Auth: Lister

From OSF Wiki
Jump to: navigation, search
Auth: Lister endpoint version:
1.1
2
3

The Auth: Lister Web service is used to list all the things that may be registered or authenticated in an OSF Web Service network. Specifically, it is used to:

  • Get the list of all the datasets accessible to a user
  • Get the list of all the datasets accessible to a group
  • Get the list of all groups where a given user is a member
  • Get the list of all groups that have access to a given dataset
  • Get the list of all groups.

Developers communicate with the Authentication: Lister Web service using the HTTP GET method. You may request one of the following mime types: (1) text/xml, (2) application/rdf+xml, (3) application/rdf+n3 or (4) application/json. The content returned by the Web service is serialized using the mime type requested and the data returned depends on the parameters selected.


Version

This documentation page is used for the version 3 of this endpoint. Check at the top of this page to see the documentation pages for the other versions of this endpoint.

Usage

This Web service is intended to be used by content management systems, developers or administrators to manage access to WSF (Web Service Framework) resources (users, datasets, Web services endpoints).

Read more about how the OSF Web Services access permissions works by reading this page...

Web Service Endpoint Information

This section describes all you permissions you need in the WSF (Web Service Framework) to send a query to this Web service endpoint, and it describes how to access it.

To access this Web service endpoint you need the proper CRUD (Create, Read, Update and Delete) permissions on a specific graph (dataset) of the WSF. Without the proper permissions on this graph you won't be able to send any queries to the endpoint.

Needed registered CRUD permission:
  • Create: False
  • Read: True
  • Update: False
  • Delete: False

As shown on the graph URI:

  • http://[...]/wsf/

Here is the information needed to communicate with this Web service's endpoint. Descriptions of the parameters are included below.

Note: if a parameter has a default value, the requester can omit it and the default value will be used. Also, some baseline Web services may not offer other values than the default.

HTTP method:

  • GET

Possible "Accept:" HTTP header field value:

  • text/xml (structXML)
  • application/json (structJSON)
  • application/rdf+xml (RDF+XML)
  • application/rdf+n3 (N3/Turtle)
  • application/iron+json (irJSON)
  • application/iron+csv (commON)

URI:

  • http://[...]/ws/auth/lister/?mode=&dataset=&target_webservice=&group=&interface=&version=

URI dynamic parameters description:

Note: All parameters have to be URL-encoded

Note 2: The user URI is defined as part of the OSF-USER-URI HTTP header variable.

  • mode. One of:
    • "dataset (default)": List all datasets URI accessible by a user
    • "ws": List all Web services registered in a WSF
    • "groups": List all existing groups
    • "group_users": List all users that belongs to a group
    • "user_groups": List all groups URI for which the user is a member
    • "access_dataset": List all the group URIs and their CRUD permissions for a given dataset URI
    • "access_user": List all datasets URI and CRUD permissions accessible by a user based on its groups
  • dataset. URI referring to a target dataset. Needed when param1 = "access_dataset". Otherwise this parameter as to be omitted.
  • target_webservice. Determine on what web service URI(s) we should focus on for the listing of the access records. This parameter is used to improve the performance of the web service endpoint depending on the use case. If there are numerous datasets with a numerous number of access permissions defined for each of them, properly using this parameter can have a dramatic impact on the performances. This parameter should be used if the param1 = "access_dataset" or param1 = "access_user" This parameter can have any of these values:
    • "all" (default): all the web service endpoints URIs for each access records will be taken into account and returned to the user (may be more time consuming).
    • "none": no web service URI, for any access record, will be returned.
  • group. Target Group URI. Needed when param1 = "groups_users". Otherwise this parameter as to be omitted.
  • interface. Source interface used for this web service query. The interface is a different way to process a query (different algorithms, different data management system, etc. The default interface is 'default'
  • version. (default: 3.0) Version of the interface to query

Available Sources Interfaces

A source interface is a way to process a web service query. Different sources interfaces can be implemented for the same OSF Web Services web service endpoint. Each interface will process the query differently, but all the queries to the web service endpoint will be the same, at the exception of the interface parameter. Each interface shares the same API (the one defined by the web service endpoint), but their processing may differ (like using different algorithms, using different data management systems, etc.)

