Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add an access scoping example #54

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
18 changes: 15 additions & 3 deletions cti-spec/SPEC.md
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ This document provides a specification for **Cross-domain Typed Identifiers (CTI
- [Extensible object types through type inheritance](#extensible-object-types-through-type-inheritance)
- [Controlling the type behavior](#controlling-the-type-behavior)
- [Expressing a relationship without an intermediate mapping](#expressing-a-relationship-without-an-intermediate-mapping)
- [Access scoping](#access-scoping)
- [Types and instances definition with RAMLx 1.0](#types-and-instances-definition-with-ramlx-10)
- [Typed annotations](#typed-annotations)
- [User-defined facets](#user-defined-facets)
Expand Down Expand Up @@ -124,7 +125,7 @@ associated with this identifier.
### Query language

> [!IMPORTANT]
> Attribute query may not serve as an identifier of a type or instance.
> CTI containing a query may not serve as an identifier of a type or instance.

Query language, similar to XPath language, allows the developers to narrow scope by specific attributes. Query syntax can be applied to a CTI by appending a list of attribute name and attribute value parameters in square brackets. For example: `<cti>[ <attribute name>="<attribute value>", <attribute name2>="<attribute value>", ... ]`.

Expand All @@ -140,7 +141,7 @@ It's possible to filter by multiple query parameters:
### Attribute query

> [!IMPORTANT]
> Attribute query may not serve as an identifier of a type or instance.
> CTI containing an attribute query may not serve as an identifier of a type or instance.

Similar to JSONPath dot notation, CTI provides the attribute selector that allows the developers to get an attribute value of the CTI instance. Attribute selector can be applied to a CTI that is bound to an instance by appending the `@` to the identifier and specifying a property path. For example: `<cti>@<root_attr_name>.<nested_attr_name>`.

Expand All @@ -157,7 +158,7 @@ Nested attributes also can be accessed within the instance's structure. For exam
The specification provides several means to match and collect identifiers.

> [!IMPORTANT]
> The following notations may not serve as identifiers of a type or instance.
> CTIs containing the following notations may not serve as identifiers of a type or instance.

#### Using wildcard

Expand Down Expand Up @@ -587,6 +588,17 @@ traits:
topic_id: cti.a.p.topic.v1.0~a.p.user.v1.0
```

### Access scoping

With the query language and CTI collection syntax, it is possible to grant access to a specific CTI entity or a list of CTIs
that an identity may have access to. The following table shows of claims and their scope of access:

| **Claim example** | **Description** |
|------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------|
| cti.a.p.am.alert.v1.0~vendor.pkg.* | Access to all alerts of types introduced by **vendor.pkg** package and **all** its sub-packages and sub-vendors. |
| cti.a.p.am.alert.v1.0~vendor.pkg.alert.v1.0 | Access to the alert introduced by **vendor.pkg** package. |
| cti.a.p.am.alert.v1.0[ category="cti.a.p.category.v1.0~vendor.pkg.category.v1.0" ] | Access to all alerts in a category introduced by **vendor.pkg** package. |

## Types and instances definition with RAMLx 1.0

To express CTI semantics and describe domain object types and define static object instances, CTI uses RAMLx 1.0, an extension of [RAML 1.0](https://github.com/raml-org/raml-spec/blob/master/versions/raml-10/raml-10.md/).
Expand Down