annotator.authz package¶
-
annotator.authz.
acl
()¶ A module that configures and registers an instance of
annotator.identity.AclAuthzPolicy
.
-
class
annotator.authz.
AclAuthzPolicy
¶ An authorization policy that permits actions based on access control lists.
-
annotator.authz.AclAuthzPolicy.prototype.
permits
(action, context, identity)¶ Determines whether the user identified by identity is permitted to perform the specified action in the given context.
If the context has a “permissions” object property, then actions will be permitted if either of the following are true:
- permissions[action] is undefined or null,
- permissions[action] is an Array containing the authorized userid for the given identity.
If the context has no permissions associated with it then all actions will be permitted.
If the annotation has a “user” property, then actions will be permitted only if identity matches this “user” property.
If the annotation has neither a “permissions” property nor a “user” property, then all actions will be permitted.
Parameters: - action (String) – The action to perform.
- context – The permissions context for the authorization check.
- identity – The identity whose authorization is being checked.
Returns Boolean: Whether the action is permitted in this context for this identity.
Returns the authorized userid for the user identified by identity.