Search this site
Getting Started‎ > ‎

Capabilities

Contents

  1. 1 Capabilities in the Platform
  2. 2 Capability Definitions
    1. 2.1 Basic Search
    2. 2.2 Extended Search
    3. 2.3 Harvest
    4. 2.4 Versioned Update
    5. 2.5 Full Update
    6. 2.6 Configure Store

Capabilities in the Platform

Access to resources in the platform is controlled using capabilities. By default capabilities are assigned to roles which are identified by URIs. Every store has the following role defined by default:

  • Administrator (http://api.talis.com/stores/{storename}/roles/admin) - has all capabilities

There is a special pseudo role called "Everybody" which represents capabilities granted to all users regardless of any specific roles. Users are assigned roles and may have any number of roles. A user has the capabilities of all their assigned roles. For example if a "Power User" role for a store has the "Extended Search" and "Harvest" capabilities and an "Updater" role has the "Full Update" capability then a user with both roles will gain all three capabilities.

Users are defined by the platform level, roles are defined by the store.

By default all platform services are open to access by Everybody which means that no authentication is required. When a request is made to a service the store should check which roles have that capability. If the Everybody role does not have the capability then the service will respond to the request with an authentication challenge (or read authentication information if it was present in the original request)

User authentication information is used to determine the identity of the user. The store then looks up the roles for that user and determines if they have the appropriate capability. If so the request is actioned as usual. If not a 403 response is generated. Clients must authenticate using HTTP Digest Authentication.

Capability Definitions

A number of capabilities are defined for stores:

Basic Search

Discovery of data held in the contentbox and metabox.

For example:

  • GET on /items
  • GET and POST on /services/sparql
  • GET on /meta
  • GET on /services/facet
  • GET on /services/augment
  • GET on user settable configuration - QueryProfile & FieldPredicateMap URIs


Extended Search

Discovery of data held in user graphs

For example:

  • GET and POST on /services/multisparql
  • GET on /meta/graphs

Harvest

Access to original data in a sequential, exhaustive manner.

For example:

  • GET on /services/oai-pmh
  • GET on /snapshots

Versioned Update

Modifications of data in metabox with versioned changesets

For example:

  • POST to /meta/changesets
  • POST to /meta/graphs/<graph>/changesets

Full Update

Posting directly to metabox, posting to contentbox, deleting items from contentbox, reviewing and scheduling the execution of offline jobs

For example:

  • POST to /meta/graphs/<graph>
  • POST to /items
  • DELETE to /items/<item>
  • PUT to /items/<item>
  • GET on /jobs
  • GET on /jobs/<job>
  • POST to /jobs
  • DELETE on /jobs/<job>

Configure Store

Altering all aspects of store configuration

  • PUT to FieldPredicateMap
  • PUT to QueryProfile
Comments