Auth: Lister

The Auth: Lister Web service is used to:


 * Get the list of all the datasets accessible to a user
 * Get the list of all the datasets accessible to a group
 * Get the list of all groups where a given user is a member
 * Get the list of all groups that have access to a given dataset
 * Get the list of all groups

This Web service is used to list all the things that are registered / authenticated in a Web Service Framework network.

Developers communicate with the Authentication: Lister Web service using the HTTP GET method. You may request one of the following mime types: (1) text/xml, (2) application/rdf+xml, (3) application/rdf+n3 or (4) application/json. The content returned by the Web service will be serialized using the mime type requested and the data returned will depend on the parameters selected.

Version
This documentation page is used for the version 3 of this endpoint. Check at the top of this page to see the documentation pages for the other versions of this endpoint.

Usage
This Web service is intended to be used by content management systems, developers or administrators to manage access to WSF (Web Service Framework) resources (users, datasets, Web services endpoints).

Read more about how the OSF Web Services access permissions works by reading this page...

Web Service Endpoint Information
This section describes all you permissions you need in the WSF (Web Service Framework) to send a query to this Web service endpoint, and it describes how to access it.

To access this Web service endpoint you need the proper CRUD (Create, Read, Update and Delete) permissions on a specific graph (dataset) of the WSF. Without the proper permissions on this graph you won't be able to send any queries to the endpoint.

Needed registered CRUD permission:


 * Create: False
 * Read: True
 * Update: False
 * Delete: False

As shown on the graph URI:


 * http://[...]/wsf/

Here is the information needed to communicate with this Web service's endpoint. Descriptions of the parameters are included below.

Note: if a parameter has a default value, the requester can omit it and the default value will be used. Also, some baseline Web services may not offer other values than the default.

HTTP method:


 * GET

Possible "Accept:" HTTP header field value:


 * text/xml (structXML)
 * application/json (structJSON)
 * application/rdf+xml (RDF+XML)
 * application/rdf+n3 (N3/Turtle)
 * application/iron+json (irJSON)
 * application/iron+csv (commON)

URI:


 * http://[...]/ws/auth/lister/?mode=&dataset=&target_webservice=&group=&interface=&version=

URI dynamic parameters description:

Note: All parameters have to be URL-encoded

Note 2: The user URI is defined as part of the  HTTP header variable.


 * mode. One of:


 * "dataset (default)": List all datasets URI accessible by a user
 * "ws": List all Web services registered in a WSF
 * "groups": List all existing groups
 * "group_users": List all users that belongs to a group
 * "user_groups": List all groups URI for which the user is a member
 * "access_dataset": List all the group URIs and their CRUD permissions for a given dataset URI
 * "access_user": List all datasets URI and CRUD permissions accessible by a user based on its groups


 * dataset. URI referring to a target dataset. Needed when param1 = "access_dataset". Otherwise this parameter as to be omitted.
 * target_webservice. Determine on what web service URI(s) we should focus on for the listing of the access records. This parameter is used to improve the performance of the web service endpoint depending on the use case. If there are numerous datasets with a numerous number of access permissions defined for each of them, properly using this parameter can have a dramatic impact on the performances. This parameter should be used if the param1 = "access_dataset" or param1 = "access_user" This parameter can have any of these values:
 * "all" (default): all the web service endpoints URIs for each access records will be taken into account and returned to the user (may be more time consuming).
 * "none": no web service URI, for any access record, will be returned.
 * group. Target Group URI. Needed when param1 = "groups_users". Otherwise this parameter as to be omitted.
 * interface. Source interface used for this web service query. The interface is a different way to process a query (different algorithms, different data management system, etc. The default interface is 'default'
 * version. (default: 3.0) Version of the interface to query

Available Sources Interfaces
A source interface is a way to process a web service query. Different sources interfaces can be implemented for the same OSF Web Services web service endpoint. Each interface will process the query differently, but all the queries to the web service endpoint will be the same, at the exception of the  parameter. Each interface shares the same API (the one defined by the web service endpoint), but their processing may differ (like using different algorithms, using different data management systems, etc.)

This is a list of the core interfaces for this endpoint. Organizations that hosts a OSF Web Services network could create their own interface and make it available to the users. However such private source interface won't be part of this list, but should be publicized by the organization.

Example of Returned XML Document
This is an example of the XML document returned by this Web service endpoint for a given URI. This example returns a list of datasets accessible by a given user IP.

Query:


 * http://[...]/ws/auth/lister/?mode=access_user

"Accept:" HTTP header field value:


 * text/xml

Result:

Descriptions of the Types of XML Elements
Here are descriptions of the types of XML elements that might be returned from from this Web service. Please read the XML data structure documentation to understand how the data is structured within these XML documents.


 * wsf:WebService (subject/object). A Web service that is registered in the WSF (Web Service Framework)
 * void:Dataset (subject/object). A dataset registered/available in the WSF
 * wsf:Access (subject/object). An access perission for a user to a given dataset URI and related Web services endpoints.
 * rdf:Bag (subject/object). An unordered set of resources returned by the Web service
 * wsf:webServiceAccess (predicate). Links a wsf:Access to the Web service resouce identifier referenced in the Access description.
 * wsf:datasetAccess (predicate). Links a wsf:Access to the dataset resource identifier referenced in the Access description
 * wsf:registeredIP (predicate). Links a wsf:Access to the registered IP address that has access to the target dataset and the related Web services endpoints.
 * wsf:create (predicate). Specify the create CRUD access permission for the registered IP to the target dataset and accessible Web services endpoints.
 * wsf:read (predicate). Specify the read CRUD access permission for the registered IP to the target dataset and accessible Web services endpoints.
 * wsf:update (predicate). Specify the update CRUD access permission for the registered IP to the target dataset and accessible Web services endpoints.
 * wsf:delete (predicate). Specify the delete CRUD access permission for the registered IP to the target dataset and accessible Web services endpoints.
 * rdf:li (predicate). An item of a rdf:Bag that refers to a resource

Example of Returned RDF/XML Document
Here is an example of a RDF/XML document returned by this Web service endpoint for a given URI.

Query:


 * http://[...]/ws/auth/lister/?mode=access_user&registered_ip=24.200.138.116

"Accept:" HTTP header field value:


 * application/rdf+xml

Result:

Example of Returned RDF/N3 Document
Here is an example of a RDF/N3 document returned by this Web service endpoint for a given URI.

Query:


 * http://[...]/ws/auth/lister/?mode=access_user&registered_ip=24.200.138.116

"Accept:" HTTP header field value:


 * application/rdf+n3

Result:

HTTP Status Codes
Here are the possible HTTP status (error) codes returned by this Web service endpoint.

On error code and the specific error, a different message description can be issued (meaning a different error has been returned).