This is a list of the core interfaces for this endpoint. Organizations that hosts a OSF Web Services network could create their own interface and make it available to the users. However such private source interface won't be part of this list, but should be publicized by the organization.


Source Interface Name Description
default Default source interface for this OSF Web Services web service endpoint. This interface implements the default behavior of this OSF Web Services endpoint.


Example of Returned XML Document

This is an example of the XML document returned by this Web service endpoint for a given URI. This example returns a list of datasets accessible by a given user IP.

Query:
  • http://[...]/ws/auth/lister/?mode=access_user

"Accept:" HTTP header field value:

  • text/xml

Result:

  1. <?xml version="1.0" encoding="utf-8"?>
  2. <!DOCTYPE resultset PUBLIC "-//Structured Dynamics LLC//Auth Lister DTD 0.1//EN" "http://bknetwork.org:8890/ws/dtd/auth/authLister.dtd">
  3. <resultset>
  4.    <prefix entity="wsf" uri="http://purl.org/ontology/wsf#"/>
  5.    <prefix entity="void" uri="http://rdfs.org/ns/void#"/>
  6.    <prefix entity="rdf" uri="http://www.w3.org/1999/02/22-rdf-syntax-ns#"/>
  7.    <subject type="wsf:Access" uri="http://[...]/wsf/access/c27f782dfd9ede1cc8a68bd5aa63e7ea">
  8.       <predicate type="wsf:datasetAccess">
  9.          <object type="void:Dataset" uri="http://[...]/drupal/core/"/>
  10.       </predicate>
  11.       <predicate type="wsf:create">
  12.          <object type="rdfs:Literal">True</object>
  13.       </predicate>
  14.       <predicate type="wsf:read">
  15.          <object type="rdfs:Literal">True</object>
  16.       </predicate>
  17.       <predicate type="wsf:update">
  18.          <object type="rdfs:Literal">True</object>
  19.       </predicate>
  20.       <predicate type="wsf:delete">
  21.          <object type="rdfs:Literal">True</object>
  22.       </predicate>
  23.       <predicate type="wsf:webServiceAccess">
  24.          <object type="wsf:WebService" uri="http://[...]/wsf/ws/auth/lister/"/>
  25.       </predicate>
  26.       <predicate type="wsf:webServiceAccess">
  27.          <object type="wsf:WebService" uri="http://[...]/wsf/ws/dataset/update/"/>
  28.       </predicate>
  29.          [...]
  30.    </subject>
  31.       [...]'''
  32. </resultset>

DTD of the XML Document

  1. <!ELEMENT resultset (subject)+ (prefix)* >
  2. <!ELEMENT prefix EMPTY>
  3. <!ATTLIST prefix entity CDATA #IMPLIED>
  4. <!ATTLIST prefix uri CDATA #IMPLIED>
  5. <!ELEMENT subject (predicate)*>
  6. <!ATTLIST subject type (wsf:WebService | void:Dataset | rdf:Bag | wsf:Access )  "void:Dataset">
  7. <!ATTLIST subject uri CDATA #IMPLIED>
  8. <!ELEMENT predicate (object)>
  9. <!ATTLIST predicate type (wsf:webServiceAccess | wsf:delete | wsf:update | wsf:read | wsf:create | wsf:datasetAccess | wsf:registeredIP | rdf:li )"wsf:datasetAccess">
  10. <!ELEMENT object EMPTY>
  11. <!ATTLIST object type (wsf:WebService | void:Dataset | rdfs:Literal) "void:Dataset">
  12. <!ATTLIST object uri CDATA #IMPLIED>
  13. <!ATTLIST object label CDATA #IMPLIED>

Descriptions of the Types of XML Elements

Here are descriptions of the types of XML elements that might be returned from from this Web service. Please read the XML data structure documentation to understand how the data is structured within these XML documents.

