diff --git a/info.textgrid.middleware.tgauth.rbac/rbacSoap/wsdl-8082/tgextra.wsdl b/info.textgrid.middleware.tgauth.rbac/rbacSoap/wsdl-8082/tgextra.wsdl
index 619703b3a118b766b7a87e4ae6fb14afb1a59387..d8ab7b4266a438be75451c053878a5548e814120 100644
--- a/info.textgrid.middleware.tgauth.rbac/rbacSoap/wsdl-8082/tgextra.wsdl
+++ b/info.textgrid.middleware.tgauth.rbac/rbacSoap/wsdl-8082/tgextra.wsdl
@@ -726,6 +726,30 @@
<!-- #### authenticate #### //-->
<wsdl:operation name="authenticate">
+ <wsdl:documentation>
+ Internal function used by applications to identify themselves
+ (via shared secret between RBAC and WebAuth).
+ <ul>
+ <li><b>Input Parameters</b> authenticateRequest, with elements
+ <ul>
+ <li>username - String with name of application</li>
+ <li>password - String with password for this application</li>
+ <li>log - String for log information, optional</li>
+ </ul>
+ </li>
+ <li><b>Output Parameters</b> authenticateResponse, with element
+ <ul>
+ <li>auth - String, SessionID of authenticated application
+ (See getSid() for format.)</li>
+ </ul>
+ </li>
+ <li><b>Faults</b>
+ <ul>
+ <li>authenticationFault</li>
+ </ul>
+ </li>
+ </ul>
+ </wsdl:documentation>
<wsdl:input message="tns:authenticateRequest" />
<wsdl:output message="tns:authenticateResponse" />
<wsdl:fault name="authenticationFault" message="tns:authenticationFault" />
@@ -733,6 +757,31 @@
<!-- #### userExists #### //-->
<wsdl:operation name="userExists">
+
+ <wsdl:documentation>
+ Checks whether this UserID (eduPersonPrincipalName) exists in RBAC.
+ <ul>
+ <li><b>Input Parameters</b> userExistsRequest, with elements
+ <ul>
+ <li>auth - String, SessionID of application or user asking</li>
+ <li>log - String for log information, optional</li>
+ <li>username - String containing the ID (ePPN) of the user</li>
+ </ul>
+ </li>
+ <li><b>Output Parameters</b> booleanResponse, with element
+ <ul>
+ <li>result - boolean, true if user exists, false
+ otherwise</li>
+ </ul>
+ </li>
+ <li><b>Faults</b>
+ <ul>
+ <li>authenticationFault</li>
+ </ul>
+ </li>
+ </ul>
+ </wsdl:documentation>
+
<wsdl:input message="tns:userExistsRequest" />
<wsdl:output message="tns:userExistsResponse" />
<wsdl:fault name="authenticationFault" message="tns:authenticationFault" />
@@ -740,12 +789,78 @@
<!-- #### createProject #### //-->
<wsdl:operation name="createProject">
+
+ <wsdl:documentation>
+ Creates a project. Projects are roles with various sub-roles,
+ i.e Leader, Administrator... Creates default roles with
+ default permissions:
+ <table>
+ <tr><td>Role</td> <td>Right on Project</td></tr>
+ <tr><td>Projektleiter (project leader)</td><td>delegate</td></tr>
+ <tr><td>Administrator</td><td>-none-</td></tr>
+ <tr><td>Bearbeiter (editor)</td><td>create</td></tr>
+ <tr><td>Beobachter (observer)</td><td>-none-</td></tr>
+ </table>
+ These permissions can be adapted afterwards. For the rights
+ on resources, see registerResource().
