From 39a8216fdadc86e9f9176208e8cb2645176b25eb Mon Sep 17 00:00:00 2001 From: NikitaZotov Date: Mon, 19 Aug 2024 12:21:14 +0300 Subject: [PATCH] [docs] Use another style for tables --- .../api/cpp/extended/permissions_api.md | 280 +++++++++++++++--- 1 file changed, 238 insertions(+), 42 deletions(-) diff --git a/docs/sc-memory/api/cpp/extended/permissions_api.md b/docs/sc-memory/api/cpp/extended/permissions_api.md index 612f9e030..61f1f2c29 100644 --- a/docs/sc-memory/api/cpp/extended/permissions_api.md +++ b/docs/sc-memory/api/cpp/extended/permissions_api.md @@ -12,52 +12,201 @@ performed, it is checked whether the user has permissions to perform actions of Description of action classes that users of ostis-system can perform in its knowledge base: -| Action class | System identifier of action class sc-node | Abbreviation | Logic if user has permissions to execute actions of the specified class | -|--------------------------------------------|--------------------------------------------|--------------|------------------------------------------------------------------------------------| -| reading from sc-memory action | `action_read_from_sc_memory` | R | The user can execute all methods that read sc-constructions from knowledge base. | -| generating in sc-memory action | `action_generate_in_sc_memory` | G | The user can execute all methods that generate sc-constructions in knowledge base. | -| erasing from sc-memory action | `action_erase_from_sc_memory` | E | The user can execute all methods that erase sc-constructions from knowledge base. | -| reading permissions from sc-memory action | `action_read_permissions_from_sc_memory` | RP | The user can read permissions of other users from knowledge base. | -| generating permissions in sc-memory action | `action_generate_permissions_in_sc_memory` | GP | The user can generate permissions for other users in knowledge base. | -| erasing permissions from sc-memory action | `action_erase_permissions_from_sc_memory` | EP | The user can erase permissions of other users from knowledge base. | + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
Action classSystem identifier of action class sc-nodeAbbreviationLogic if user has permissions to execute actions of the specified class
reading from sc-memory actionaction_read_from_sc_memoryRThe user can execute all methods that read sc-constructions from knowledge base.
generating in sc-memory actionaction_generate_in_sc_memoryGThe user can execute all methods that generate sc-constructions in knowledge base.
erasing from sc-memory actionaction_erase_from_sc_memoryEThe user can execute all methods that erase sc-constructions from knowledge base.
reading permissions from sc-memory actionaction_read_permissions_from_sc_memoryRPThe user can read permissions of other users from knowledge base.
generating permissions in sc-memory actionaction_generate_permissions_in_sc_memoryGPThe user can generate permissions for other users in knowledge base.
erasing permissions from sc-memory actionaction_erase_permissions_from_sc_memoryEPThe user can erase permissions of other users from knowledge base.
Description of ScMemoryContext API methods and user permissions required to execute these methods: -| ScMemoryContext API method | R | G | E | Logic is user hasn't required permissions to perform method | -|------------------------------------------------------|---|---|---|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| CreateNode, CreateLink | - | - | - | These methods don't require any permissions for users. | -| CreateEdge | - | + | - | If user hasn't permissions to add sc-connector from specified begin sc-element or to specified end sc-element, then method will throw `utils::ExceptionInvalidState`. | -| IsElement | + | - | - | If user hasn't permissions to read specified sc-element, then method will throw `utils::ExceptionInvalidState`. | -| GetElementType | + | - | - | If user hasn't permissions to read specified sc-element, then method will throw `utils::ExceptionInvalidState`. | -| SetElementSubtype | - | + | - | If user hasn't permissions to update specified sc-element sc-type, then method will throw `utils::ExceptionInvalidState`. | -| GetEdgeInfo, GetEdgeSource, GetEdgeTarget | + | - | - | If user hasn't permissions to read specified sc-connector or its incident sc-elements, then method will throw `utils::ExceptionInvalidState`. | -| ScIterator3, ScIterator5, ForEachIter3, ForEachIter5 | + | - | - | If user hasn't permissions to read some sc-connectors from or to specified sc-element, then method won't return this sc-connectors to user: method `ScIterator::Next` will skip this sc-connectors. If user has permissions to read sc-connector from or to specified sc-element, but he hasn't permissions to read other incident sc-elements, then method `ScIterator::Get` will throw `utils::ExceptionInvalidState`, if user tries to get such permitted sc-element by index in found sc-construction. Methods `ForEachIter3` and `ForEachIter5` will return empty sc-address in such case. | -| EraseElement | - | - | + | If user hasn't permissions to erase specified sc-element, then method will return `SC_FALSE`. | -| SetLinkContent | - | + | + | If user hasn't permissions to change (erase and write) content for specified sc-link, then method will throw `utils::ExceptionInvalidState`. | -| GetLinkContent | + | - | - | If user hasn't permissions to read specified sc-link by specified content, then method will throw `utils::ExceptionInvalidState`. | -| FindLinksByContent, FindLinksByContentSubstring | + | - | - | If user hasn't permissions to read some sc-links that have specified content, then method won't return this sc-links. | - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
ScMemoryContext API methodRGELogic if user hasn't required permissions to perform method
CreateNode, CreateLink---These methods don't require any permissions for users.
