233 lines
15 KiB
Plaintext
233 lines
15 KiB
Plaintext
--
|
|
-- Accesss granted via tags; default is no accesss.
|
|
-- Permission must be explicitly granted.
|
|
--
|
|
-- Access permission is the disjunction of permit tags
|
|
-- Tags are split on "AND" to encode conjunction.
|
|
--
|
|
-- Note that nested routes automatically inherit all tags from the parent.
|
|
--
|
|
-- Admins always have access to entities within their assigned schools.
|
|
--
|
|
-- Access Tags:
|
|
-- !free -- free for all
|
|
-- !lecturer -- lecturer for this course (or for any school, if route is not connected to a course)
|
|
-- !corrector -- corrector for this sheet (or the submission, if route is connected to a submission, or the course, if route is not connected to a sheet, or any course, if route is not connected to a course)
|
|
-- !course-registered -- participant for this course (no effect outside of courses)
|
|
-- !tutorial-registered -- participant for this tutorial (no effect outside of courses)
|
|
-- !participant -- connected with a given course (not necessarily registered), i.e. has a submission, is a corrector, etc. (no effect outside of courses)
|
|
--
|
|
-- !register-group -- user is member in no other tutorial with same register group
|
|
--
|
|
-- !owner -- part of the group of owners of this submission
|
|
-- !self -- route refers to the currently logged in user themselves
|
|
-- !capacity -- course this route is associated with has at least one unit of participant capacity
|
|
-- !empty -- course this route is associated with has no participants whatsoever
|
|
--
|
|
-- !is-ldap -- user has authentication mode set to LDAP
|
|
-- !is-pw-hash -- user has authentication mode set to PWHash
|
|
--
|
|
-- !materials -- only if course allows all materials to be free (no meaning outside of courses)
|
|
-- !time -- access depends on time somehow
|
|
-- !read -- only if it is read-only access (i.e. GET but not POST)
|
|
-- !write -- only if it is write access (i.e. POST only, included for completeness)
|
|
--
|
|
-- !no-escalation --
|
|
-- !deprecated -- like free, but logs and gives a warning; entirely disabled in production
|
|
-- !development -- like free, but only for development builds
|
|
|
|
/static StaticR EmbeddedStatic appStatic !free
|
|
/auth AuthR Auth getAuth !free
|
|
|
|
/metrics MetricsR GET
|
|
|
|
/ NewsR GET !free
|
|
/users UsersR GET POST -- no tags, i.e. admins only
|
|
/users/#CryptoUUIDUser AdminUserR GET POST
|
|
/users/#CryptoUUIDUser/delete AdminUserDeleteR POST
|
|
/users/#CryptoUUIDUser/hijack AdminHijackUserR POST !adminANDno-escalation
|
|
/users/#CryptoUUIDUser/notifications UserNotificationR GET POST !self
|
|
/users/#CryptoUUIDUser/password UserPasswordR GET POST !selfANDis-pw-hash
|
|
!/users/functionary-invite/new AdminNewFunctionaryInviteR GET POST
|
|
!/users/functionary-invite AdminFunctionaryInviteR GET POST
|
|
!/users/add AdminUserAddR GET POST
|
|
/admin AdminR GET
|
|
/admin/features AdminFeaturesR GET POST
|
|
/admin/test AdminTestR GET POST
|
|
/admin/errMsg AdminErrMsgR GET POST
|
|
/admin/tokens AdminTokensR GET POST
|
|
|
|
/health HealthR GET !free
|
|
/instance InstanceR GET !free
|
|
/info InfoR GET !free
|
|
/info/lecturer InfoLecturerR GET !lecturer
|
|
/info/legal LegalR GET !free
|
|
/info/allocation InfoAllocationR GET !free
|
|
/info/glossary GlossaryR GET !free
|
|
/version VersionR GET !free
|
|
|
|
/help HelpR GET POST !free
|
|
|
|
/user ProfileR GET POST !free
|
|
/user/profile ProfileDataR GET !free
|
|
/user/authpreds AuthPredsR GET POST !free
|
|
/user/set-display-email SetDisplayEmailR GET POST !free
|
|
/user/csv-options CsvOptionsR GET POST !free
|
|
/user/lang LangR POST !free
|
|
/user/storage-key StorageKeyR POST !free
|
|
|
|
/exam-office ExamOfficeR !exam-office:
|
|
/ EOExamsR GET
|
|
/fields EOFieldsR GET POST
|
|
/users EOUsersR GET POST
|
|
/users/invite EOUsersInviteR GET POST
|
|
|
|
/external-exam EExamListR GET !lecturer !¬empty
|
|
/external-exam/new EExamNewR GET POST !lecturer
|
|
/external-exam/#TermId/#SchoolId/#CourseName/#ExamName EExamR !lecturer:
|
|
/ EEShowR GET !exam-office !exam-result
|
|
/edit EEEditR GET POST
|
|
/users EEUsersR GET POST
|
|
/grades EEGradesR GET POST !exam-office
|
|
/staff-invite EEStaffInviteR GET POST
|
|
|
|
|
|
/term TermShowR GET !free
|
|
/term/current TermCurrentR GET !free
