Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.

Add / Edit / Delete -> Resource


// spaces

 EditSpace -->api.Spaces.updateSpace(including updating name, description, External URL, yet this api is not used if you update a space from the web page, it uses controllers.Spaces.submit instead), updateUsers, removeUser, acceptRequest, rejectRequest (all these four are related to users/roles in the space).

 PublicSpace --> when enablePublic = true, used in controllers.Spaces.submit for updating space privacy level. However, this permission doesn't check enablePublic configuration.

 AddResourceToSpace --> add dataset/collection to space, api.Datasets.copyDatasetToSpace. this permission only check from the space side, Permission.checkOwner for dataset & collection is required within the APIs.

 EditStagingArea --> SEAD related permission. All Curation Object, curation Folder and curation file related APIs & controllers should check this permission

 // datasets
 ViewDataset --> api.Datasets.getTags??? ,getPreviews

 EditDataset -> api.Datasets.updateName, updateDescription. controller.Datasets.addFiles????

 PublicDataset --> api.Datasets.updateAccess

 AddResourceToDataset --> all folder related APIs & controllers.


 // collections
 EditCollection --> controller.Collections.previews??

 AddResourceToCollection --> add dataset & child collection

 // files
 AddFile --> api.Previews.upload, setTitle(why not CreatePreview)??

 EditFile --> api.Thumbnail.removeThumbnail

 CreatePreview, // Used by extractors --> api.Thumbnail.uploadThumbnail


 // sections
 DeleteSection, // FIXME: Unused right now
 EditSection, // FIXME: Unused right now

 // metadata
 AddMetadata --> getMetadataDefinitions in api.Datasets & api.Files

 EditMetadata, // FIXME: Unused right now

 // social annotation

READONLY in object Permission contains all permission available for Anonymous users.