Google Git
Sign in
vanadium / release.js.core / a065d8af3287dd894d647ee67f27a2729edecafe / . / src / security / access / doc.js
blob: 931381360acea2e96c7c677ad861c7f5aa4660e9 [file] [log] [blame]
// Copyright 2015 The Vanadium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
/*
* A file for JSDocs for vdl generated files in security/access
*/
/**
* @summary AccessList represents a set of blessings that should be granted
* access.
* @name AccessList
* @constructor
* @property {array} in <p>An array of [BlessingPatterns]{@link
* module:vanadium.security.BlessingPatterns}/strings that denotes the set
* of blessings that should be granted access, unless blacklisted by notIn.</p>
* <p>For example:</p>
* <code>
* in: ['alice:family']
* </code><p>
* grants access to a principal that presents at least one of 'alice:family',
* 'alice:family:friend', 'alice:family:friend:spouse', etc.</p>
* @property {array} notIn <p>An array of strings that denotes the set of
* blessings (and their delegates) that have been explicitly blacklisted
* from the in set.
* <p>For example:</p>
* <code>
* in: ['alice:friend'], notIn: ['alice:friend:bob']
* </code><p>
* grants access to a principal that presents at least one of 'alice:friend',
* 'alice:friend:carol', etc, but NOT to a principal that presents
* 'alice:friend:bob or 'alice:friend:bob:spouse' etc.</p>
* @param {object} al The value to construct from.
* @param {array} al.in An array of [BlessingPatterns]{@link
* module:vanadium.security.BlessingPatterns}/strings that denotes the set
* of blessings that should be granted access, unless blacklisted by notIn.
* @param {array} al.notIn <p>An array of strings that denotes the set of
* blessings (and their delegates) that have been explicitly blacklisted
* from the in set.
* @memberof module:vanadium.security.access
*/
/*jshint ignore:start*/
/**
* @summary Permissions maps string tags to
* [AccessList]{@link module:vanadium.security.access.AccessList}
* specifying the blessings required to invoke methods with that tag.
* @description
* <p>These tags are meant to add a layer of interposition between the set of users
* (blessings, specifically) and the set of methods, much like "Roles" do in
* [Role Based Access Control]{@link (http://en.wikipedia.org/wiki/Role-based_access_control)}.
* @property {map} permissions An ES6 map of string tags to
* [AccessList]{@link module:vanadium.security.access.AccessList}.
* @name Permissions
* @constructor
* @param {map} permissions An ES6 Map of string tags to
* [AccessList]{@link module:vanadium.security.access.AccessList}.
* @memberof module:vanadium.security.access
*/
/*jshint ignore:end*/
/**
* @summary Tag is used to associate methods with an
* [AccessList]{@link module:vanadium.security.access.AccessList} in
* [Permissions]{@link module:vanadium.security.access.Permissions}.
* @name Tag
* @constructor
* @param {string} val The value of the tag.
* @memberof module:vanadium.security.access
*/
/**
* Used for operations that require privileged access for object
* administration.
* @name Admin
* @type module:vanadium.security.access.Tag
* @memberof module:vanadium.security.access
*/
/**
* Used for operations that return debugging information about the object.
* @name Debug
* @type module:vanadium.security.access.Tag
* @memberof module:vanadium.security.access
*/
/**
* Used for operations that do not mutate the state of the object.
* @name Read
* @type module:vanadium.security.access.Tag
* @memberof module:vanadium.security.access
*/
/**
* Used for operations that mutate the state of the object.
* @name Write
* @type module:vanadium.security.access.Tag
* @memberof module:vanadium.security.access
*/
/**
* Used for operations that involve namespace navigation.
* @name Resolve
* @type module:vanadium.security.access.Tag
* @memberof module:vanadium.security.access
*/
/**
* @summary Error that means the
* [AccessList]{@link module:vanadium.security.access.AccessList} is too big.
* @name TooBigError
* @memberof module:vanadium.security.access
* @constructor
* @param {module:vanadium.context.Context} ctx The context the error was
* created in.
* @param {...*} params A list of parameters to include in the error message.
* @augments module:vanadium.verror.VanadiumError
*/
/**
* @summary Error that means that no blessings matched patterns in the
* access list.
* @name AccessListMatchError
* @memberof module:vanadium.security.access
* @constructor
* @param {module:vanadium.context.Context} ctx The context the error was
* created in.
* @param {string[]} validBlessings A list of strings that represent valid
* blessings.
* @param {module:vanadium.security.RejectedBlessing[]} rejectedBlessings A
* list of blessings that are rejected.
* @param {...*} params A list of parameters to include in the error message.
* @augments module:vanadium.verror.VanadiumError
*/
/**
* @summary Error that means that no blessings have access to the specified
* access tag (e.g. No Read Access or No Admin Access).
* @name NoPermissionsError
* @memberof module:vanadium.security.access
* @constructor
* @param {module:vanadium.context.Context} ctx The context the error was
* created in.
* @param {string[]} validBlessings A list of strings that represent valid
* blessings.
* @param {module:vanadium.security.RejectedBlessing[]} rejectedBlessings A list
* of blessings that are rejected.
* @param {module:vanadium.security.access.Tag} tag Access tag.
* {@link module:vanadium.security.RejectedBlessings}.
* @param {...*} params A list of parameters to include in the error message.
* @augments module:vanadium.verror.VanadiumError
*/