</p>
145+
146+
<p>
147+
<strong>
148+
Users never see other workspaces than their own until they are
149+
invited to join.
150+
</strong>
151+
</p>
152+
153+
<h2 id="audit-logs">Audit logs</h2>
154+
155+
<p>
156+
Audit logs are messages about actions performed by users. They
157+
are needed to track changes and actions performed by users, as
158+
well as to detect any suspicious activity.
159+
</p>
160+
161+
<p>For example:</p>
162+
163+
<ul>
164+
<li>user created a new database</li>
165+
<li>user deleted a database</li>
166+
<li>user initiated a new backup</li>
167+
<li>user downloaded a backup</li>
168+
<li>user created a new notifier</li>
169+
<li>user created a workspace</li>
170+
<li>user deleted a workspace</li>
171+
<li>etc.</li>
172+
</ul>
173+
174+
<p>You can view audit logs with filters:</p>
175+
176+
<ul>
177+
<li>per workspace;</li>
178+
<li>per user (within multiple workspaces);</li>
179+
</ul>
180+
181+
<img
182+
src="/images/access-management/audit-logs.png"
183+
alt="Audit logs"
184+
width={1000}
185+
className="my-6 rounded-lg border border-gray-200"
186+
loading="lazy"
187+
/>
188+
189+
<h2 id="user-roles">User roles</h2>
190+
191+
<p>
192+
All users in Postgresus have roles <u>within the system</u>:
193+
</p>
194+
195+
<table>
196+
<thead>
197+
<tr>
198+
<th>Feature</th>
199+
<th>Admin</th>
200+
<th>Member</th>
201+
</tr>
202+
</thead>
203+
<tbody>
204+
<tr>
205+
<td>Manage all settings and users</td>
206+
<td data-label="Admin"></td>
207+
<td data-label="Member"></td>
208+
</tr>
209+
<tr>
210+
<td>Create workspaces</td>
211+
<td data-label="Admin"></td>
212+
<td data-label="Member">✅ (if allowed by settings)</td>
213+
</tr>
214+
</tbody>
215+
</table>
216+
217+
<p>
218+
Usually, there is only one <code>admin</code> user in the system
219+
which you create when you first launch Postgresus.
220+
</p>
221+
222+
<p>
223+
<u>Within a workspace</u> there are also roles:
224+
</p>
225+
226+
<table>
227+
<thead>
228+
<tr>
229+
<th>Feature</th>
230+
<th>Viewer</th>
231+
<th>Member</th>
232+
<th>Admin</th>
233+
<th>Owner</th>
234+
</tr>
235+
</thead>
236+
<tbody>
237+
<tr>
238+
<td>View databases, notifiers, storages</td>
239+
<td data-label="Viewer"></td>
240+
<td data-label="Member"></td>
241+
<td data-label="Admin"></td>
242+
<td data-label="Owner"></td>
243+
</tr>
244+
<tr>
245+
<td>Initiate and download backups</td>
246+
<td data-label="Viewer"></td>
247+
<td data-label="Member"></td>
248+
<td data-label="Admin"></td>
249+
<td data-label="Owner"></td>
250+
</tr>
251+
<tr>
252+
<td>Manage databases, notifiers, storages</td>
253+
<td data-label="Viewer"></td>
254+
<td data-label="Member"></td>
255+
<td data-label="Admin"></td>
256+
<td data-label="Owner"></td>
257+
</tr>
258+
<tr>
259+
<td>Manage users</td>
260+
<td data-label="Viewer"></td>
261+
<td data-label="Member"></td>
262+
<td data-label="Admin"></td>
263+
<td data-label="Owner"></td>
264+
</tr>
265+
<tr>
266+
<td>Manage admins</td>
267+
<td data-label="Viewer"></td>
268+
<td data-label="Member"></td>
269+
<td data-label="Admin"></td>
270+
<td data-label="Owner"></td>
271+
</tr>
272+
</tbody>
273+
</table>
274+
275+
<p>
276+
Keep in mind: <strong>sensitive data</strong> (passwords,
277+
tokens, etc.) of DBs, storages and notifiers{" "}
278+
<strong>is always hidden from any user</strong>. Nobody can see
279+
secrets after creation.
280+
</p>
281+
282+
<h2 id="global-settings">Global settings</h2>
283+
284+
<p>In global settings there are 3 properties:</p>
285+
286+
<ol>
287+
<li>
288+
<strong>Allow external registrations</strong> - by default,
289+
all users can sign up for your Postgresus (but they still do
290+
not have access to any workspaces until they are invited or
291+
create their own workspaces).
292+
<br />
293+
<br />
294+
If you want to allow only invited users to sign up, you can
295+
disable this option. In this case, the sign up form will be
296+
closed until you invite the user to any of workspaces.
297+
<br />
298+
<br />
299+
To invite users to the workspace, you need to click &quot;Add
300+
user&quot; and enter an email. After this, the user with this
301+
email will be able to complete sign up.
302+
</li>
303+
<li>
304+
<strong>Allow member invitations</strong> - this setting is
305+
needed when external registrations are disabled.
306+
<br />
307+
<br />
308+
Imagine you already have some users and you know they are
309+
reliable (for example, your team). You want to allow them to
310+
invite other users to join Postgresus. In this case, you can
311+
enable this option and they will be able to invite other users
312+
to join workspaces via invitations.
313+
<br />
314+
<br />
315+
If it is disabled, only admins can invite users.
316+
</li>
317+
<li>
318+
<strong>Allow member workspace creation</strong> - by default,
319+
all members can create their own workspaces. If you want to
320+
allow only admins to create workspaces, you can disable this
321+
option.
322+
</li>
323+
</ol>
324+
</article>
325+
</div>
326+
</main>
327+
328+
{/* Table of Contents */}
329+
<DocTableOfContentComponent />
330+
</div>
331+
</>
332+
);
333+
}

app/components/DocTableOfContentComponent.tsx

Lines changed: 12 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -70,7 +70,7 @@ export default function DocTableOfContentComponent() {
7070
return (
7171
<aside className="hidden w-64 border-l border-gray-200 bg-white xl:block">
7272
<div className="sticky top-0 h-screen overflow-y-auto p-6">
73-
<h3 className="mb-4 text-sm font-semibold text-gray-900">
73+
<h3 className="mb-3 text-xs font-semibold uppercase tracking-wide text-gray-500">
7474
On This Page
7575
</h3>
7676
<nav>
@@ -79,15 +79,23 @@ export default function DocTableOfContentComponent() {
7979
<li
8080
key={heading.id}
8181
style={{ paddingLeft: `${(heading.level - 1) * 0.75}rem` }}
82+
className="relative"
8283
>
8384
<button
8485
onClick={() => handleClick(heading.id)}
85-
className={`block w-full text-left transition-colors cursor-pointer hover:text-blue-600 ${
86+
className={`block w-full text-left transition-all duration-200 cursor-pointer relative pl-3 py-0.5 ${
8687
activeId === heading.id
87-
? "font-medium text-blue-600"
88-
: "text-gray-600"
88+
? "text-gray-900 font-normal"
89+
: "text-gray-500 hover:text-gray-900"
8990
}`}
9091
>
92+
<span
93+
className={`absolute left-0 top-0 bottom-0 w-0.5 transition-all duration-200 ${
94+
activeId === heading.id
95+
? "bg-blue-500 opacity-100"
96+
: "bg-gray-300 opacity-0"
97+
}`}
98+
/>
9199
{heading.text}
92100
</button>
93101
</li>

0 commit comments

Comments
 (0)