From 4c20b99614e334c37572f7ad88539df03de09cc8 Mon Sep 17 00:00:00 2001 From: Johannes Nussbaum Date: Mon, 16 Oct 2023 14:36:41 +0200 Subject: [PATCH] try out infoboxes --- README.md | 34 ++++++++++++++++++++-------------- 1 file changed, 20 insertions(+), 14 deletions(-) diff --git a/README.md b/README.md index 0160b0e4..4eec77e5 100644 --- a/README.md +++ b/README.md @@ -50,11 +50,13 @@ A user group can have one or more of the following permissions: - `ProjectAdminGroupRestrictedPermission`: is allowed to modify group info and group membership on certain groups of the project - `ProjectAdminRightsAllPermission`: is allowed to change the permissions on all objects belonging to the project -📑 The example file [project_data/F18E/APs_original.json](project_data/F18E/APs_original.json) - -- grants to `knora-admin:ProjectAdmin` the rights to anything on project level, and to create resources of any class. -- grants to `knora-admin:ProjectMember` the rights to create resources of any class. - +> +> [!NOTE] +> The example file [project_data/F18E/APs_original.json](project_data/F18E/APs_original.json) +> +>- grants to `knora-admin:ProjectAdmin` the rights to anything on project level, and to create resources of any class. +>- grants to `knora-admin:ProjectMember` the rights to create resources of any class. +> ## OAPs: Object Access Permissions @@ -101,10 +103,13 @@ There are **built-in groups** and **project specific groups**: **Rights** are mapped to **user groups** using **permission strings** (represented as **scopes** in this repo). -📑 The example file -[project_data/F18E/OAPs_original/resource_XwwqVvWgSmuHRobQubg9uQ.json](project_data/F18E/OAPs_original/resource_XwwqVvWgSmuHRobQubg9uQ.json) -shows that the resource `http://rdfh.ch/0102/XwwqVvWgSmuHRobQubg9uQ` has the rights -`CR knora-admin:ProjectAdmin|D knora-admin:Creator|M knora-admin:ProjectMember|RV knora-admin:UnknownUser,knora-admin:KnownUser`. +> +> **Note** +> The example file +>[project_data/F18E/OAPs_original/resource_XwwqVvWgSmuHRobQubg9uQ.json](project_data/F18E/OAPs_original/resource_XwwqVvWgSmuHRobQubg9uQ.json) +> shows that the resource `http://rdfh.ch/0102/XwwqVvWgSmuHRobQubg9uQ` has the rights +> `CR knora-admin:ProjectAdmin|D knora-admin:Creator|M knora-admin:ProjectMember|RV knora-admin:UnknownUser,knora-admin:KnownUser`. +> ## DOAPs: Default Object Access Permissions @@ -117,11 +122,12 @@ DOAPs are always project-related, but more specifically, they are: - property-related: some properties are public, while other properties are restricted - or a combination of class/property-related -📑 The example file [project_data/F18E/DOAPs_original.json](project_data/F18E/DOAPs_original.json) -encodes the following information: - -- If a `ProjectAdmin` creates a resource, the resource gets the permissions `CR knora-admin:ProjectAdmin|D knora-admin:Creator,knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser`. -- If a `ProjectMember` creates a resource, the resource gets the same permissions. +> **Note** +> The example file [project_data/F18E/DOAPs_original.json](project_data/F18E/DOAPs_original.json) +> encodes the following information: +> +> - If a `ProjectAdmin` creates a resource, the resource gets the permissions `CR knora-admin:ProjectAdmin|D knora-admin:Creator,knora-admin:ProjectMember|V knora-admin:KnownUser,knora-admin:UnknownUser`. +> - If a `ProjectMember` creates a resource, the resource gets the same permissions. ### Precedence rule