0.0.1 • Published 8 years ago

@kba/anno-mw-acl-static v0.0.1

Weekly downloads
-
License
MIT
Repository
github
Last release
8 years ago

anno-mw-acl-static

Authorization for anno-stores

ACL Users

  • role: An optional global role of a user
  • id: The user ID such as their homepage or email address
  • perm: An array of objects of collection-specific roles
    • collection: The collection these roles apply to
    • role: The roles

ACL Rules

Rules for authorization are expressed as sift-rule rules and read as JSON from the environment variable ANNO_ACL_RULES.

Rules are an ordered list of CONDITION-RESULT-DESCRIPTION triplets:

  • CONDITION is a sift query on an object encoding the request context
    • method: One of the methods of anno-store
    • anno: The existing annotation
    • newAnno: The new annotation (in case of create, revise)
    • user: The user calling the method, see ACL Users
    • collection: ID of the collection in question. Defaults to default
  • RESULT is true to allow or false to deny the request
  • DESCRIPTION is an optional description of the rule
@kba/anno-aclsift-ruleenvyconf
@infinitebrahmanuniverse/nolb-_kb@everything-registry/sub-chunk-512@zalastax/nolb-_kb
0.0.1

8 years ago