Project:Tool Access Control/ACNet
Summary
This page aims to scope out the different projects that work together as part of the Access Control Network. The main components are:
- ACNode - The clients that sit on the tool that is being controlled and manage physical access by reading the rfid card.
- ACServer - The server stores the authentication information and pulls membership information from Turing over JSON and stores is at a SQLite DB
- Membership DB - Secured storage of membership data.
TODO
- Add a secondary acnode and test multiple acnode functionality (Sol)
- Move the acserver to a separate VM running on the server downstairs (tgreer + mentar)
- Add a way of adding cached tool useage using POST /[nodeID]/cachedtooluse/[cardID]/[timeUsed]/[timestamp] (mentar + sol)
- Code a basic web ui for adding tools/maintainers/nodes (mentar)
System diagram
<graphviz border='frame' format='png' >
digraph rfboard{ rankdir=TD; size="10,5!"; subgraph cluster_0 {
node [shape=box,style=filled,color=lightgrey]; label = "ACServer";
local_db [label="local db",shape=box]; httpserver [label="HTTP server",shape=box]; httpserver -> local_db; local_db -> httpserver; }
acnode1 [label="ACNode",shape=box]; acnode2 [label="ACNode",shape=box]; acnode3 [label="ACNode",shape=box]; membershipdb [label="Membership DB",shape=box];
acnode1 -> httpserver; acnode2 -> httpserver; acnode3 -> httpserver;
httpserver -> acnode1; httpserver -> acnode2; httpserver -> acnode3;
membershipdb-> httpserver;
} </graphviz>
AC Node
Currently working on Project:Tool_Access_Control/ACNode_Lite
AC Server
2 versions Python Flask implementation started by ms7821 can be located here further improved by asoko (shelved)
PHP CI implementation developed by mentar and Oskar located here (currently active)
Usage: curl http://[server]:[port]/[node_id]/card/[card_id]
For testing it's installed on babbage port 1234
Membership DB
Running on Turing VM slice (hosted outside the space as it has personal data). Accessed in JSON format.
Troubleshooting
The server currently runs in "beta" on babage:1234.
The acserver permission database is synced with our membership database every minute and leaves a heartbeat at /var/log/acserver_update.log. So check the last modified stamp on that and if the heartbeat is returning 1
The application itself is in /var/www/acserver and relies on the local mysql database to work properly also it uses the nginx webserver (leaner, quicker than apache2) so make sure that is running too