...
Gliffy Diagram name Fedora WebAC Request Authorization Flow
Example Scenarios
I want to allow a user with username "smith123" to have read, write access to resource resource http://localhost:8080/rest/webacl_box1.
Using these two "files" to create our Authorization and ACL resources.
Code Block title Acl.ttl @prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> . @prefix ldp: <http://www.w3.org/ns/ldp#> . <> a ldp:BasicContainer ; rdf:type ???:WebAcl .
Code Block title Authorization.ttl @prefix acl: <http://www.w3.org/ns/auth/acl#> . @prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> . @prefix ldp: <http://www.w3.org/ns/ldp#> . <> a ldp:RDFSource ; rdf:type acl:Authorization ; acl:agent "smith123" ; acl:mode acl:Read, acl:Write ; acl:accessTo <http://localhost:8080/rest/webacl_box1> .
We would execute the following commands.
Code Block > curl -X POST -H "Content-type: text/turtle" --data-binary "@Acl.ttl" "http://localhost:8080/rest" http://localhost:8080/rest/new/node/acl > curl -X PUT -H "Content-type: text/turtle" --data-binary "@Authorization.ttl" "http://localhost:8080/rest/new/node/acl/auth1" http://localhost:8080/rest/new/node/acl/auth1 > echo "PREFIX acl: <http://www.w3.org/ns/auth/acl#> INSERT INTO { <> acl:accessControl <http://localhost:8080/rest/new/node/acl> . }" | curl -X PATCH -H "Content-type: application/sparql-update" --upload-file - "http://localhost:8080/rest/webacl_box1"
I
wants this group to have write access on this collectionwant to let the group "Editors" have write access on all the items in the collection "http://localhost:8080/rest/box/bag/collection"
Using the below two "files",Code Block title Acl.ttl @prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> . @prefix ldp: <http://www.w3.org/ns/ldp#> . <> a ldp:BasicContainer ; rdf:type ???:WebAcl .
Code Block title Authorization.ttl @prefix acl: <http://www.w3.org/ns/auth/acl#> . @prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> . @prefix ldp: <http://www.w3.org/ns/ldp#> . <> a ldp:RDFSource ; rdf:type acl:Authorization ; acl:agent "Editors" ; acl:mode acl:Read, acl:Write ; acl:accessTo <http://localhost:8080/rest/box/bag/collection> .
We would execute the following commands.
Code Block > curl -X POST -H "Content-type: text/turtle" --data-binary "@Acl.ttl" "http://localhost:8080/rest" http://localhost:8080/rest/acl > curl -X PUT -H "Content-type: text/turtle" --data-binary "@Authorization.ttl" "http://localhost:8080/rest/acl/auth1" http://localhost:8080/rest/acl/auth1 > echo "PREFIX acl: <http://www.w3.org/ns/auth/acl#> INSERT INTO { <> acl:accessControl <http://localhost:8080/rest/acl> . }" | curl -X PATCH -H "Content-type: application/sparql-update" --upload-file - "http://localhost:8080/rest/box/bag/collection"
....