Add scope diagrams section with C4 Level 1 and Level 2 diagrams#159
Add scope diagrams section with C4 Level 1 and Level 2 diagrams#159jeremycaine wants to merge 5 commits into
Conversation
| System(client, "Client application", "Requests and manages resources") | ||
| System(lws, "LWS server", "Manages resource hierarchy and access") | ||
| System_Ext(idp, "Identity provider", "Issues signed credentials") | ||
| System_Ext(ext, "External resources", "Web resources under management") |
There was a problem hiding this comment.
What do you mean by "external resources"? Are these the same as the "LWS resources" we defined in the terminology? If so, it might be best to re-use that term.
There was a problem hiding this comment.
| System_Ext(ext, "External resources", "Web resources under management") | |
| System_Ext(ext, "LWS resources", "Web resources under management") |
|
@jeremycaine In various projects I've been using https://likec4.dev/ There's even some work on embedding it in specs |
|
@jeremycaine you can see two different LikeC4 diagrams I've done for LWS in Would you like to coordinate our diagramming efforts? |
Co-authored-by: Ted Thibodeau Jr <tthibodeau@openlinksw.com>
Co-authored-by: Ted Thibodeau Jr <tthibodeau@openlinksw.com>
acoburn
left a comment
There was a problem hiding this comment.
The LWS protocol intentionally does not have a notion of "external resources". I would remove references to external resources.
| Person(user, "User", "Person accessing resources") | ||
| System(client, "Client application", "Requests and manages resources") | ||
| System_Ext(idp, "Identity provider", "Issues signed credentials") | ||
| System_Ext(ext, "External resources", "Web resources under management") |
There was a problem hiding this comment.
| System_Ext(ext, "External resources", "Web resources under management") | |
| System_Ext(ext, "LWS resources", "Web resources under management") |
| Container(authn, "Authentication", "Validates credential against identity provider") | ||
| Container(authz, "Authorization", "Enforces resource manager access decisions") | ||
| Container(rm, "Resource Management", "Manages containers, containment and linksets") | ||
| Container(era, "External Resource Access", "Mediates access to external web resources") |
There was a problem hiding this comment.
I would remove this line. The LWS protocol does not define any behavior to interact with "external resources"
| Boundary(lws, "LWS server") { | ||
| Container(authn, "Authentication", "Validates credential against identity provider") | ||
| Container(authz, "Authorization", "Enforces resource manager access decisions") | ||
| Container(rm, "Resource Management", "Manages containers, containment and linksets") |
There was a problem hiding this comment.
I would rephrase the description to be "Manages containers, metadata and data resources" (linksets are a particular type of metadata resource that don't need explicit mention)
| Rel(rm, era, "resolves resource") | ||
| Rel(era, ext, "accesses") | ||
| ``` | ||
| Issue: The internal organisation of container, containment, and linkset management within the LWS server is not yet defined in the protocol. This diagram reflects current terminology and is subject to revision. |
There was a problem hiding this comment.
The internal organization is intentionally not defined by the protocol -- that is an implementation detail. I would remove this line.
| </p> | ||
| <figure id="fig-1-system-context"> | ||
| <img src="diagrams/fig-1-system-context.svg" | ||
| alt="LWS Protocol system context diagram showing the user, client application, LWS server, identity provider, and external resources"/> |
There was a problem hiding this comment.
I would remove "external resources" from this description
| </p> | ||
| <figure id="fig-2-container-diagram"> | ||
| <img src="diagrams/fig-2-container-diagram.svg" | ||
| alt="LWS Protocol container diagram showing authentication, authorization, resource management, and external resource access within the LWS server boundary"/> |
There was a problem hiding this comment.
| alt="LWS Protocol container diagram showing authentication, authorization, resource management, and external resource access within the LWS server boundary"/> | |
| alt="LWS Protocol container diagram showing authentication, authorization, and resource management within the LWS server boundary"/> |
|
Following up in discussion I had with @jeremycaine after the WG call. https://w3c.github.io/lws-protocol/lws10-core/#conformance LWS core defines two classes of products
You can find various normative statements with Clients MUST, Clients MAY etc. Given notifications, access requests / grants, indexes / search, more distinct classes of products may need to be defined. This would be out of scope for this PR but something to keep track of in next iterations. I will be adjusting LikeC4 model for #177 to reference those classes of products. I also created |
Editorial - Clarify systems diagram (at least scope/system context; platform independent model)
Preview | Diff