Users & Groups
Honeyframe's access control model has two independent axes:
Permissions Reference
Honeyframe is in the middle of a transition between two authorization layers:
LDAP Configuration
Runtime LDAP integration is Phase 4 of the RBAC rollout. As of v0.0.x, Honeyframe authenticates against hubstudio.users only. There is no LDAP login path, no group sync, and no LDAP-backed attribute mapping in the deployed product.
Audit Logging
Honeyframe records security-relevant events to a single append-only table. The audit log is the canonical record of "who did what when" — administrators view it through the platform UI, and operators can forward it to a SIEM via direct database access.
Data Policies
Honeyframe applies column-level masking to query results based on the column's classification, the user's role, and any masking policies attached to the dataset or organization. Masking is enforced post-query in Python so it works uniformly across every connector (PostgreSQL, Oracle, MySQL, MSSQL, etc.) without connector-specific SQL.