|
|
/term/edit TermEditR GET POST
|
|
/term/#TermId/edit TermEditExistR GET POST
|
|
!/term/#TermId TermCourseListR GET !free
|
|
!/term/#TermId/#SchoolId TermSchoolCourseListR GET !free
|
|
|
|
/school SchoolListR GET
|
|
!/school/new SchoolNewR GET POST
|
|
/school/#SchoolId SchoolR:
|
|
/ SchoolEditR GET POST
|
|
|
|
/allocation/ AllocationListR GET !free
|
|
/allocation/#TermId/#SchoolId/#AllocationShorthand AllocationR:
|
|
/ AShowR GET !free
|
|
/register ARegisterR POST !time
|
|
/course/#CryptoUUIDCourse/apply AApplyR POST !timeANDallocation-registered
|
|
/users AUsersR GET POST !allocation-admin
|
|
/priorities APriosR GET POST !allocation-admin
|
|
/compute AComputeR GET POST !allocation-admin
|
|
/accept AAcceptR GET POST !allocation-admin
|
|
|
|
/participants ParticipantsListR GET !evaluation
|
|
/participants/#TermId/#SchoolId ParticipantsR GET !evaluation
|
|
/participants/intersect ParticipantsIntersectR GET POST !evaluation
|
|
|
|
|
|
-- For Pattern Synonyms see Foundation
|
|
/course/ CourseListR GET !free
|
|
!/course/new CourseNewR GET POST !lecturer
|
|
/course/#TermId/#SchoolId/#CourseShorthand CourseR !lecturer:
|
|
/ CShowR GET !free
|
|
/favourite CFavouriteR POST
|
|
/register CRegisterR GET POST !timeANDcapacityANDallocation-timeAND¬course-registered !timeANDallocation-timeAND¬exam-resultANDcourse-registered !lecturerANDallocation-time
|
|
/register-template CRegisterTemplateR GET !free
|
|
/edit CEditR GET POST
|
|
/lecturer-invite CLecInviteR GET POST
|
|
/delete CDeleteR GET POST !lecturerANDemptyANDallocation-time
|
|
/users CUsersR GET POST
|
|
!/users/new CAddUserR GET POST !lecturerANDallocation-time
|
|
!/users/invite CInviteR GET POST
|
|
/users/#CryptoUUIDUser CUserR GET POST !lecturerANDparticipant !lecturerANDapplicant
|
|
/correctors CHiWisR GET
|
|
/communication CCommR GET POST
|
|
/notes CNotesR GET POST !corrector -- THIS route is used to check for overall course corrector access!
|
|
/exam-office CExamOfficeR GET POST !course-registered
|
|
/subs CCorrectionsR GET POST
|
|
/subs/assigned CAssignR GET POST
|
|
/sheet SheetListR GET !course-registered !materials !corrector
|
|
/sheet/new SheetNewR GET POST
|
|
/sheet/current SheetCurrentR GET !course-registered !materials !corrector
|
|
/sheet/unassigned SheetOldUnassignedR GET
|
|
/sheet/#SheetName SheetR:
|
|
/show SShowR GET !timeANDcourse-registered !timeANDmaterials !corrector !timeANDtutor
|
|
/show/download SArchiveR GET !timeANDcourse-registered !timeANDmaterials !corrector !timeANDtutor
|
|
/edit SEditR GET POST
|
|
/delete SDelR GET POST
|
|
/subs SSubsR GET POST -- for lecturer only
|
|
!/subs/new SubmissionNewR GET POST !timeANDcourse-registeredANDuser-submissions
|
|
!/subs/own SubmissionOwnR GET !free -- just redirect
|
|
!/subs/assign SAssignR GET POST !lecturerANDtime
|
|
/subs/#CryptoFileNameSubmission SubmissionR:
|
|
/ SubShowR GET POST !ownerANDtimeANDuser-submissions !ownerANDread !correctorANDread
|
|
/delete SubDelR GET POST !ownerANDtimeANDuser-submissions
|
|
/assign SubAssignR GET POST !lecturerANDtime
|
|
/correction CorrectionR GET POST !corrector !ownerANDreadANDrated
|
|
/invite SInviteR GET POST !ownerANDtimeANDuser-submissions
|
|
!/#SubmissionFileType SubArchiveR GET !owner !corrector
|
|
!/#SubmissionFileType/*FilePath SubDownloadR GET !owner !corrector
|
|
/iscorrector SIsCorrR GET !corrector -- Route is used to check for corrector access to this sheet
|
|
/pseudonym SPseudonymR GET POST !course-registeredANDcorrector-submissions
|
|
/corrector-invite/ SCorrInviteR GET POST
|
|
!/#SheetFileType SZipR GET !timeANDcourse-registered !timeANDmaterials !corrector !timeANDtutor
|
|
!/#SheetFileType/*FilePath SFileR GET !timeANDcourse-registered !timeANDmaterials !corrector !timeANDtutor
|
|
/file MaterialListR GET !course-registered !materials !corrector !tutor
|
|
/file/new MaterialNewR GET POST
|
|
/file/#MaterialName MaterialR:
|
|
/edit MEditR GET POST
|
|
/delete MDelR GET POST
|
|
/show MShowR GET !timeANDcourse-registered !timeANDmaterials !corrector !tutor
|
|
!/download MArchiveR GET !timeANDcourse-registered !timeANDmaterials !corrector !tutor
|
|
!/download/*FilePath MFileR GET !timeANDcourse-registered !timeANDmaterials !corrector !tutor
|
|
/tuts CTutorialListR GET !tutor -- THIS route is used to check for overall course tutor access!
