From c4ae8d549af2826ab9dfc7c249c7c67041a9ef90 Mon Sep 17 00:00:00 2001
From: "Rafael G. Martins" <r@outroll.com>
Date: Fri, 21 Feb 2025 23:17:12 +1100
Subject: [PATCH] Add examples of docs to be added

---
 README.md                                     |  2 --
 docs/api/readme.md                            |  1 +
 .../access_control_and_ownership.md           | 32 +++++++++++++++++++
 docs/specifications/readme.me                 |  6 ++++
 4 files changed, 39 insertions(+), 2 deletions(-)
 create mode 100644 docs/api/readme.md
 create mode 100644 docs/specifications/access_control_and_ownership.md
 create mode 100644 docs/specifications/readme.me

diff --git a/README.md b/README.md
index b953eea6f..367dda94f 100644
--- a/README.md
+++ b/README.md
@@ -3,8 +3,6 @@
 
 Vesta is back under active development as of 25 February 2024. We are commited to open source, and will engage with the community to identify the new roadmap for Vesta. Stay tuned!
 
-[![Join the chat at https://gitter.im/vesta-cp/Lobby](https://badges.gitter.im/vesta-cp/Lobby.svg)](https://gitter.im/vesta-cp/Lobby?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
-
 * Vesta is an open source hosting control panel.
 * Vesta has a clean and focused interface without the clutter.
 * Vesta has the latest of very innovative technologies.
diff --git a/docs/api/readme.md b/docs/api/readme.md
new file mode 100644
index 000000000..81f1d78ff
--- /dev/null
+++ b/docs/api/readme.md
@@ -0,0 +1 @@
+The API documentations will be added here
\ No newline at end of file
diff --git a/docs/specifications/access_control_and_ownership.md b/docs/specifications/access_control_and_ownership.md
new file mode 100644
index 000000000..70a4b3015
--- /dev/null
+++ b/docs/specifications/access_control_and_ownership.md
@@ -0,0 +1,32 @@
+[Back to Specifications](README.md)
+
+# VestaCP Access Control and Ownership
+VestaCP is built on the concept of federated access control and ownership for users. The hierarchy of ownership is as follows:
+- **Admin**: The highest level of ownership in VestaCP. The admin has the ability to create and manage users, and assign them to organisations and team. The admin can also create and manage servers, and assign them to organisations and teams. The admin can also create and manage organizations.
+- **Organization**: The second level of ownership in VestaCP. An organization can have multiple teams and projects. The organization can also have multiple users under teams. Organizations can be created by the admin.
+- **Team**: The third level of ownership in VestaCP. A team can have multiple projects and users. Teams can be created by the admin or organization owner.
+- **User**: The lowest level of ownership in VestaCP. A user can be assigned to an organisation or a team and can have access to projects. Users can be created by the admin, organization owner, or team owner.
+
+## Access Control
+Access control in VestaCP is based on the principle of least privilege. The admin, organization owner, and team owner can assign roles to users. Access control relies on a simple role-based access control (RBAC) model.
+
+## Authentication
+VestaCP uses a federated authentication model. Users can authenticate using their email address and password. The admin can also enable two-factor authentication for users. The API only accepts authentication using the header `Authorization: Bearer <token>`.
+
+*Note: Additional authentication such as SSO, SAML, and OAuth will be part of the roadmap for VestaCP.*
+
+# VestaCP Access Control and Ownership
+VestaCP is built on the concept of federated access control and ownership for users. The hierarchy of ownership is as follows:
+- **Admin**: The highest level of ownership in VestaCP. The admin has the ability to create and manage users, and assign them to organisations and team. The admin can also create and manage servers, and assign them to organisations and teams. The admin can also create and manage organizations.
+- **Organization**: The second level of ownership in VestaCP. An organization can have multiple teams and projects. The organization can also have multiple users under teams. Organizations can be created by the admin.
+- **Team**: The third level of ownership in VestaCP. A team can have multiple projects and users. Teams can be created by the admin or organization owner.
+- **User**: The lowest level of ownership in VestaCP. A user can be assigned to an organisation or a team and can have access to projects. Users can be created by the admin, organization owner, or team owner.
+
+## Access Control
+Access control in VestaCP is based on the principle of least privilege. The admin, organization owner, and team owner can assign roles to users. Access control relies on a simple role-based access control (RBAC) model.
+
+## Authentication
+VestaCP uses a federated authentication model. Users can authenticate using their email address and password. The admin can also enable two-factor authentication for users. The API only accepts authentication using the header `Authorization: Bearer <token>`.
+
+*Note: Additional authentication such as SSO, SAML, and OAuth will be part of the roadmap for VestaCP.*
+
diff --git a/docs/specifications/readme.me b/docs/specifications/readme.me
new file mode 100644
index 000000000..10bac3908
--- /dev/null
+++ b/docs/specifications/readme.me
@@ -0,0 +1,6 @@
+# VestaCP Specifications Documentation
+This directory contains the working Documentation for VestaCP
+
+
+## Table of Contents
+- [Access Control and Ownership](access_control_and_ownership.md)
\ No newline at end of file