CreateEdge-+-If user hasn't permissions to add sc-connector from specified begin sc-element or to specified end sc-element, then method will throw utils::ExceptionInvalidState.
IsElement+--If user hasn't permissions to read specified sc-element, then method will throw utils::ExceptionInvalidState.
GetElementType+--If user hasn't permissions to read specified sc-element, then method will throw utils::ExceptionInvalidState.
SetElementSubtype-+-If user hasn't permissions to update specified sc-element sc-type, then method will throw utils::ExceptionInvalidState.
GetEdgeInfo, GetEdgeSource, GetEdgeTarget+--If user hasn't permissions to read specified sc-connector or its incident sc-elements, then method will throw utils::ExceptionInvalidState.
ScIterator3, ScIterator5, ForEachIter3, ForEachIter5+--If user hasn't permissions to read some sc-connectors from or to specified sc-element, then method won't return these sc-connectors to user: method ScIterator::Next will skip these sc-connectors. If user has permissions to read sc-connector from or to specified sc-element, but he hasn't permissions to read other incident sc-elements, then method ScIterator::Get will throw utils::ExceptionInvalidState if user tries to get such permitted sc-element by index in found sc-construction. Methods ForEachIter3 and ForEachIter5 will return empty sc-address in such case.
EraseElement--+If user hasn't permissions to erase specified sc-element, then method will return SC_FALSE.
SetLinkContent-++If user hasn't permissions to change (erase and write) content for specified sc-link, then method will throw utils::ExceptionInvalidState.
GetLinkContent+--If user hasn't permissions to read specified sc-link by specified content, then method will throw utils::ExceptionInvalidState.
FindLinksByContent, FindLinksByContentSubstring+--If user hasn't permissions to read some sc-links that have specified content, then method won't return these sc-links.
Depending on where the user can perform actions in the knowledge base, their permissions are divided into global and local permissions: -- global permissions is permissions over entire knowledge base; -- local permissions is permissions in some part (sc-structure) of knowledge base. + +* global permissions is permissions over entire knowledge base; +* local permissions is permissions in some part (sc-structure) of knowledge base. Permissions can be set on a specific user or group (set or class) of users. All permissions can be represented as connections between users, action classes and sc-structures: -| Permissions class | System identifier of relation sc-node for concrete user | Description | -|--------------------|---------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------------------| -| Global permissions | `nrel_user_action_class` | Binary relation between concrete user and action class | -| Local permissions | `nrel_user_action_class_within_sc_structure` | Ternary relation between concrete user and action class with sc-structure where actions of specified class can be performed by this user | - - -| Permissions class | System identifier of relation sc-node for users set | Description | -|--------------------|-----------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------| -| Global permissions | `nrel_users_set_action_class` | Binary relation between users set and action class | -| Local permissions | `nrel_users_set_action_class_within_sc_structure` | Ternary relation between users set and action class with sc-structure where actions of specified class can be performed by this one of users | + + + + + + + + + + + + + + + + + + + + +
Permissions classSystem identifier of relation sc-node for concrete userDescription
Global permissionsnrel_user_action_classBinary relation between concrete user and action class
Local permissionsnrel_user_action_class_within_sc_structureTernary relation between concrete user and action class with sc-structure where actions of specified class can be performed by this user
+ + + + + + + + + + + + + + + + + + + + +
Permissions classSystem identifier of relation sc-node for users setDescription
Global permissionsnrel_users_set_action_classBinary relation between users set and action class
Local permissionsnrel_users_set_action_class_within_sc_structureTernary relation between users set and action class with sc-structure where actions of specified class can be performed by this one of users
