Configure HotelX Security
Granting Permissions
This topic describes how to configure permissions for a organization using HotelX and Stats.
Before you begin
- Read IAM, which contains information about how TravelgateX manages security
- Read HotelX, which contains information about the HotelX API
Scenario: Organization buying suppliers through HotelX
In this scenario, organanization org_test logs on to TravelgateX in order to use HotelX to buy product from suppliers.
Distribution will be made through 2 different channels, end users will use org_test_B2C_site whereas that org_test_B2B_site will be used for business users. Every channel will be configured separately.
Purchases will be made through accesses access_0 and access_1 which configure credentials for supplier_0 and supplier_1.
Once org_test integrates the HotelX API into their system and is certified, then they need to implement the role permission schema provided by TravelgateX to identify teams and members:
| Team | Members | Description |
|---|---|---|
| CTO | cto@org_test.com | Manage all members and its permissions |
| Development | dev1@org_test.com dev2@org_test.com |
Full access to HotelX and view stats |
| Operations | operation1@org_test.com | Only view stats |
| Backoffice | backoffice1@org_test.com | Permissions to Book, Cancel and Retrive Bookings through HotelX |
A security implementation of this scenario will look similar to the following:
Group hierarchy is organized as:
- 1 organization named org_test
- 1 folder named purchase, which manages all products purchased by org_test:
- HotelX to manage clients, suppliers and accesses
- Stats to view statistics
The IAM policy manages these roles:
- org.owner: All permissions over all organization resources
- hotelx.owner: All permissions over all HotelX resources
- hotelx.booking: Booking permissions (Book, Cancel and Get Bookings) for HotelX operations
- stats.owner: All permissions for all Stats resources
- stats.viewer: View permissions over Stats