forked from MG-RAST/Shock
-
Notifications
You must be signed in to change notification settings - Fork 1
/
RELEASE_NOTES.txt
60 lines (45 loc) · 2.74 KB
/
RELEASE_NOTES.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
# v0.9.5
- Sort Shock query results by date by default (newest to oldest)
- Expanded querynode feature set (sort by field, query for field by range, query for field
not equal, query for field begins with/ends with)
- Added verbose option to node ACLs (expands uuid list in ACLs to user structs).
- Expanded admin permitted operations to include update and delele in addition to read.
- Made setting a file name for a node non-dependent on whether file has been set.
- Added to base resource call the list of permitted actions without auth (anonymous).
- Bug fix for copying subset nodes.
- Better formatting for configuration printed at startup.
- Modified node ACLs to explicitly include a "public" string in the ACL if
if that ACL is public. The previous behavior was to consider an ACL "public"
if that ACL was empty. This was restrictive in terms of managing ACLs.
Also, the "Public" field was removed from the node document because this
information will be solely managed by the ACLs.
Note: Shock has been updated to check for the version of the ACL and Node
schema in the mongo database at startup time. If either of these are found
to be outdated, the user will be prompted to run updates on both of these.
The permissions for specific Shock actions are listed below:
#####POST
* Permitted by: everyone
- /node create node
#####GET
* Permitted by: everyone
- / resource listing
- /wiki/ this documentation
* Permitted by: admin, node owner, users in read ACL, or everyone if node is publicly readable
- /node list nodes, query
- /node/<node_id> view node, download file (full or partial)
- /node/<node_id>/acl view node acls
- /node/<node_id>/acl/<type> view node acls of type <type>
#####PUT
* Permitted by: admin, node owner, users in write ACL, or everyone if node is publicly writable
- /node/<node_id> modify node (e.g. update attributes of existing node)
- /node/<node_id>/acl modify node acls
- /node/<node_id>/acl/<type> modify node acls of type <type>
- /node/<node_id>/index/<type> create node indexes
#####DELETE
* Permitted by: admin, node owner, users in delete ACL, or everyone if node is publicly deletable
- /node/<node_id> delete node
* Permitted by: admin, node owner, users in write ACL, or everyone if node is publicly writable
- /node/<node_id>/inde/<type> delete node index
* Permitted by: admin, node owner, users in write ACL, or everyone if node is publicly writable
- /node/<node_id>/acl/<type>?users=<user-ids_or_uuids> delete users from ACL
NOTE: Although a node may be designated as publicly readable, writable, or deletable, user authentication may still be required depending on the Shock server's configuration.