Mirroristas/CommunitySolidServer
2
0
Fork 0
mirror of https://github.com/CommunitySolidServer/CommunitySolidServer.git synced 2024-10-03 14:55:10 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
c73ef50e48fdf8a1646ca8a77be5c6ffeb5e9562
CommunitySolidServer/config/ldp/authorization/webacl.json
Joachim Van Herwegen b3dd50a593 refactor: Move WAC-Allow configs to ACL-specific config
2022-10-06 09:36:04 +02:00

69 lines
2.7 KiB
JSON
Raw Blame History

{
"@context": "https://linkedsoftwaredependencies.org/bundles/npm/@solid/community-server/^5.0.0/components/context.jsonld",
"import": [
"css:config/ldp/authorization/acl/wac-allow.json",
"css:config/ldp/authorization/readers/acl.json",
"css:config/ldp/authorization/readers/ownership.json"
],
"@graph": [
{
"comment": "Requests permissions on subject resources for auxiliary resources.",
"@id": "urn:solid-server:default:PermissionReader",
"@type": "AuxiliaryReader",
"auxiliaryStrategy": { "@id": "urn:solid-server:default:AuxiliaryStrategy" },
"reader": {
"@type": "UnionPermissionReader",
"readers": [
{
"comment": "This PermissionReader will be used to prevent external access to containers used for internal storage.",
"@id": "urn:solid-server:default:PathBasedReader",
"@type": "PathBasedReader",
"baseUrl": { "@id": "urn:solid-server:default:variable:baseUrl" }
},
{
"@id": "urn:solid-server:default:OwnerPermissionReader",
"@type": "OwnerPermissionReader",
"authStrategy": { "@id": "urn:solid-server:default:AclStrategy" }
},
{
"comment": "Uses Web Access Control for authorization.",
"@id": "urn:solid-server:default:WrappedWebAclReader"
}
]
}
},
{
"comment": "The templates for WAC authorization documents are in the wac subfolder.",
"@id": "urn:solid-server:default:TemplatedResourcesGenerator",
"@type": "SubfolderResourcesGenerator",
"subfolders": [ "wac" ]
},
{
"comment": "Collects the metadata necessary for the WAC-Allow header.",
"@id": "urn:solid-server:default:OperationMetadataCollector",
"@type": "SequenceHandler",
"handlers": [
{ "@type": "WebAclMetadataCollector" }
]
},
{
"comment": "WAC-Allow header indicates available permissions.",
"@id": "urn:solid-server:default:MetadataWriter",
"@type": "ParallelHandler",
"handlers": [
{ "@id": "urn:solid-server:default:MetadataWriter_WacAllow" }
]
},
{
"comment": "In case of WebACL authorization the ACL resources determine authorization.",
"@id": "urn:solid-server:default:AuthResourceHttpHandler",
"@type": "RouterHandler",
"args_baseUrl": { "@id": "urn:solid-server:default:variable:baseUrl" },
"args_targetExtractor": { "@id": "urn:solid-server:default:TargetExtractor" },
"args_allowedMethods": [ "*" ],
"args_allowedPathNames": [ "^/.*\\.acl$" ],
"args_handler": { "@id": "urn:solid-server:default:LdpHandler" }
}
]
}
Reference in New Issue View Git Blame Copy Permalink