+ <ul>
+ <li><b>Input Parameters</b> createProjectRequest, with elements
+ <ul>
+ <li>auth - String, SessionID of future project
+ leader</li>
+ <li>log - String for log information, optional</li>
+ <li>name - String with name of project</li>
+ <li>description - String with description of
+ project</li>
+ <li>file - String with URI of project file
+ - <em>currently unused, omit or leave empty and use
+ setProjectFile( ) once the file resource has been
+ created</em></li>
+ </ul>
+ </li>
+ <li><b>Output Parameters</b> createProjectResponse, with element
+ <ul>
+ <li>projectId - String with the newly assigned project
+ ID, such as "TGPR123"</li>
+ </ul>
+ </li>
+ </ul>
+ </wsdl:documentation>
+
<wsdl:input message="tns:createProjectRequest" />
<wsdl:output message="tns:createProjectResponse" />
</wsdl:operation>
<!-- #### setProjectFile #### //-->
<wsdl:operation name="setProjectFile">
+
+ <wsdl:documentation>
+ Registers the URI of a TextGridObject to be the project file
+ for project-specific settings. The URI must be registered at
+ RBAC.
+ <ul>
+ <li><b>Input Parameters</b> setProjectFileRequest, with elements
+ <ul>
+ <li>auth - String, SessionID of Project Leader</li>
+ <li>log - String for log information, optional</li>
+ <li>project - String with projectID</li>
+ <li>file - String with URI of project file</li>
+ </ul>
+ </li>
+ <li><b>Output Parameters</b> booleanResponse, with element
+ <ul>
+ <li>result - boolean, true if operation was successful,
+ false otherwise</li>
+ </ul>
+ </li>
+ <li><b>Faults</b>
+ <ul>
+ <li>authenticationFault</li>
+ </ul>
+ </li>
+ </ul>
+ </wsdl:documentation>
+
<wsdl:input message="tns:setProjectFileRequest" />
<wsdl:output message="tns:setProjectFileResponse" />
<wsdl:fault name="authenticationFault" message="tns:authenticationFault" />
@@ -753,12 +868,64 @@
<!-- #### getObjects #### //-->
<wsdl:operation name="getObjects">
+
+ <wsdl:documentation>
+ Returns URIs of all resources in project. Caller must have
+ some role in the project.
+ <ul>
+ <li><b>Input Parameters</b> getObjectsRequest, with elements
+ <ul>
+ <li>auth - String, SessionID of user</li>
+ <li>log - String for log information, optional</li>
+ <li>project - String with projectID</li>
+ </ul>
+ </li>
+ <li><b>Output Parameters</b> resourcesetResponse, with element
+ <ul>
+ <li>resource - String with URI of resource in
+ project. Can occur multiple times</li>
+ </ul>
+ </li>
+ </ul>
+ </wsdl:documentation>
+
<wsdl:input message="tns:getObjectsRequest" />
<wsdl:output message="tns:getObjectsResponse" />
</wsdl:operation>
<!-- #### addMember #### //-->
<wsdl:operation name="addMember">
+
+ <wsdl:documentation>
+ Project leaders can assign users into specific roles. This
+ still does not effect <em>activation</em> of the role in the
+ user(s)' session(s).
+ <ul>
+ <li><b>Input Parameters</b> addMemberRequest, with elements
+ <ul>
+ <li>auth - String, SessionID of project leader</li>
+ <li>log - String for log information, optional</li>
+ <li>username - String with ePPN of user to be added</li>
+ <li>role - String with full-qualified role name of the
+ role the user is to be signed into. The full-qualified
+ role name has the form
+ "Administrator,TGPR3,Projekt-Teilnehmer"</li>
+ </ul>
+ </li>
+ <li><b>Output Parameters</b> booleanResponse, with element
+ <ul>
+ <li>result - boolean, true if operation was successful,
+ false otherwise</li>
+ </ul>
+ </li>
+ <li><b>Faults</b>
+ <ul>
+ <li>rbacFault</li>
+ </ul>
+ </li>
+ </ul>
+ </wsdl:documentation>
+
<wsdl:input message="tns:addMemberRequest" />
<wsdl:output message="tns:addMemberResponse" />
<wsdl:fault name="rbacFault" message="tns:rbacFault" />
@@ -766,54 +933,316 @@
<!-- #### deleteMember #### //-->
<wsdl:operation name="deleteMember">
+ <wsdl:documentation>
+ Project leaders can delete a role from a user. This
+ still does not effect <em>(de-)activation</em> of the role in the
+ user(s)' session(s).
