--
--  Accesss granted via tags; default is no accesss.
--  Permission must be explicitly granted.
--
--  Access permission is the disjunction of permit tags
--  Tags are split on "AND" to encode conjunction.
--
--  Note that nested routes automatically inherit all tags from the parent.
--
--  Admins always have access to entities within their assigned schools.
--
--  Access Tags:
--    !free       -- free for all
--    !lecturer   -- lecturer    for this course (or the school, if route is not connected to a course)
--    !corrector  -- corrector   for this sheet  (or the submission, if route is connected to a submission, or the course, if route is not connected to a sheet, or any course, if route is not connected to a course)
--    !registered -- participant for this course (no effect outside of courses)
--    !owner      -- part of the group of owners of this submission
--
--    !materials  -- only if course allows all materials to be free (no meaning outside of courses)
--    !time       -- access depends on time somehow
--    !isRead     -- only if it is read-only access (i.e. GET but not POST)
--    !isWrite    -- only if it is write access     (i.e. POST only) why needed???
--
--    !deprecated -- like free, but logs and gives a warning
--

/static StaticR Static appStatic                              !free
/auth   AuthR   Auth   getAuth                                !free

/favicon.ico FaviconR GET                                     !free
/robots.txt RobotsR GET                                       !free

/        HomeR    GET POST                                    !free
/profile ProfileR GET                                         !free
/users   UsersR   GET                                         -- no tags, i.e. admins only

/terms                       TermShowR         GET            !free
/terms/current               TermCurrentR      GET            !free
/terms/edit                  TermEditR         GET POST
/terms/#TermId/edit          TermEditExistR    GET
!/terms/#TermId              TermCourseListR   GET            !free

-- For Pattern Synonyms see Foundation
/course/                    CourseListR       GET             !free
!/course/new                CourseNewR        GET POST        !lecturer
/course/#TermId/#Text       CourseR                           !lecturer:
  /show                       CShowR          GET POST        !free
  /edit                       CEditR          GET POST
  /ex                         SheetListR      GET             !registered !materials
  !/ex/new                    SheetNewR       GET POST
  /ex/#Text SheetR:
    /show                       SShowR        GET             !timeANDregistered !timeANDmaterials !corrector
    !/#SheetFileType/*FilePath  SFileR        GET             !timeANDregistered !timeANDmaterials !corrector
    /edit                       SEditR        GET POST
    /delete                     SDelR         GET POST
    !/sub/new                   SubmissionNewR GET POST        !timeANDregistered
    !/sub/own                   SubmissionOwnR GET             !free
    !/sub/#CryptoFileNameSubmission SubmissionR    GET POST        !owner !corrector


-- TODO below
!/#{ZIPArchiveName SubmissionId} SubmissionDownloadArchiveR GET !deprecated
!/#CryptoFileNameSubmission/*FilePath SubmissionDownloadSingleR GET !deprecated

/submission                 SubmissionListR GET                 !deprecated
/submission/#CryptoUUIDSubmission SubmissionDemoR GET POST      !deprecated
/submissions.zip SubmissionDownloadMultiArchiveR POST           !deprecated
-- TODO above

!/#UUID CryptoUUIDDispatchR GET                               !free -- just redirect
!/*{CI FilePath} CryptoFileNameDispatchR GET                  !free