€cdocutils.nodes
document
q)q}q(U	nametypesq}q(X   representing access rulesqNX#   supporting access control in searchqNX   observationsqNuUsubstitution_defsq	}q
Uparse_messagesq]qUcurrent_sourceqNU
decorationqNUautofootnote_startqKUnameidsq}q(hUrepresenting-access-rulesqhU#supporting-access-control-in-searchqhUobservationsquUchildrenq]qcdocutils.nodes
section
q)q}q(U	rawsourceqU UparentqhUsourceqXg   /var/lib/jenkins/jobs/API_Documentation_trunk/workspace/api-documentation/source/design/search_auth.txtqUtagnameqUsectionqU
attributesq }q!(Udupnamesq"]Uclassesq#]Ubackrefsq$]Uidsq%]q&haUnamesq']q(hauUlineq)KUdocumentq*hh]q+(cdocutils.nodes
title
q,)q-}q.(hX#   Supporting Access Control in Searchq/hhhhhUtitleq0h }q1(h"]h#]h$]h%]h']uh)Kh*hh]q2cdocutils.nodes
Text
q3X#   Supporting Access Control in Searchq4…q5}q6(hh/hh-ubaubcdocutils.nodes
field_list
q7)q8}q9(hU hhhhhU
field_listq:h }q;(h"]h#]h$]h%]h']uh)Kh*hh]q<cdocutils.nodes
field
q=)q>}q?(hU hh8hhhUfieldq@h }qA(h"]h#]h$]h%]h']uh)Kh*hh]qB(cdocutils.nodes
field_name
qC)qD}qE(hX   StatusqFhh>hhhU
field_nameqGh }qH(h"]h#]h$]h%]h']uh)K h]qIh3X   StatusqJ…qK}qL(hhFhhDubaubcdocutils.nodes
field_body
qM)qN}qO(hX   DRAFT
h }qP(h"]h#]h$]h%]h']uhh>h]qQcdocutils.nodes
paragraph
qR)qS}qT(hX   DRAFTqUhhNhhhU	paragraphqVh }qW(h"]h#]h$]h%]h']uh)Kh]qXh3X   DRAFTqY…qZ}q[(hhUhhSubaubahU
field_bodyq\ubeubaubhR)q]}q^(hXz  There is a requirement that search results contain only information for which the user has permission to read, which requires that access permissions for each item in the search results is examined. Search operations are high demand operations on Coordinating Nodes and will be targeted by a large number of clients. As such, efficiency of access control evaluation is critical.q_hhhhhhVh }q`(h"]h#]h$]h%]h']uh)Kh*hh]qah3Xz  There is a requirement that search results contain only information for which the user has permission to read, which requires that access permissions for each item in the search results is examined. Search operations are high demand operations on Coordinating Nodes and will be targeted by a large number of clients. As such, efficiency of access control evaluation is critical.qb…qc}qd(hh_hh]ubaubhR)qe}qf(hX`   This document outlines an approach using the Lucene based SOLR index to provide such capability.qghhhhhhVh }qh(h"]h#]h$]h%]h']uh)Kh*hh]qih3X`   This document outlines an approach using the Lucene based SOLR index to provide such capability.qj…qk}ql(hhghheubaubh)qm}qn(hU hhhhhhh }qo(h"]h#]h$]h%]qphah']qqhauh)Kh*hh]qr(h,)qs}qt(hX   Representing Access Rulesquhhmhhhh0h }qv(h"]h#]h$]h%]h']uh)Kh*hh]qwh3X   Representing Access Rulesqx…qy}qz(hhuhhsubaubcdocutils.nodes
literal_block
q{)q|}q}(hX2   record = [PID, isPublic, readGroups, readSubjects]hhmhhhUliteral_blockq~h }q(U	xml:spaceq€Upreserveqh%]h$]h"]h#]h']uh)Kh*hh]q‚h3X2   record = [PID, isPublic, readGroups, readSubjects]qƒ…q„}q…(hU hh|ubaubh7)q†}q‡(hU hhmhhhh:h }qˆ(h"]h#]h$]h%]h']uh)Kh*hh]q‰(h=)qŠ}q‹(hU hh†hhhh@h }qŒ(h"]h#]h$]h%]h']uh)Kh*hh]q(hC)qŽ}q(hX   PIDqhhŠhhhhGh }q‘(h"]h#]h$]h%]h']uh)K h]q’h3X   PIDq“…q”}q•(hhhhŽubaubhM)q–}q—(hX   identifier of object