|
|
/tuts/new CTutorialNewR GET POST
|
|
/tuts/#TutorialName TutorialR:
|
|
/edit TEditR GET POST !tutorANDtutor-control
|
|
/delete TDeleteR GET POST
|
|
/participants TUsersR GET POST !tutor
|
|
/register TRegisterR POST !timeANDcapacityANDcourse-registeredANDregister-group !timeANDtutorial-registered
|
|
/communication TCommR GET POST !tutor
|
|
/tutor-invite TInviteR GET POST !tutorANDtutor-control
|
|
/exams CExamListR GET !free
|
|
/exams/new CExamNewR GET POST
|
|
/exams/#ExamName ExamR:
|
|
/show EShowR GET !time !exam-office
|
|
/edit EEditR GET POST
|
|
/corrector-invite ECInviteR GET POST
|
|
/users EUsersR GET POST
|
|
/users/new EAddUserR GET POST
|
|
/users/invite EInviteR GET POST
|
|
/register ERegisterR POST !timeANDcourse-registeredAND¬exam-registered !timeANDexam-registeredAND¬exam-result
|
|
/register/#ExamOccurrenceName ERegisterOccR POST !exam-occurrence-registrationANDtimeANDcapacityANDcourse-registeredAND¬exam-occurrence-registered !exam-occurrence-registrationANDtimeANDexam-occurrence-registeredAND¬exam-result
|
|
/grades EGradesR GET POST !exam-office
|
|
/assign-occurrences EAutoOccurrenceR POST
|
|
/correct ECorrectR GET POST !exam-correctorANDtime
|
|
/apps CApplicationsR GET POST
|
|
!/apps/files CAppsFilesR GET
|
|
/apps/#CryptoFileNameCourseApplication CourseApplicationR:
|
|
/ CAEditR GET POST !timeANDself !lecturerANDstaff-time !selfANDread
|
|
/files CAFilesR GET !self !lecturerANDstaff-time
|
|
!/news/add CNewsNewR GET POST
|
|
/news/#CryptoUUIDCourseNews CourseNewsR:
|
|
/ CNShowR GET !timeANDparticipant
|
|
/edit CNEditR GET POST
|
|
/delete CNDeleteR GET POST
|
|
!/download CNArchiveR GET !timeANDparticipant
|
|
!/download/*FilePath CNFileR GET !timeANDparticipant
|
|
!/events/add CEventsNewR GET POST
|
|
/events/#CryptoUUIDCourseEvent CourseEventR:
|
|
/edit CEvEditR GET POST
|
|
/delete CEvDeleteR GET POST
|
|
|
|
|
|
/subs CorrectionsR GET POST !corrector !lecturer
|
|
/subs/upload CorrectionsUploadR GET POST !corrector !lecturer
|
|
/subs/create CorrectionsCreateR GET POST !corrector !lecturer
|
|
/subs/grade CorrectionsGradeR GET POST !corrector !lecturer
|
|
/subs/download CorrectionsDownloadR GET !corrector !lecturer
|
|
|
|
|
|
/msgs MessageListR GET POST
|
|
/msg/#{CryptoUUIDSystemMessage} MessageR GET POST !timeANDreadANDauthentication
|
|
/msg/#{CryptoUUIDSystemMessage}/hide MessageHideR POST !timeANDauthentication
|
|
|
|
!/#UUID CryptoUUIDDispatchR GET !free -- just redirect
|
|
-- !/*{CI FilePath} CryptoFileNameDispatchR GET !free -- Disabled until preliminary check for valid cID exists
|
|
|
|
!/*WellKnownFileName WellKnownR GET !free
|