Operation Access Modes

Dydra recognizes the following operations in access control lists (ACLs).

  • acl:Read

  • acl:Write

  • acl:Control

  • acl:Execute

The meaning depends on whether the target entity as an account, repository, or view.


Read access permits the agent to execute an request which reads data from the repository.


Write accss permits the agent to execute an request which writes data to the repository.


Control acces permits the agent to execute a request which modifies the entity properties.


With respect to an account, execute access governs whether an agent gains the permissions of the ACL of the account, which is not that of the authenticated account of the request session. With respect to a repository, governs whether a query which targets the repository may include federation clauses. With respect to a view, governs whether a session is permitted to execute the view.

The implicit ACL for an authenticate agent includes

<urn:dydra:requestContent> acl:Execute true