h }q˜(h"]h#]h$]h%]h']uhhŠh]q™hR)qš}q›(hX   identifier of objectqœhh–hhhhVh }q(h"]h#]h$]h%]h']uh)Kh]qžh3X   identifier of objectqŸ…q }q¡(hhœhhšubaubahh\ubeubh=)q¢}q£(hU hh†hhhh@h }q¤(h"]h#]h$]h%]h']uh)Kh*hh]q¥(hC)q¦}q§(hX   isPublicq¨hh¢hhhhGh }q©(h"]h#]h$]h%]h']uh)K h]qªh3X   isPublicq«…q¬}q­(hh¨hh¦ubaubhM)q®}q¯(hX@   boolean set true if the object is accessible by the public user
h }q°(h"]h#]h$]h%]h']uhh¢h]q±hR)q²}q³(hX?   boolean set true if the object is accessible by the public userq´hh®hhhhVh }qµ(h"]h#]h$]h%]h']uh)Kh]q¶h3X?   boolean set true if the object is accessible by the public userq·…q¸}q¹(hh´hh²ubaubahh\ubeubh=)qº}q»(hU hh†hhhh@h }q¼(h"]h#]h$]h%]h']uh)Kh*hh]q½(hC)q¾}q¿(hX
   readGroupsqÀhhºhhhhGh }qÁ(h"]h#]h$]h%]h']uh)K h]qÂh3X
   readGroupsqÃ…qÄ}qÅ(hhÀhh¾ubaubhM)qÆ}qÇ(hXX   a multi-valued field that contains a list of groups that have read access on the object
h }qÈ(h"]h#]h$]h%]h']uhhºh]qÉhR)qÊ}qË(hXW   a multi-valued field that contains a list of groups that have read access on the objectqÌhhÆhhhhVh }qÍ(h"]h#]h$]h%]h']uh)Kh]qÎh3XW   a multi-valued field that contains a list of groups that have read access on the objectqÏ…qÐ}qÑ(hhÌhhÊubaubahh\ubeubh=)qÒ}qÓ(hU hh†hhhh@h }qÔ(h"]h#]h$]h%]h']uh)Kh*hh]qÕ(hC)qÖ}q×(hX   readSubjectsqØhhÒhhhhGh }qÙ(h"]h#]h$]h%]h']uh)K h]qÚh3X   readSubjectsqÛ…qÜ}qÝ(hhØhhÖubaubhM)qÞ}qß(hX[   a multi-valued field that contains a list of subjects that have read access on the object

h }qà(h"]h#]h$]h%]h']uhhÒh]qáhR)qâ}qã(hXY   a multi-valued field that contains a list of subjects that have read access on the objectqähhÞhhhhVh }qå(h"]h#]h$]h%]h']uh)Kh]qæh3XY   a multi-valued field that contains a list of subjects that have read access on the objectqç…qè}qé(hhähhâubaubahh\ubeubeubhR)qê}që(hX·   A python function that would generate a suitable query for retrieving a list of PIDs for which a user has *read* access may be (note that subject strings need to be properly escaped):qìhhmhhhhVh }qí(h"]h#]h$]h%]h']uh)Kh*hh]qî(h3Xj   A python function that would generate a suitable query for retrieving a list of PIDs for which a user has qï…qð}qñ(hXj   A python function that would generate a suitable query for retrieving a list of PIDs for which a user has hhêubcdocutils.nodes
emphasis
qò)qó}qô(hX   *read*h }qõ(h"]h#]h$]h%]h']uhhêh]qöh3X   readq÷…qø}qù(hU hhóubahUemphasisqúubh3XG    access may be (note that subject strings need to be properly escaped):qû…qü}qý(hXG    access may be (note that subject strings need to be properly escaped):hhêubeubh{)qþ}qÿ(hXë  def canReadQuery(subject):
  #return list of public objects
  if CN.isPublic(subject):
    return "isPublic:true"

  #public OR readable by group
  if CN.isGroup(subject):
    return "isPublic:true || readGroups: %s" % subject

  #list of public objects, OR objects readable by groups subject belongs to
  # OR explicitly readable by subject
  groups = CN.getSubjectGroups(subject)
  gq = "readGroups:(%s)" % " ".join(groups)
  return "isPublic:true || readSubjects:%s || %s" % (subject, gq)hhmhhhh~h }r   (h€hh%]h$]h"]h#]h']uh)K h*hh]r  h3Xë  def canReadQuery(subject):
