--
--  Accesss granted via tags; default is no accesss.
--  Permission must be explicitly granted.
--
--  Access permission is the disjunction of permit tags
--  Tags are split on "AND" to encode conjunction.
--
--  Note that nested routes automatically inherit all tags from the parent.
--
--  Admins always have access to entities within their assigned schools.
--
--  Access Tags:
--    !free        -- free for all
--    !lecturer    -- lecturer    for this course (or the school, if route is not connected to a course)
--    !corrector   -- corrector   for this sheet  (or the submission, if route is connected to a submission, or the course, if route is not connected to a sheet, or any course, if route is not connected to a course)
--    !registered  -- participant for this course (no effect outside of courses)
--    !owner       -- part of the group of owners of this submission
--    !capacity    -- course this route is associated with has at least one unit of participant capacity
--    !empty       -- course this route is associated with has no participants whatsoever
--
--    !materials   -- only if course allows all materials to be free (no meaning outside of courses)
--    !time        -- access depends on time somehow
--    !read        -- only if it is read-only access (i.e. GET but not POST)
--    !write       -- only if it is write access     (i.e. POST only, included for completeness)
--
--    !deprecated  -- like free, but logs and gives a warning; entirely disabled in production
--    !development -- like free, but only for development builds

/static StaticR Static appStatic                              !free
/auth   AuthR   Auth   getAuth                                !free

/favicon.ico FaviconR GET                                     !free
/robots.txt RobotsR GET                                       !free

/                           HomeR             GET             !free
/users                      UsersR            GET             -- no tags, i.e. admins only
/admin/test                 AdminTestR        GET POST
/admin/user/#CryptoUUIDUser AdminUserR        GET             !development
/admin/user/#CryptoUUIDUser/hijack AdminHijackUserR POST
/admin/errMsg               AdminErrMsgR      GET POST
/info                       VersionR          GET             !free
/help                       HelpR             GET POST        !free

/profile                    ProfileR          GET POST        !free
/profile/data               ProfileDataR      GET POST        !free

/authpreds                  AuthPredsR        GET POST        !free

/term                      TermShowR         GET             !free
/term/current              TermCurrentR      GET             !free
/term/edit                 TermEditR         GET POST
/term/#TermId/edit         TermEditExistR    GET
!/term/#TermId             TermCourseListR   GET             !free
!/term/#TermId/#SchoolId   TermSchoolCourseListR  GET             !free

/school                    SchoolListR       GET             !development
/school/#SchoolId          SchoolShowR       GET             !development


-- For Pattern Synonyms see Foundation
/course/                    CourseListR       GET             !free
!/course/new                CourseNewR        GET POST        !lecturer
!/course/new/#{Maybe TermId}/#{Maybe SchoolId}/#{Maybe CourseShorthand}   CourseNewTemplateR GET   !lecturer
/course/#TermId/#SchoolId/#CourseShorthand CourseR          !lecturer:
  /                           CShowR          GET             !free
  /register                   CRegisterR          POST        !timeANDcapacity
  /edit                       CEditR          GET POST
  /delete                     CDeleteR        GET POST        !lecturerANDempty
  /users                      CUsersR         GET
  /user/#CryptoUUIDUser       CUserR          GET             !development
  /correctors                 CHiWisR         GET
  /subs                       CCorrectionsR   GET POST
  /ex                         SheetListR      GET             !registered !materials
  !/ex/new                    SheetNewR       GET POST
  /ex/#SheetName SheetR:
    /                           SShowR        GET             !timeANDregistered !timeANDmaterials !corrector
    /edit                       SEditR        GET POST
    /delete                     SDelR         GET POST
    /subs                       SSubsR        GET POST        -- for lecturer only
    !/subs/new                  SubmissionNewR GET POST       !timeANDregisteredANDuser-submissions
    !/subs/own                  SubmissionOwnR GET            !free -- just redirect
    /subs/#CryptoFileNameSubmission SubmissionR:
      /                         SubShowR      GET POST !ownerANDtime !ownerANDread !correctorANDread
      /archive/#{ZIPArchiveName SubmissionFileType} SubArchiveR                GET      !owner !corrector
      /assign                   SAssignR      GET POST	      !lecturerANDtime
      /correction               CorrectionR   GET POST        !corrector !ownerANDreadANDrated
      !/#SubmissionFileType/*FilePath SubDownloadR           GET      !owner !corrector
    /correctors                 SCorrR        GET POST
    /pseudonym                  SPseudonymR   GET POST        !registeredANDcorrector-submissions
    !/#SheetFileType/*FilePath  SFileR        GET             !timeANDregistered !timeANDmaterials !corrector


/subs  CorrectionsR GET POST !corrector !lecturer
/subs/upload CorrectionsUploadR GET POST !corrector !lecturer
/subs/create CorrectionsCreateR GET POST !corrector !lecturer
/subs/grade CorrectionsGradeR GET POST !corrector !lecturer


/msgs                           MessageListR GET POST
/msg/#{CryptoUUIDSystemMessage} MessageR      GET POST        !timeANDreadANDauthentication


!/#UUID CryptoUUIDDispatchR GET                               !free -- just redirect
-- !/*{CI FilePath} CryptoFileNameDispatchR GET                  !free -- Disabled until preliminary check for valid cID exists