Operation Access Modes

Dydra recognizes the following operations in access control lists (ACLs).

  • acl:Read
  • acl:Write
  • acl:Control
  • acl:Execute

The meaning depends on whether the target entity as an account, repository, or view.

acl:Read

Read access permits the agent to execute an request which reads data from the repository.

acl:Write

Write accss permits the agent to execute an request which writes data to the repository.

acl:Control

Control acces permits the agent to execute a request which modifies the entity properties.

acl:Execute

With respect to an account, execute access governs whether an agent gains the permissions of the ACL of the account, which is not that of the authenticated account of the request session. With respect to a repository, governs whether a query which targets the repository may include federation clauses. With respect to a view, governs whether a session is permitted to execute the view.

The implicit ACL for an authenticate agent includes

<urn:dydra:requestContent> acl:Execute true

Table Of Contents

Previous topic

Entity Identification

Next topic

Access Control Graphs