Code
/
islandora
7
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
Browse Source

Added two more policies, not necessarily required for all users. 

They both allow access to API-M functions to everyone including
anonymous users.
pull/249/head
Nigel Banks 12 years ago
parent
e5ae847022
commit
3015117fbb
2 changed files with 50 additions and 0 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 25
      policies/permit-getDatastream-unrestricted.xml
  2. 25
      policies/permit-getDatastreamHistory-unrestricted.xml

25
policies/permit-getDatastream-unrestricted.xml
Unescape View File

@ -0,0 +1,25 @@
<?xml version="1.0" encoding="UTF-8"?>
<Policy xmlns="urn:oasis:names:tc:xacml:1.0:policy"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
PolicyId="permit-getDatastreamHistory-to-authenticated"
RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:first-applicable">
<Description>Note that other policies may provide exceptions to this broad policy. This policy assumes api-m users have to be authenticated</Description>
<Target>
<Subjects>
<AnySubject/>
</Subjects>
<Resources>
<AnyResource/>
</Resources>
<Actions>
<Action>
<ActionMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">urn:fedora:names:fedora:2.1:action:id-getDatastream</AttributeValue>
<ActionAttributeDesignator DataType="http://www.w3.org/2001/XMLSchema#string"
AttributeId="urn:fedora:names:fedora:2.1:action:id"/>
</ActionMatch>
</Action>
</Actions>
</Target>
<Rule RuleId="1" Effect="Permit"/>
</Policy>

25
policies/permit-getDatastreamHistory-unrestricted.xml
Unescape View File

@ -0,0 +1,25 @@
<?xml version="1.0" encoding="UTF-8"?>
<Policy xmlns="urn:oasis:names:tc:xacml:1.0:policy"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
PolicyId="permit-getDatastreamHistory-to-authenticated"
RuleCombiningAlgId="urn:oasis:names:tc:xacml:1.0:rule-combining-algorithm:first-applicable">
<Description>Note that other policies may provide exceptions to this broad policy. This policy assumes api-m users have to be authenticated</Description>
<Target>
<Subjects>
<AnySubject/>
</Subjects>
<Resources>
<AnyResource/>
</Resources>
<Actions>
<Action>
<ActionMatch MatchId="urn:oasis:names:tc:xacml:1.0:function:string-equal">
<AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">urn:fedora:names:fedora:2.1:action:id-getDatastreamHistory</AttributeValue>
<ActionAttributeDesignator DataType="http://www.w3.org/2001/XMLSchema#string"
AttributeId="urn:fedora:names:fedora:2.1:action:id"/>
</ActionMatch>
</Action>
</Actions>
</Target>
<Rule RuleId="1" Effect="Permit"/>
</Policy>
Write Preview
Loading…
Cancel
Save