cmr.opendap.auth.permissions

Permissions for CMR OPeNDAP are utilized in the application routes when it is necessary to limit access to resources based on the specific capabilities granted to a user.

Permissions are included in the route definition along with the route’s handler. For example: ``` [… [“my/route” { :get {:handler my-handlers/my-route :permissions #{:read}} :post …}] …]

cached-concept

(cached-concept system token user-id concept-id)

Look up the permissions for a concept in the cache; if there is a miss, make the actual call for the lookup.

cmr-acl->reitit-acl

(cmr-acl->reitit-acl cmr-acl)

Convert a CMR ACL to an ACL that can be matched against permissions in the reitit routing library’s data structure. There following conditions are handled:

return an empty set when a CMR ACL is nil-valued
return a reitit-ready ACL when a map (representing a CMR ACL) is given
return the CMR ACL as-is in all other cases.

concept

(concept base-url token user-id concept-id)

Query the CMR Access Control API to get the permissions the given token+user have for the given concept.

concept?

(concept? route-perms cache-lookup concept-id)

Check to see if the concept permissions of a given token+user match the required permissions for the route.

echo-concept-query

The query formatter used when making a concept permissions query to the CMR Access Control API.

permissions-key

(permissions-key token concept-id)

Generate a key to be used for caching permissions data.

reitit-acl-data

(reitit-acl-data concept-id annotation)

Construct permissions

route-annotation

(route-annotation request)

Extract any permissions annotated in the route associated with the given request.

route-concept-id

(route-concept-id request)

Given a request, return the concept id for which we are checking permissions.

Generated by Codox with the NASA EOSDIS theme

CMR OPeNDAP 1.0.0-SNAPSHOT

Project

Topics

Namespaces

Public Vars