forked from vivo-project/Vitro
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Revert everytime/permission_config.n3 removal
- Loading branch information
Showing
1 changed file
with
175 additions
and
0 deletions.
There are no files selected for viewing
175 changes: 175 additions & 0 deletions
175
home/src/main/resources/rdf/auth/everytime/permission_config.n3
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,175 @@ | ||
| # $This file is distributed under the terms of the license in LICENSE$ | ||
|
|
||
| @prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> . | ||
| @prefix auth: <http://vitro.mannlib.cornell.edu/ns/vitro/authorization#> . | ||
| @prefix simplePermission: <java:edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission#> . | ||
| @prefix displayByRole: <java:edu.cornell.mannlib.vitro.webapp.auth.permissions.DisplayByRolePermission#> . | ||
| @prefix editByRole: <java:edu.cornell.mannlib.vitro.webapp.auth.permissions.EditByRolePermission#> . | ||
| @prefix publishByRole: <java:edu.cornell.mannlib.vitro.webapp.auth.permissions.PublishByRolePermission#> . | ||
|
|
||
| auth:ADMIN | ||
| a auth:PermissionSet ; | ||
| rdfs:label "Site Admin" ; | ||
|
|
||
| # ADMIN-only permissions | ||
| auth:hasPermission simplePermission:AccessSpecialDataModels ; | ||
| auth:hasPermission simplePermission:EnableDeveloperPanel ; | ||
| auth:hasPermission simplePermission:LoginDuringMaintenance ; | ||
| auth:hasPermission simplePermission:ManageMenus ; | ||
| auth:hasPermission simplePermission:ManageProxies ; | ||
| auth:hasPermission simplePermission:ManageSearchIndex ; | ||
| auth:hasPermission simplePermission:ManageUserAccounts ; | ||
| auth:hasPermission simplePermission:RefreshVisualizationCache ; | ||
| auth:hasPermission simplePermission:SeeConfiguration ; | ||
| auth:hasPermission simplePermission:SeeStartupStatus ; | ||
| auth:hasPermission simplePermission:UseAdvancedDataToolsPages ; | ||
| auth:hasPermission simplePermission:UseMiscellaneousAdminPages ; | ||
| auth:hasPermission simplePermission:UseSparqlQueryPage ; | ||
| auth:hasPermission simplePermission:PageViewableAdmin ; | ||
|
|
||
| # Uncomment the following permission line to enable the SPARQL update API. | ||
| # Before enabling, be sure that the URL api/sparqlUpdate is secured by HTTPS, | ||
| # so passwords will not be sent in clear text. | ||
| #auth:hasPermission simplePermission:UseSparqlUpdateApi ; | ||
|
|
||
| # permissions for CURATOR and above. | ||
| auth:hasPermission simplePermission:EditOntology ; | ||
| auth:hasPermission simplePermission:EditSiteInformation ; | ||
| auth:hasPermission simplePermission:SeeVerbosePropertyInformation ; | ||
| auth:hasPermission simplePermission:UseMiscellaneousCuratorPages ; | ||
| auth:hasPermission simplePermission:PageViewableCurator ; | ||
|
|
||
| # permissions for EDITOR and above. | ||
| auth:hasPermission simplePermission:DoBackEndEditing ; | ||
| auth:hasPermission simplePermission:SeeIndividualEditingPanel ; | ||
| auth:hasPermission simplePermission:SeeRevisionInfo ; | ||
| auth:hasPermission simplePermission:SeeSiteAdminPage ; | ||
| auth:hasPermission simplePermission:UseIndividualControlPanel ; | ||
| auth:hasPermission simplePermission:PageViewableEditor ; | ||
|
|
||
| # permissions for ANY logged-in user. | ||
| auth:hasPermission simplePermission:DoFrontEndEditing ; | ||
| auth:hasPermission simplePermission:EditOwnAccount ; | ||
| auth:hasPermission simplePermission:ManageOwnProxies ; | ||
| auth:hasPermission simplePermission:QueryUserAccountsModel ; | ||
| auth:hasPermission simplePermission:UseBasicAjaxControllers ; | ||
| auth:hasPermission simplePermission:UseMiscellaneousPages ; | ||
| auth:hasPermission simplePermission:PageViewableLoggedIn ; | ||
|
|
||
| # permissions for ANY user, even if they are not logged in. | ||
| auth:hasPermission simplePermission:QueryFullModel ; | ||
| auth:hasPermission simplePermission:PageViewablePublic ; | ||
|
|
||
| # role-based permissions for ADMIN | ||
| auth:hasPermission displayByRole:Admin ; | ||
| auth:hasPermission editByRole:Admin ; | ||
| auth:hasPermission publishByRole:Admin ; | ||
| . | ||
|
|
||
| auth:CURATOR | ||
| a auth:PermissionSet ; | ||
| rdfs:label "Curator" ; | ||
|
|
||
| # permissions for CURATOR and above. | ||
| auth:hasPermission simplePermission:EditOntology ; | ||
| auth:hasPermission simplePermission:EditSiteInformation ; | ||
| auth:hasPermission simplePermission:SeeVerbosePropertyInformation ; | ||
