77 lines
4.0 KiB
Plaintext
77 lines
4.0 KiB
Plaintext
--
|
|
-- Accesss granted via tags; default is no accesss.
|
|
-- Permission must be explicitly granted.
|
|
--
|
|
-- Access permission is the disjunction of permit tags
|
|
-- Tags are split on "AND" to encode conjunction.
|
|
--
|
|
-- Note that nested routes automatically inherit all tags from the parent.
|
|
--
|
|
-- Admins always have access to entities within their assigned schools.
|
|
--
|
|
-- Access Tags:
|
|
-- !free -- free for all
|
|
-- !lecturer -- lecturer for this course (or the school, if route is not connected to a course)
|
|
-- !corrector -- corrector for this sheet (or the submission, if route is connected to a submission, or the course, if route is not connected to a sheet, or any course, if route is not connected to a course)
|
|
-- !registered -- participant for this course (no effect outside of courses)
|
|
-- !owner -- part of the group of owners of this submission
|
|
--
|
|
-- !materials -- only if course allows all materials to be free (no meaning outside of courses)
|
|
-- !time -- access depends on time somehow
|
|
-- !isRead -- only if it is read-only access (i.e. GET but not POST)
|
|
-- !isWrite -- only if it is write access (i.e. POST only) why needed???
|
|
--
|
|
-- !deprecated -- like free, but logs and gives a warning; entirely disabled in production
|
|
--
|
|
|
|
/static StaticR Static appStatic !free
|
|
/auth AuthR Auth getAuth !free
|
|
|
|
/favicon.ico FaviconR GET !free
|
|
/robots.txt RobotsR GET !free
|
|
|
|
/ HomeR GET !free
|
|
/users UsersR GET -- no tags, i.e. admins only
|
|
/admin/test AdminTestR GET POST
|
|
/admin/user/#CryptoUUIDUser AdminUserR GET
|
|
|
|
/profile ProfileR GET POST !free !free
|
|
/profile/data ProfileDataR GET !free !free
|
|
|
|
/terms TermShowR GET !free
|
|
/terms/current TermCurrentR GET !free
|
|
/terms/edit TermEditR GET POST
|
|
/terms/#TermId/edit TermEditExistR GET
|
|
!/terms/#TermId TermCourseListR GET !free
|
|
|
|
-- For Pattern Synonyms see Foundation
|
|
/course/ CourseListR GET !free
|
|
!/course/new CourseNewR GET POST !lecturer
|
|
/course/#TermId/#Text CourseR !lecturer:
|
|
/show CShowR GET !free
|
|
/register CRegisterR POST !time
|
|
/edit CEditR GET POST
|
|
/ex SheetListR GET !registered !materials
|
|
!/ex/new SheetNewR GET POST
|
|
/ex/#Text SheetR:
|
|
/show SShowR GET !timeANDregistered !timeANDmaterials !corrector
|
|
!/#SheetFileType/*FilePath SFileR GET !timeANDregistered !timeANDmaterials !corrector
|
|
/edit SEditR GET POST
|
|
/delete SDelR GET POST
|
|
!/sub/new SubmissionNewR GET POST !timeANDregistered
|
|
!/sub/own SubmissionOwnR GET !free
|
|
!/sub/#CryptoFileNameSubmission SubmissionR GET POST !owner !corrector
|
|
|
|
|
|
-- TODO below
|
|
!/#{ZIPArchiveName SubmissionId} SubmissionDownloadArchiveR GET !deprecated
|
|
!/#CryptoFileNameSubmission/*FilePath SubmissionDownloadSingleR GET !deprecated
|
|
|
|
/submission SubmissionListR GET !deprecated
|
|
/submission/#CryptoUUIDSubmission SubmissionDemoR GET POST !deprecated
|
|
/submissions.zip SubmissionDownloadMultiArchiveR POST !deprecated
|
|
-- TODO above
|
|
|
|
!/#UUID CryptoUUIDDispatchR GET !free -- just redirect
|
|
!/*{CI FilePath} CryptoFileNameDispatchR GET !free
|