  • wsf:WebService (subject/object). A Web service that is registered in the WSF (Web Service Framework)
  • void:Dataset (subject/object). A dataset registered/available in the WSF
  • wsf:Access (subject/object). An access perission for a user to a given dataset URI and related Web services endpoints.
  • rdf:Bag (subject/object). An unordered set of resources returned by the Web service
  • wsf:webServiceAccess (predicate). Links a wsf:Access to the Web service resouce identifier referenced in the Access description.
  • wsf:datasetAccess (predicate). Links a wsf:Access to the dataset resource identifier referenced in the Access description
  • wsf:registeredIP (predicate). Links a wsf:Access to the registered IP address that has access to the target dataset and the related Web services endpoints.
  • wsf:create (predicate). Specify the create CRUD access permission for the registered IP to the target dataset and accessible Web services endpoints.
  • wsf:read (predicate). Specify the read CRUD access permission for the registered IP to the target dataset and accessible Web services endpoints.
  • wsf:update (predicate). Specify the update CRUD access permission for the registered IP to the target dataset and accessible Web services endpoints.
  • wsf:delete (predicate). Specify the delete CRUD access permission for the registered IP to the target dataset and accessible Web services endpoints.
  • rdf:li (predicate). An item of a rdf:Bag that refers to a resource

Example of Returned RDF/XML Document

Here is an example of a RDF/XML document returned by this Web service endpoint for a given URI.

Query:
  • http://[...]/ws/auth/lister/?mode=access_user&registered_ip=24.200.138.116

"Accept:" HTTP header field value:

  • application/rdf+xml

Result:

  1. <?xml version="1.0"?>
  2. <rdf:RDF xmlns:bibo="http://purl.org/ontology/bibo/" xmlns:void= "http://rdfs.org/ns/void#" xmlns:wsf="http://purl.org/ontology/wsf#" xmlns:owl="http://www.w3.org/2002/07/owl#" xmlns:xsd= "http://www.w3.org/2001/XMLSchema#" xmlns:rdfs= "http://www.w3.org/2000/01/rdf-schema#" xmlns:rdf= "http://www.w3.org/1999/02/22-rdf-syntax-ns#">
  3.    <wsf:Access rdf:about="http://[...]/wsf/access/c27f782dfd9ede1cc8a68bd5aa63e7ea">
  4.       <wsf:datasetAccess rdf:resource="http://[...]/drupal/core/" />
  5.       <wsf:create>True</wsf:create>
  6.       <wsf:read>True</wsf:read>
  7.       <wsf:update>True</wsf:update>
  8.       <wsf:delete>True</wsf:delete>
  9.       <wsf:webServiceAccess rdf:resource="http://[...]/wsf/ws/auth/lister/" />
  10.       <wsf:webServiceAccess rdf:resource="http://[...]/wsf/ws/dataset/update/" />
  11.       <wsf:webServiceAccess rdf:resource="http://[...]/wsf/ws/dataset/create/" />
  12.       <wsf:webServiceAccess rdf:resource="http://[...]/wsf/ws/crud/update/" />
  13.       <wsf:webServiceAccess rdf:resource="http://[...]/wsf/ws/dataset/read/" />
  14.       <wsf:webServiceAccess rdf:resource="http://[...]/wsf/ws/crud/delete/" />
  15.    </wsf:Access>
  16. </rdf:RDF>

Example of Returned RDF/N3 Document

Here is an example of a RDF/N3 document returned by this Web service endpoint for a given URI.