  #return list of public objects
  if CN.isPublic(subject):
    return "isPublic:true"

  #public OR readable by group
  if CN.isGroup(subject):
    return "isPublic:true || readGroups: %s" % subject

  #list of public objects, OR objects readable by groups subject belongs to
  # OR explicitly readable by subject
  groups = CN.getSubjectGroups(subject)
  gq = "readGroups:(%s)" % " ".join(groups)
  return "isPublic:true || readSubjects:%s || %s" % (subject, gq)r  …r  }r  (hU hhþubaubhR)r  }r  (hXÖ   Subjects are represented in DataONE as lengthy strings. There may be some performance improvements gained by mapping the subject strings to integers and using this representation internally within the Lucene index.r  hhmhhhhVh }r  (h"]h#]h$]h%]h']uh)K0h*hh]r	  h3XÖ   Subjects are represented in DataONE as lengthy strings. There may be some performance improvements gained by mapping the subject strings to integers and using this representation internally within the Lucene index.r
  …r  }r  (hj  hj  ubaubhR)r  }r  (hXÏ   Keeping this index in a separate shard would enable it's maintenance and use independently of other indexes that may be used to support search against other properties of System Metadata or Science Metadata.r  hhmhhhhVh }r  (h"]h#]h$]h%]h']uh)K2h*hh]r  h3XÏ   Keeping this index in a separate shard would enable it's maintenance and use independently of other indexes that may be used to support search against other properties of System Metadata or Science Metadata.r  …r  }r  (hj  hj  ubaubhR)r  }r  (hX   Similar indexes can be generated for write, change, and execute permissions, though these are not needed for search operations.r  hhmhhhhVh }r  (h"]h#]h$]h%]h']uh)K4h*hh]r  h3X   Similar indexes can be generated for write, change, and execute permissions, though these are not needed for search operations.r  …r  }r  (hj  hj  ubaubhR)r  }r  (hX   Draft SOLR schema fragment:r  hhmhhhhVh }r   (h"]h#]h$]h%]h']uh)K6h*hh]r!  h3X   Draft SOLR schema fragment:r"  …r#  }r$  (hj  hj  ubaubh{)r%  }r&  (hX}  <field name="pid" type="string" indexed="true" stored="true" required="true" multiValued="false" />
<field name="isPublic" type="boolean" indexed="true" stored="false" />
<field name="readGroups" type="string" indexed="true" stored="false" multiValued="true" />
<field name="readSubjects" type="string" indexed="true" stored="false" multiValued="true" />
<uniqueKey>pid</uniqueKey>hhmhhhh~h }r'  (Ulinenosr(  ‰Ulanguager)  X   xmlh€hh%]h$]h"]Uhighlight_argsr*  }h#]h']uh)K8h*hh]r+  h3X}  <field name="pid" type="string" indexed="true" stored="true" required="true" multiValued="false" />
<field name="isPublic" type="boolean" indexed="true" stored="false" />
<field name="readGroups" type="string" indexed="true" stored="false" multiValued="true" />
<field name="readSubjects" type="string" indexed="true" stored="false" multiValued="true" />