| auth:hasPermission simplePermission:UseMiscellaneousCuratorPages ; | ||
| auth:hasPermission simplePermission:PageViewableCurator ; | ||
|
|
||
| # permissions for EDITOR and above. | ||
| auth:hasPermission simplePermission:DoBackEndEditing ; | ||
| auth:hasPermission simplePermission:SeeIndividualEditingPanel ; | ||
| auth:hasPermission simplePermission:SeeRevisionInfo ; | ||
| auth:hasPermission simplePermission:SeeSiteAdminPage ; | ||
| auth:hasPermission simplePermission:UseIndividualControlPanel ; | ||
| auth:hasPermission simplePermission:PageViewableEditor ; | ||
|
|
||
| # permissions for ANY logged-in user. | ||
| auth:hasPermission simplePermission:DoFrontEndEditing ; | ||
| auth:hasPermission simplePermission:EditOwnAccount ; | ||
| auth:hasPermission simplePermission:ManageOwnProxies ; | ||
| auth:hasPermission simplePermission:QueryUserAccountsModel ; | ||
| auth:hasPermission simplePermission:UseBasicAjaxControllers ; | ||
| auth:hasPermission simplePermission:UseMiscellaneousPages ; | ||
| auth:hasPermission simplePermission:PageViewableLoggedIn ; | ||
|
|
||
| # permissions for ANY user, even if they are not logged in. | ||
| auth:hasPermission simplePermission:QueryFullModel ; | ||
| auth:hasPermission simplePermission:PageViewablePublic ; | ||
|
|
||
| # role-based permissions for CURATOR | ||
| auth:hasPermission displayByRole:Curator ; | ||
| auth:hasPermission editByRole:Curator ; | ||
| auth:hasPermission publishByRole:Curator ; | ||
| . | ||
|
|
||
| auth:EDITOR | ||
| a auth:PermissionSet ; | ||
| rdfs:label "Editor" ; | ||
|
|
||
| # permissions for EDITOR and above. | ||
| auth:hasPermission simplePermission:DoBackEndEditing ; | ||
| auth:hasPermission simplePermission:SeeIndividualEditingPanel ; | ||
| auth:hasPermission simplePermission:SeeRevisionInfo ; | ||
| auth:hasPermission simplePermission:SeeSiteAdminPage ; | ||
| auth:hasPermission simplePermission:UseIndividualControlPanel ; | ||
| auth:hasPermission simplePermission:PageViewableEditor ; | ||
|
|
||
| # permissions for ANY logged-in user. | ||
| auth:hasPermission simplePermission:DoFrontEndEditing ; | ||
| auth:hasPermission simplePermission:EditOwnAccount ; | ||
| auth:hasPermission simplePermission:ManageOwnProxies ; | ||
| auth:hasPermission simplePermission:QueryUserAccountsModel ; | ||
| auth:hasPermission simplePermission:UseBasicAjaxControllers ; | ||
| auth:hasPermission simplePermission:UseMiscellaneousPages ; | ||
| auth:hasPermission simplePermission:PageViewableLoggedIn ; | ||
|
|
||
| # permissions for ANY user, even if they are not logged in. | ||
| auth:hasPermission simplePermission:QueryFullModel ; | ||
| auth:hasPermission simplePermission:PageViewablePublic ; | ||
|
|
||
| # role-based permissions for EDITOR | ||
| auth:hasPermission displayByRole:Editor ; | ||
| auth:hasPermission editByRole:Editor ; | ||
| auth:hasPermission publishByRole:Editor ; | ||
| . | ||
|
|
||
| auth:SELF_EDITOR | ||
| a auth:PermissionSet ; | ||
| a auth:PermissionSetForNewUsers ; | ||
| rdfs:label "Self Editor" ; | ||
|
|
||
| # permissions for ANY logged-in user. | ||
| auth:hasPermission simplePermission:DoFrontEndEditing ; | ||
| auth:hasPermission simplePermission:EditOwnAccount ; | ||
| auth:hasPermission simplePermission:ManageOwnProxies ; | ||
| auth:hasPermission simplePermission:QueryUserAccountsModel ; | ||
| auth:hasPermission simplePermission:UseBasicAjaxControllers ; | ||
| auth:hasPermission simplePermission:UseMiscellaneousPages ; | ||
| auth:hasPermission simplePermission:PageViewableLoggedIn ; | ||
|
|
||
| # permissions for ANY user, even if they are not logged in. | ||
| auth:hasPermission simplePermission:QueryFullModel ; | ||
| auth:hasPermission simplePermission:PageViewablePublic ; | ||
|
|
||
| # role-based permissions for SELF_EDITOR | ||
| # For role-based display and editing, SelfEditor is like Public. | ||
| # SelfEditor uses its special permissions to edit/display its own values. | ||
| auth:hasPermission displayByRole:Public ; | ||
| auth:hasPermission publishByRole:Public ; | ||
| . | ||
|
|
||
| auth:PUBLIC | ||
| a auth:PermissionSet ; | ||
| a auth:PermissionSetForPublic ; | ||
| rdfs:label "Public" ; | ||
|
|
||
| # permissions for ANY user, even if they are not logged in. | ||
| auth:hasPermission simplePermission:QueryFullModel ; | ||
| auth:hasPermission simplePermission:PageViewablePublic ; | ||
|
|
||
| # role-based permissions for PUBLIC | ||
| auth:hasPermission displayByRole:Public ; | ||
| auth:hasPermission publishByRole:Public ; | ||
| . |