These permissions can be adapted afterwards. User needs create right on project resource, see createProject().
This function is **only for use by TG-crud**. Clients should call TG-crud#create() instead.
* Input Parameters registerResorceRequest, with elements
* auth - String, SessionID of future owner of this resource
* log - String for log information, optional
* secret - String known by TG-crud to authenticate itself
* project - String with project ID, such as "TGPR123"
* uri - String holding URI of TgObject resource to be registered in RBAC
* Output Parameters operationsSetResponse, with element
* operation (0..n) Strings with permissible operations on the newly created resource
* Faults
* authenticationFault
* rbacFault - if resource could not be registered successfully
unregisterResource
------------------
Removes resource from database. User needs delete right on resource. **Only for use by TG-crud**. Clients should call TG-crud#delete() instead.
* Input Parameters unregisterResourceRequest, with elements
* auth - String, SessionID of requester
* log - String for log information, optional
* secret - String known by TG-crud to authenticate itself
* uri - String holding URI of TgObject resource to be removed from RBAC
* Output Parameters booleanResponse, with element
* result - boolean, true if operation was successful, false otherwise
* Faults
* unknownResourceFault
* authenticationFault
tgCrudCheckAccess
-----------------
Returns access decision for given operation on given resource for session. In addition the owner of the session and informations on the project is returned. **Only for use by TG-crud**.
* Input Parameters tgCrudCheckAccessRequest, with elements
* auth - String, SessionID of user (or service) that wants to intitiate the check
* log - String for log information, optional
* secret - String known by TG-crud to authenticate itself
* sid - String, SessionID of user for whom the check is to be done. Leave empty if check is to be done for user's own session given under **auth**
* operation - String, such as "read", "write"
* resource - String, name of project or role, or URI of TgObject resource
* Output Parameters tgCrudCheckAccessResponse, with elements
* public
* project
* username
* operation
* Faults
* unknownResourceFault
putCRT
------
Puts the signed Certificate into the RBAC's accompanying daemon that holds the key.
* Input Parameters putCRTRequest, with elements
* auth - String, SessionID of user
* log - String for log information, optional
* crt - the Certificate as a String
* Output Parameters putCRTResponse, with element
* success, Boolean
* Faults
* authenticationFault
* unknownResourceFault
getEPPN
-------
Returns ePPN (aka TextGrid ID) of authenticated user. As this function could be used for SID guessing, the caller must know a secret.
* Input Parameters getEPPNRequest, with elements
* auth - String, SessionID of user that wants to query his ePPN
* log - String for log information, optional
* secret - String known by TG-crud to authenticate itself
* Output Parameters getEPPNResponse, with element
* eppn - String, ePPN of user
* Faults
* authenticationFault
getUUID
-------
Returns UUID (full path including server address) of the resource. User must have read permission on the resource, or resource must be public.
* Input Parameters getUUIDRequest, with elements
* auth - String, SessionID of user that wants to query for the UUID
* log - String for log information, optional
* secret - String known by TG-crud to authenticate itself
* resource - String, URI of TgObject
* Output Parameters getUUIDResponse, with element
* uuid - String, UUID if defined
* Faults
* authenticationFault
publish
-------
Sets the isPublic flag of a TextGridObject identified by its URI to TRUE. The resource will then be world-readable. This is irreversible (only by manual modification of the database) and needs the publish right, which by default is granted to project leaders.
* Input Parameters publishRequest, with elements
* auth - String, SessionID of user that wants publish
* log - String for log information, optional
* secret - String known by TG-crud to authenticate itself
* resource - String, URI of TgObject
* Output Parameters booleanResponse, with element
* result - boolean, true if operation was successful, false otherwise
* Faults
* authenticationFault
getSLC
------
CRUD may use this to retrieve a Short-Lived Certificate Key pair in PEM format for the user.
* Input Parameters getSLCRequest, with elements
* auth - String, SessionID of user
* log - String for log information, optional
* secret - String known by TG-crud to authenticate itself
* Output Parameters getSLCResponse, with element
* slc - Base64binary String with the key pair. Contains only printable ASCII Character.
* Faults
* authenticationFault
* unknownResourceFault
nearlyPublish
-------------
* Input Parameters nearlyPublishRequest, with elements
* auth - String, SessionID of user
* log - String for log information, optional
* secret - String known by TG-crud to authenticate itself
* resource - String, URI of TgObject
* Output Parameters booleanResponse, with element
* result - boolean, true if operation was successful, false otherwise
* Faults
* authenticationFault
* unknownResourceFault
getCSR
------
The Portal may use this to retrieve a Dummy Certificate Signing Request (CSR) in PEM format, for which the RBAC's accompanying daemon will hold the real key.
* Input Parameters getCSRRequest, with elements
* auth - String, SessionID of user
* log - String for log information, optional
* Output Parameters getCSRResponse, with element
* csr - Base64binary String with the CSR. Contains only printable ASCII Character