<uniqueKey>pid</uniqueKey>r,  …r-  }r.  (hU hj%  ubaubeubh)r/  }r0  (hU hhhhhhh }r1  (h"]h#]h$]h%]r2  hah']r3  hauh)KBh*hh]r4  (h,)r5  }r6  (hX   Observationsr7  hj/  hhhh0h }r8  (h"]h#]h$]h%]h']uh)KBh*hh]r9  h3X   Observationsr:  …r;  }r<  (hj7  hj5  ubaubhR)r=  }r>  (hX  A subject may participate in a potentially large number of groups which would result in a lengthy query string. The alternative would be to decompose groups with read access into a list of subjects, and just have a single list of subjects for each PID. This list could become very large.r?  hj/  hhhhVh }r@  (h"]h#]h$]h%]h']uh)KDh*hh]rA  h3X  A subject may participate in a potentially large number of groups which would result in a lengthy query string. The alternative would be to decompose groups with read access into a list of subjects, and just have a single list of subjects for each PID. This list could become very large.rB  …rC  }rD  (hj?  hj=  ubaubhR)rE  }rF  (hXÎ   An index may be replicated across multiple locations to ensure the access control index is sufficiently responsive. A load balancer such as HAProxy can then be used to direct requests to different replicas.rG  hj/  hhhhVh }rH  (h"]h#]h$]h%]h']uh)KFh*hh]rI  h3XÎ   An index may be replicated across multiple locations to ensure the access control index is sufficiently responsive. A load balancer such as HAProxy can then be used to direct requests to different replicas.rJ  …rK  }rL  (hjG  hjE  ubaubeubeubahU UtransformerrM  NUfootnote_refsrN  }rO  UrefnamesrP  }rQ  Usymbol_footnotesrR  ]rS  Uautofootnote_refsrT  ]rU  Usymbol_footnote_refsrV  ]rW  U	citationsrX  ]rY  h*hUcurrent_linerZ  NUtransform_messagesr[  ]r\  Ureporterr]  NUid_startr^  KUautofootnotesr_  ]r`  Ucitation_refsra  }rb  Uindirect_targetsrc  ]rd  Usettingsre  (cdocutils.frontend
Values
rf  org  }rh  (Ufootnote_backlinksri  KUrecord_dependenciesrj  NUrfc_base_urlrk  Uhttps://tools.ietf.org/html/rl  U	tracebackrm  ˆUpep_referencesrn  NUstrip_commentsro  NUtoc_backlinksrp  Uentryrq  Ulanguage_coderr  Uenrs  U	datestamprt  NUreport_levelru  KU_destinationrv  NU
halt_levelrw  KUstrip_classesrx  Nh0NUerror_encoding_error_handlerry  Ubackslashreplacerz  Udebugr{  NUembed_stylesheetr|  ‰Uoutput_encoding_error_handlerr}  Ustrictr~  Usectnum_xformr  KUdump_transformsr€  NUdocinfo_xformr  KUwarning_streamr‚  NUpep_file_url_templaterƒ  Upep-%04dr„  Uexit_status_levelr…  KUconfigr†  NUstrict_visitorr‡  NUcloak_email_addressesrˆ  ˆUtrim_footnote_reference_spacer‰  ‰UenvrŠ  NUdump_pseudo_xmlr‹  NUexpose_internalsrŒ  NUsectsubtitle_xformr  ‰Usource_linkrŽ  NUrfc_referencesr  NUoutput_encodingr  Uutf-8r‘  U
source_urlr’  NUinput_encodingr“  U	utf-8-sigr”  U_disable_configr•  NU	id_prefixr–  U U	tab_widthr—  KUerror_encodingr˜  UUTF-8r™  U_sourcerš  hUgettext_compactr›  ˆU	generatorrœ  NUdump_internalsr  NUsmart_quotesrž  ‰Upep_base_urlrŸ  U https://www.python.org/dev/peps/r   Usyntax_highlightr¡  Ulongr¢  Uinput_encoding_error_handlerr£  j~  Uauto_id_prefixr¤  Uidr¥  Udoctitle_xformr¦  ‰Ustrip_elements_with_classesr§  NU_config_filesr¨  ]Ufile_insertion_enabledr©  ˆUraw_enabledrª  KUdump_settingsr«  NubUsymbol_footnote_startr¬  K Uidsr­  }r®  (hhmhhhj/  uUsubstitution_namesr¯  }r°  hh*h }r±  (h"]h%]h$]Usourcehh#]h']uU	footnotesr²  ]r³  Urefidsr´  }rµ  ub.