+ <ul>
+ <li><b>Input Parameters</b> deleteMemberRequest, with elements
+ <ul>
+ <li>auth - String, SessionID of project leader</li>
+ <li>log - String for log information, optional</li>
+ <li>username - String with ePPN of user to be signed off</li>
+ <li>role - String with full-qualified role name of the
+ role the user is to be signed off. The full-qualified
+ role name has the form
+ "Administrator,TGPR3,Projekt-Teilnehmer"</li>
+ </ul>
+ </li>
+ <li><b>Output Parameters</b> booleanResponse, with element
+ <ul>
+ <li>result - boolean, true if operation was successful,
+ false otherwise</li>
+ </ul>
+ </li>
+ </ul>
+ </wsdl:documentation>
+
<wsdl:input message="tns:deleteMemberRequest" />
<wsdl:output message="tns:deleteMemberResponse" />
</wsdl:operation>
<!-- #### tgAddActiveRole #### //-->
<wsdl:operation name="tgAddActiveRole">
+
+ <wsdl:documentation>
+ Activates a role for a session. NB, currently the login
+ process activates <em>all</em> available roles of the user.
+ <ul>
+ <li><b>Input Parameters</b> tgAddActiveRoleRequest, with elements
+ <ul>
+ <li>auth - String, SessionID of user</li>
+ <li>log - String for log information, optional</li>
+ <li>role - String with full-qualified role name of the
+ role the user wants to activate. The full-qualified role
+ name has the form
+ "Administrator,TGPR3,Projekt-Teilnehmer".</li>
+ </ul>
+ </li>
+ <li><b>Output Parameters</b> booleanResponse, with element
+ <ul>
+ <li>result - boolean, true if operation was successful,
+ false otherwise</li>
+ </ul>
+ </li>
+ </ul>
+ </wsdl:documentation>
+
<wsdl:input message="tns:tgAddActiveRoleRequest" />
<wsdl:output message="tns:tgAddActiveRoleResponse" />
</wsdl:operation>
<!-- #### tgDropActiveRole #### //-->
<wsdl:operation name="tgDropActiveRole">
+
+ <wsdl:documentation>
+ De-activates a role for a session.
+ <ul>
+ <li><b>Input Parameters</b> tgDropActiveRoleRequest, with elements
+ <ul>
+ <li>auth - String, SessionID of user</li>
+ <li>log - String for log information, optional</li>
+ <li>role - String with full-qualified role name of the
+ role the user wants to de-activate. The full-qualified role
+ name has the form
+ "Administrator,TGPR3,Projekt-Teilnehmer".</li>
+ </ul>
+ </li>
+ <li><b>Output Parameters</b> booleanResponse, with element
+ <ul>
+ <li>result - boolean, true if operation was successful,
+ false otherwise</li>
+ </ul>
+ </li>
+ </ul>
+ </wsdl:documentation>
+
<wsdl:input message="tns:tgDropActiveRoleRequest" />
<wsdl:output message="tns:tgDropActiveRoleResponse" />
</wsdl:operation>
<!-- #### tgCheckAccess #### //-->
<wsdl:operation name="tgCheckAccess">
+
+ <wsdl:documentation>
+ Returns access decision for given operation on given resource
+ for session.