Query:
  • http://[...]/ws/auth/lister/?mode=access_user&registered_ip=24.200.138.116

"Accept:" HTTP header field value:

  • application/rdf+n3

Result:

  1. @prefix rdf: <http://www.w3.org/1999/02/22-rdf-syntax-ns#> .
  2. @prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> .
  3. @prefix owl: <http://www.w3.org/2002/07/owl#> .
  4. @prefix void: <http://rdfs.org/ns/void#> .
  5. @prefix wsf: <http://purl.org/ontology/wsf#> .
  6. <http://[...]/wsf/access/c27f782dfd9ede1cc8a68bd5aa63e7ea> a wsf:Access ;
  7. wsf:datasetAccess <http://[...]/drupal/core/> ;
  8. wsf:create "True" ;
  9. wsf:read "True" ;
  10. wsf:update "True" ;
  11. wsf:delete "True" ;
  12. wsf:webServiceAccess <http://[...]/wsf/ws/auth/lister/> ;
  13. wsf:webServiceAccess <http://[...]/wsf/ws/dataset/update/> ;
  14. wsf:webServiceAccess <http://[...]/wsf/ws/dataset/create/> ;
  15. wsf:webServiceAccess <http://[...]/wsf/ws/crud/update/> ;
  16. wsf:webServiceAccess <http://[...]/wsf/ws/dataset/read/> ;
  17. wsf:webServiceAccess <http://[...]/wsf/ws/crud/delete/> .

HTTP Status Codes

Here are the possible HTTP status (error) codes returned by this Web service endpoint.

On error code and the specific error, a different message description can be issued (meaning a different error has been returned).


HTTP 200

Message Description
OK


HTTP 400

ID Level Name Description
WS-AUTH-LISTER-200 Warning Unknown Listing Mode The mode you specified for the 'mode' parameter is unknown. Please check the documentation of this web service endpoint for more information
WS-AUTH-LISTER-201 Warning No Target Dataset URI No target dataset URI defined for this request. A target dataset URI is needed for the mode 'ws' and 'dataset'
WS-AUTH-LISTER-202 Warning No Target Group URI No target group URI defined for this request. A target group URI is needed for the mode 'group_users'
WS-AUTH-LISTER-300 Fatal Can't get the list of datasets An error occured when we tried to get the list of datasets available to the user
WS-AUTH-LISTER-301 Fatal Can't get the list of web services An error occured when we tried to get the list of web services endpoints registered to this web service network
WS-AUTH-LISTER-302 Fatal Can't get the list of accesses for that dataset An error occured when we tried to get the list of accesses defined for this dataset
WS-AUTH-LISTER-303 Fatal Can't get the list of accesses an datasets available to that user An error occured when we tried to get the list of accesses and datasets accessible to that user
WS-AUTH-LISTER-304 Fatal Can't get access information for this web service An error occured when we tried to get the information for the access to that web service.
WS-AUTH-LISTER-305 Fatal Requested source interface not existing The source interface you requested is not existing for this web service endpoint.
WS-AUTH-LISTER-306 Fatal Requested incompatible Source Interface version The version of the source interface you requested is not compatible with the version of the source interface currently hosted on the system. Please make sure that your tool get upgraded for using this current version of the endpoint.
WS-AUTH-LISTER-307 Fatal Source Interface's version not compatible with the web service endpoint's The version of the source interface you requested is not compatible with the one of the web service endpoint. Please contact the system administrator such that he updates the source interface to make it compatible with the new endpoint version.

HTTP 403

ID Level Name Description
WS-AUTH-VALIDATION-100 Fatal Unauthorized Request Your request cannot be authorized for this web service call
WS-AUTH-VALIDATION-101 Fatal Unauthorized Request Your request cannot be authorized for this web service call
WS-AUTH-VALIDATION-102 Fatal Couldn't authorize request An internal error occured when we tried to authorize this request
WS-AUTH-VALIDATION-103 Fatal Unauthorized Request Your request cannot be authorized for this user: "---", on this dataset: "---", using this web service endpoint: "---"


HTTP 406

Message Description
Not Acceptable Unacceptable mime type requested


HTTP 500

Message Description
Internal Error