Examples of global and local read permissions for user and users set: @@ -211,14 +360,61 @@ nrel_users_set_action_class_within_sc_structure Both global and local permissions can be described for the same user. It is important to know the logic of how they work together. For example, concrete user wants to handle some sc-construction. There may be several cases: -| Case | Does specified sc-construction belong to any permitted sc-structure? | Does user have global permissions? | Does user have local permissions? | Can user handle the specified sc-construction? | -|------|-------------------------------------------------------------------------------------------------------------------------------------------------------|---------------------------------------|---------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| 1 | No, it doesn't. | No, he doesn't. | No, he doesn't. | No, he doesn't. | -| 2 | No, it doesn't. | Yes. He has global write permissions. | No, he doesn't. | Yes. He can only add sc-elements into the specified sc-construction, because he has global write permissions. | -| 3 | Yes. The sc-construction is in a sc-structure that indicates that certain permissions are required. Some users have permissions to this sc-structure. | No, he doesn't. | No, he doesn't. | No, he doesn't. | -| 4 | Yes. The sc-construction is in a sc-structure that indicates that certain permissions are required. Some users have permissions to this sc-structure. | Yes. He has global read permissions. | No, he doesn't. | No, he doesn't. The user hasn't local permissions for the specified sc-structure. But he can read any sc-constructions in knowledge base, which doesn't have permitted sc-structures. | -| 5 | Yes. The sc-construction is in a sc-structure that indicates that certain permissions are required. Some users have permissions to this sc-structure. | No, he doesn't. | Yes. He has local write permissions for the specified sc-structure. | Yes. The user can only add sc-elements into the specified sc-structure. But he can't handle any sc-constructions in knowledge base other than the given one. | -| 6 | Yes. The sc-construction is in a sc-structure that indicates that certain permissions are required. Some users have permissions to this sc-structure. | Yes. He has global write permissions. | Yes. He has local write permissions for the specified sc-structure. | Yes. The user can add sc-elements into the specified sc-structure. And he can add sc-element into any sc-constructions in knowledge base other than the given one. | + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +
CaseDoes specified sc-construction belong to any permitted sc-structure?Does user have global permissions?Does user have local permissions?Can user handle the specified sc-construction?
1No, it doesn't.No, he doesn't.No, he doesn't.No, he doesn't.
2No, it doesn't.Yes. He has global write permissions.No, he doesn't.Yes. He can only add sc-elements into the specified sc-construction, because he has global write permissions.
3Yes. The sc-construction is in a sc-structure that indicates that certain permissions are required. Some users have permissions to this sc-structure.No, he doesn't.No, he doesn't.No, he doesn't.
4Yes. The sc-construction is in a sc-structure that indicates that certain permissions are required. Some users have permissions to this sc-structure.Yes. He has global read permissions.No, he doesn't.No, he doesn't. The user hasn't local permissions for the specified sc-structure. But he can read any sc-constructions in knowledge base, which doesn't have permitted sc-structures.
5Yes. The sc-construction is in a sc-structure that indicates that certain permissions are required. Some users have permissions to this sc-structure.No, he doesn't.Yes. He has local write permissions for the specified sc-structure.Yes. The user can only add sc-elements into the specified sc-structure. But he can't handle any sc-constructions in knowledge base other than the given one.
6Yes. The sc-construction is in a sc-structure that indicates that certain permissions are required. Some users have permissions to this sc-structure.Yes. He has global write permissions.Yes. He has local write permissions for the specified sc-structure.Yes. The user can add sc-elements into the specified sc-structure. And he can add sc-element into any sc-constructions in knowledge base other than the given one.
## **Frequently Asked Questions**