+ <ul>
+ <li><b>Input Parameters</b> tgCheckAccessRequest, with elements
+ <ul>
+ <li>auth - String, SessionID of user (or service) that
+ wants to intitiate the check</li>
+ <li>log - String for log information, optional</li>
+ <li>sid - String, SessionID of user for whom the check
+ is to be done. Leave empty if check is to be done for
+ user's own session given under <em>auth</em></li>
+ <li>operation - String, such as "read", "write"</li>
+ <li>resource - String, name of project or role, or URI of
+ TgObject resource</li>
+ </ul>
+ </li>
+ <li><b>Output Parameters</b> booleanResponse, with element
+ <ul>
+ <li>result - boolean, true if operation was successful,
+ false otherwise</li>
+ </ul>
+ </li>
+ </ul>
+ </wsdl:documentation>
+
<wsdl:input message="tns:tgCheckAccessRequest" />
<wsdl:output message="tns:tgCheckAccessResponse" />
</wsdl:operation>
<!-- #### tgAssignedRoles #### //-->
<wsdl:operation name="tgAssignedRoles">
+
+ <wsdl:documentation>
+ Returns the roles the requesting user has, in any project. Can
+ be called for another user by project leaders, then roles will
+ be limited to the intersection of those projects
+ where <em>auth</em> is leader AND <em>username</em> has some
+ role in.
+ <ul>
+ <li><b>Input Parameters</b> tgAssignedRolesRequest, with elements
+ <ul>
+ <li>auth - String, SessionID of user that wants to
+ query for roles</li>
+ <li>log - String for log information, optional</li>
+ <li>username - String, ePPN of user for whom the
+ query is to be done. Can be empty.</li>
+ </ul>
+ </li>
+ <li><b>Output Parameters</b> rolesetResponse, with element
+ <ul>
+ <li>role - String with full-qualified role name of the
+ role. The full-qualified role name has the form
+ "Administrator,TGPR3,Projekt-Teilnehmer". Can occur
+ multiple times.</li>
+ </ul>
+ </li>
+ </ul>
+ </wsdl:documentation>
+
<wsdl:input message="tns:tgAssignedRolesRequest" />
<wsdl:output message="tns:tgAssignedRolesResponse" />
</wsdl:operation>
<!-- #### tgAssignedProjects #### //-->
<wsdl:operation name="tgAssignedProjects">
+
+ <wsdl:documentation>
+ Returns projectIDs of all projects the user has some role in.
+ <ul>
+ <li><b>Input Parameters</b> tgAssignedProjectsRequest, with elements
+ <ul>
+ <li>auth - String, SessionID of user that wants to
+ query for roles</li>
+ <li>log - String for log information, optional</li>
+ <li>level - Integer. Can be either empty (= level 0) or one of
+ the following:
+ <ul>
+ <li>0 - Returns all projects the user has any
+ role in (default).</li>
+ <li>1 - Returns only projects where the user has
+ read access, i.e. <ul><li>she is Beobachter
+ (observer) or</li><li>she is Bearbeiter (editor)
+ or</li><li>there are any public resources in the
+ project</li></ul></li>
+ <li>2 - like level 1, but public resources do not
+ count</li>
+ <li>3 - Returns only projects where the user has
+ write access, i.e. she is Bearbeiter (editor)</li>
+ <li>4 - Returns only projects where the user has
+ delegate access, i.e. she is Projektleiter (project
+ leader)</li>
+ </ul>
+ </li>
+ </ul>
+ </li>
+ <li><b>Output Parameters</b> rolesetResponse, with element
+ <ul>
+ <li>role - String with projectID (no full-qualified role
+ name is needed here). Can occur multiple times.</li>
+ </ul>
+ </li>
+ </ul>
+ </wsdl:documentation>
+
<wsdl:input message="tns:tgAssignedProjectsRequest" />
<wsdl:output message="tns:tgAssignedProjectsResponse" />
</wsdl:operation>
<!-- #### getAllProjects #### //-->
<wsdl:operation name="getAllProjects">
+
+ <wsdl:documentation>
+ Returns all projects stored in this RBAC instance with ID,
+ name, and description. See also getProjectDescription().
+ <ul>
+ <li><b>Input Parameters</b> getAllProjectsRequest, with elements
+ <ul>
+ <li>auth - String, SessionID of user that wants to query
+ for projects. Can be omitted as this information can be
+ reviewed publicly</li>
+ <li>log - String for log information, optional</li>
+ </ul>
+ </li>
+ <li><b>Output Parameters</b> getAllProjectsResponse, with element
+ <ul>
+ <li>project - projectInfo, can occur multiple
+ times. <br/>
+ The type projectInfo consists of the following elements:
+ <ul>
+ <li>id - String, project ID, such as "TGPR123"</li>
+ <li>description - String, project description</li>
+ <li>name - String, project name</li>
+ <li>file - String with URI of project file for
+ project-specific settings. </li>
+ </ul>
+ </li>
+ </ul>
+ </li>
+ </ul>
+ </wsdl:documentation>
+
<wsdl:input message="tns:getAllProjectsRequest" />
<wsdl:output message="tns:getAllProjectsResponse" />
</wsdl:operation>
<!-- #### getLeader #### //-->
<wsdl:operation name="getLeader">
+
+ <wsdl:documentation>
+ Returns Project Leader/s (i.e. who have delegate right on the
+ respective project resource).
+ <ul>
+ <li><b>Input Parameters</b> getLeaderRequest, with elements
+ <ul>
+ <li>auth - String, SessionID of user that wants to query
+ for projects. Can be omitted as this information can be
+ reviewed publicly</li>
+ <li>log - String for log information, optional</li>
+ <li>project - String with project ID, such as "TGPR123"</li>
+ </ul>
+ </li>
+ <li><b>Output Parameters</b> usersetResponse, with element
+ <ul>
+ <li>username - String holding ePPN of user, can occur
+ multiple times.
+ </li>
+ </ul>
+ </li>
+ </ul>
+ </wsdl:documentation>
+
<wsdl:input message="tns:getLeaderRequest" />
<wsdl:output message="tns:getLeaderResponse" />
</wsdl:operation>
<!-- #### registerResource #### //-->
<wsdl:operation name="registerResource">
+
+ <wsdl:documentation>
+ Registers a resource in the database. Assigns standard
+ permissions to roles in project:
+ <table>
+ <tr><td>Role</td> <td>Right on Resource</td></tr>
+ <tr><td>Projektleiter (project leader)</td><td>delegate, publish</td></tr>
+ <tr><td>Administrator</td><td>delete</td></tr>
+ <tr><td>Bearbeiter (editor)</td><td>read, write</td></tr>
+ <tr><td>Beobachter (observer)</td><td>read</td></tr>
+ </table>
+ These permissions can be adapted afterwards. User needs
+ create right on project resource, see createProject().<br/>
+ This function is <b>only for use by TG-crud.</b> Clients
+ should call TG-crud.create instead.
+ <ul>
+ <li><b>Input Parameters</b> registerResourceRequest, with elements
+ <ul>
+ <li>auth - String, SessionID of future owner of this resource</li>
+ <li>log - String for log information, optional</li>
+ <li>project - String with project ID, such as "TGPR123".</li>
+ <li>uri - String holding URI of TgObject resource to be
+ registered in RBAC</li>
+ <li>secret - String known by TG-crud to authenticate
+ itself</li>
+ </ul>
+ </li>
+ <li><b>Output Parameters</b> booleanResponse, with element
+ <ul>
+ <li>result - boolean, true if operation was successful,
+ false otherwise</li>
+ </ul>
+ </li>
+ <li><b>Faults</b>
+ <ul>
+ <li>authenticationFault</li>
+ </ul>
+ </li>
+ </ul>
+ </wsdl:documentation>
+
<wsdl:input message="tns:registerResourceRequest" />
<wsdl:output message="tns:registerResourceResponse" />
<wsdl:fault name="authenticationFault" message="tns:authenticationFault" />
@@ -821,6 +1250,37 @@
<!-- #### unregisterResource #### //-->
<wsdl:operation name="unregisterResource">
+
+ <wsdl:documentation>
+ Removes resource from database. User needs delete right on
+ resource. <b>Only for use by TG-crud.</b> Clients should call
+ TG-crud.delete instead.
+ <ul>
+ <li><b>Input Parameters</b> unregisterResourceRequest, with elements
+ <ul>
+ <li>auth - String, SessionID of requester</li>
+ <li>log - String for log information, optional</li>
+ <li>uri - String holding URI of TgObject resource to be
+ removed from RBAC</li>
+ <li>secret - String known by TG-crud to authenticate
+ itself</li>
+ </ul>
+ </li>
+ <li><b>Output Parameters</b> booleanResponse, with element
+ <ul>
+ <li>result - boolean, true if operation was successful,
+ false otherwise</li>
+ </ul>
+ </li>
+ <li><b>Faults</b>
+ <ul>
+ <li>unknownResourceFault</li>
+ <li>authenticationFault</li>
+ </ul>
+ </li>
+ </ul>
+ </wsdl:documentation>
+
<wsdl:input message="tns:unregisterResourceRequest" />
<wsdl:output message="tns:unregisterResourceResponse" />
<wsdl:fault name="unknownResourceFault" message="tns:unknownResourceFault" />
@@ -829,6 +1289,38 @@
<!-- #### filterBySid #### //-->
<wsdl:operation name="filterBySid">
+
+ <wsdl:documentation>
+ This is tgCheckAccess in batch operation: Returns a list of
+ the resources where a given operation with this SessionID is
+ allowed. The resource parameter must contain a list of
+ resources, and the subset of this list that matches
+ will be returned.
+ <ul>
+ <li><b>Input Parameters</b> filterBySidRequest, with elements
+ <ul>
+ <li>auth - String, SessionID of user that wants to
+ do the check</li>
+ <li>log - String for log information, optional</li>
+ <li>resource - String with projectID, or URI of
+ TgObject resource. Can occur multiple times.</li>
+ <li>operation - String, such as "read", "write"</li>
+ </ul>
+ </li>
+ <li><b>Output Parameters</b> filterResponse, with element
+ <ul>
+ <li>resource - String with projectID, or URIs that
+ match. Can occur multiple times.</li>
+ </ul>
+ </li>
+ <li><b>Faults</b>
+ <ul>
+ <li>authenticationFault</li>
+ </ul>
+ </li>
+ </ul>
+ </wsdl:documentation>
+
<wsdl:input message="tns:filterBySidRequest" />
<wsdl:output message="tns:filterBySidResponse" />
<wsdl:fault name="authenticationFault" message="tns:authenticationFault" />
@@ -836,6 +1328,41 @@
<!-- #### tgGrantPermission #### //-->
<wsdl:operation name="tgGrantPermission">
+
+ <wsdl:documentation>
+ Enables given operation for given role on given
+ resource. Resource may be an URI of a TgObject, or
+ a projectID. Users need delegate right on resource or project
+ (i.e. be project leader).
+ <ul>
+ <li><b>Input Parameters</b> tgGrantPermissionRequest, with elements
+ <ul>
+ <li>auth - String, SessionID of user</li>
+ <li>log - String for log information, optional</li>
+ <li>role - String with full-qualified role name of the
+ role the user wants to grant a right. The full-qualified
+ role name has the form
+ "Administrator,TGPR3,Projekt-Teilnehmer".</li>
+ <li>operation - String, operation to be granted, such as
+ "read", "write".</li>
+ <li>resource - String, URI of TgObject, or projectID</li>
+ </ul>
+ </li>
+ <li><b>Output Parameters</b> booleanResponse, with element
+ <ul>
+ <li>result - boolean, true if operation was successful,
+ false otherwise</li>
+ </ul>
+ </li>
+ <li><b>Faults</b>
+ <ul>
+ <li>authenticationFault</li>
+ <li>rbacFault</li>
+ </ul>
+ </li>
+ </ul>
+ </wsdl:documentation>
+
<wsdl:input message="tns:tgGrantPermissionRequest" />
<wsdl:output message="tns:tgGrantPermissionResponse" />
<wsdl:fault name="authenticationFault" message="tns:authenticationFault" />
@@ -843,6 +1370,37 @@
<!-- #### tgRevokePermission #### //-->
<wsdl:operation name="tgRevokePermission">
+
+ <wsdl:documentation>
+ Disables this permission, see tgGrantPermission for limitations.
+ <ul>
+ <li><b>Input Parameters</b> tgRevokePermissionRequest, with elements
+ <ul>
+ <li>auth - String, SessionID of user</li>
+ <li>log - String for log information, optional</li>
+ <li>role - String with full-qualified role name of the
+ role the user wants to revoke a right. The full-qualified
+ role name has the form
+ "Administrator,TGPR3,Projekt-Teilnehmer".</li>
+ <li>operation - String, operation to be granted, such as
+ "read", "write".</li>
+ <li>resource - String, URI of TgObject, or projectID</li>
+ </ul>
+ </li>
+ <li><b>Output Parameters</b> booleanResponse, with element
+ <ul>
+ <li>result - boolean, true if operation was successful,
+ false otherwise</li>
+ </ul>
+ </li>
+ <li><b>Faults</b>
+ <ul>
+ <li>authenticationFault</li>
+ </ul>
+ </li>
+ </ul>
+ </wsdl:documentation>
+
<wsdl:input message="tns:tgRevokePermissionRequest" />
<wsdl:output message="tns:tgRevokePermissionResponse" />
<wsdl:fault name="authenticationFault" message="tns:authenticationFault" />
@@ -850,6 +1408,33 @@
<!-- #### getOwner #### //-->
<wsdl:operation name="getOwner">
+
+ <wsdl:documentation>
+ Returns ePPN of owner that was set in registerResource. User
+ must have read permission on the resource, or resource must be
+ public.
+ <ul>
+ <li><b>Input Parameters</b> tgRevokePermissionRequest, with elements
+ <ul>
+ <li>auth - String, SessionID of user that wants to query
+ for the owner</li>
+ <li>log - String for log information, optional</li>
+ <li>resource - String, URI of TgObject</li>
+ </ul>
+ </li>
+ <li><b>Output Parameters</b> getOwnerResponse, with element
+ <ul>
+ <li>owner - String, ePPN of owner.</li>
+ </ul>
+ </li>
+ <li><b>Faults</b>
+ <ul>
+ <li>authenticationFault</li>
+ </ul>
+ </li>
+ </ul>
+ </wsdl:documentation>
+
<wsdl:input message="tns:getOwnerRequest" />
<wsdl:output message="tns:getOwnerResponse" />
<wsdl:fault name="authenticationFault" message="tns:authenticationFault" />
@@ -857,13 +1442,72 @@
<!-- #### getMembers #### //-->
<wsdl:operation name="getMembers">
- <wsdl:input message="tns:getMembersRequest" />
+
+ <wsdl:documentation>
+ Returns ePPNs of all members in the project, caller must be
+ member herself.
+ <ul>
+ <li><b>Input Parameters</b> getMembersRequest, with elements
+ <ul>
+ <li>auth - String, SessionID of user that wants to query
+ for the owner</li>
+ <li>log - String for log information, optional</li>
+ <li>project - String, ProjectID, such as "TGPR123"</li>
+ </ul>
+ </li>
+ <li><b>Output Parameters</b> usersetResponse, with element
+ <ul>
+ <li>username - String holding ePPN of user, can occur
+ multiple times.
+ </li>
+ </ul>
+ </li>
+ <li><b>Faults</b>
+ <ul>
+ <li>authenticationFault</li>
+ </ul>
+ </li>
+ </ul>
+ </wsdl:documentation>
+
+ <wsdl:input message="tns:getMembersRequest" />
<wsdl:output message="tns:getMembersResponse" />
<wsdl:fault name="authenticationFault" message="tns:authenticationFault" />
</wsdl:operation>
<!-- #### getRights #### //-->
<wsdl:operation name="getRights">
+
+ <wsdl:documentation>
+ Returns permissions for given resource or projectID. Can be
+ used by project leaders to check permissions for another
+ project member.
+ <ul>
+ <li><b>Input Parameters</b> getRightsRequest, with elements
+ <ul>
+ <li>auth - String, SessionID of user that wants to query
+ the rights</li>
+ <li>log - String for log information, optional</li>
+ <li>resource - String, URI of TgObject or ProjectID</li>
+ <li>username - ePPN of user whose rights shall be
+ queried. Leave empty to get rights of user authenticated
+ by the auth parameter.</li>
+ </ul>
+ </li>
+ <li><b>Output Parameters</b> operationsetResponse, with element
+ <ul>
+ <li>operation - String with a right, such as "read" or
+ "delegate". Can occur multiple times.</li>
+ </ul>
+ </li>
+ <li><b>Faults</b>
+ <ul>
+ <li>authenticationFault</li>
+ </ul>
+ </li>
+ </ul>
+ </wsdl:documentation>
+
<wsdl:input message="tns:getRightsRequest" />
<wsdl:output message="tns:getRightsResponse" />
<wsdl:fault name="authenticationFault" message="tns:authenticationFault" />
@@ -871,6 +1515,35 @@
<!-- #### publish #### //-->
<wsdl:operation name="publish">
+
+ <wsdl:documentation>
+ Sets the isPublic flag of a TextGridObject identified by its
+ URI to TRUE. The resource will then be world-readable. This is
+ irreversible (only by manual modification of the database) and
+ needs the publish right, which by default is granted to
+ project leaders.
+ <ul>
+ <li><b>Input Parameters</b> publishRequest, with elements
+ <ul>
+ <li>auth - String, SessionID of user that wants publish</li>
+ <li>log - String for log information, optional</li>
+ <li>resource - String, URI of TgObject</li>
+ </ul>
+ </li>
+ <li><b>Output Parameters</b> booleanResponse, with element
+ <ul>
+ <li>result - boolean, true if operation was successful,
+ false otherwise</li>
+ </ul>
+ </li>
+ <li><b>Faults</b>
+ <ul>
+ <li>authenticationFault</li>
+ </ul>
+ </li>
+ </ul>
+ </wsdl:documentation>
+
<wsdl:input message="tns:publishRequest" />
<wsdl:output message="tns:publishResponse" />
<wsdl:fault name="authenticationFault" message="tns:authenticationFault" />
@@ -878,12 +1551,63 @@
<!-- #### isPublic #### //-->
<wsdl:operation name="isPublic">
+
+ <wsdl:documentation>
+ Returns status of isPublic flag for a TextGridObject.
+ <ul>
+ <li><b>Input Parameters</b> isPublicRequest, with elements
+ <ul>
+ <li>auth - String, SessionID of user that wants to
+ query. Can be empty.</li>
+ <li>log - String for log information, optional</li>
+ <li>resource - String, URI of TgObject</li>
+ </ul>
+ </li>
+ <li><b>Output Parameters</b> booleanResponse, with element
+ <ul>
+ <li>result - boolean, true if resource has the isPublic
+ flag set to TRUE, i.e. has been published, false
+ otherwise</li>
+ </ul>
+ </li>
+ </ul>
+ </wsdl:documentation>
+
<wsdl:input message="tns:isPublicRequest" />
<wsdl:output message="tns:isPublicResponse" />
</wsdl:operation>
<!-- #### deactivateProject #### //-->
<wsdl:operation name="deactivateProject">
+
+ <wsdl:documentation>
+ Hides a project. User must be project leader of the project to
+ be deactivated. