source: TI01-discovery/trunk/OAIInfoEditor/policy.xml @ 5470

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI01-discovery/trunk/OAIInfoEditor/policy.xml@5470
Revision 5470, 2.3 KB checked in by cbyrom, 10 years ago (diff)

Update documentation, adding a section on how to set up the security
+ tidy up the codebase, moving configuration files to the top level
and deleting any app specific data + fix a few links to properly
include the admin parameter + fix an issue with the admin redirection.

Line 
1<?xml version="1.0" encoding="UTF-8"?>
2<Policy PolicyId="AuthZTest" xmlns="urn:ndg:security:authz:1.0:policy">
3    <Description>Restrict access for OAI Editor</Description>
4   
5    <Target>
6        <URIPattern>^\home.*((?!\.css|\.js|\.jpg|\.gif).)*$</URIPattern>
7    </Target>
8    <Target>
9        <URIPattern>^((?!\.css|\.js|\.jpg|\.gif).)*$</URIPattern>
10        <Attributes>
11            <Attribute>urn:badc:security:authz:1.0:attr:oai_editor:admin</Attribute>
12            <Attribute>urn:badc:security:authz:1.0:attr:oai_editor:bodc</Attribute>
13            <Attribute>urn:badc:security:authz:1.0:attr:oai_editor:badc</Attribute>
14        </Attributes>
15        <AttributeAuthority>
16            <uri>https://ndg3beta.badc.rl.ac.uk/AttributeAuthority</uri>
17        </AttributeAuthority>
18    </Target>
19    <!-- NB, admin users cannot access the bare 'home' url - they need to be redirected
20    to the '/home?admin=1' url - add everyone else to this target though -->
21    <Target>
22        <URIPattern>^/home$</URIPattern>
23        <Attributes>
24            <Attribute>urn:badc:security:authz:1.0:attr:oai_editor:bodc</Attribute>
25            <Attribute>urn:badc:security:authz:1.0:attr:oai_editor:badc</Attribute>
26        </Attributes>
27        <AttributeAuthority>
28            <uri>https://ndg3beta.badc.rl.ac.uk/AttributeAuthority</uri>
29        </AttributeAuthority>
30    </Target>
31    <Target>
32        <URIPattern>^/.*?admin=1$</URIPattern>
33        <Attributes>
34            <Attribute>urn:badc:security:authz:1.0:attr:oai_editor:admin</Attribute>
35        </Attributes>
36        <AttributeAuthority>
37            <uri>https://ndg3beta.badc.rl.ac.uk/AttributeAuthority</uri>
38        </AttributeAuthority>
39    </Target>
40    <Target>
41        <URIPattern>^/.*badc$</URIPattern>
42        <Attributes>
43            <Attribute>urn:badc:security:authz:1.0:attr:oai_editor:badc</Attribute>
44        </Attributes>
45        <AttributeAuthority>
46            <uri>https://ndg3beta.badc.rl.ac.uk/AttributeAuthority</uri>
47        </AttributeAuthority>
48    </Target>
49    <Target>
50        <URIPattern>^/.*bodc$</URIPattern>
51        <Attributes>
52            <Attribute>urn:badc:security:authz:1.0:attr:oai_editor:bodc</Attribute>
53        </Attributes>
54        <AttributeAuthority>
55            <uri>https://ndg3beta.badc.rl.ac.uk/AttributeAuthority</uri>
56        </AttributeAuthority>
57    </Target>
58</Policy>
Note: See TracBrowser for help on using the repository browser.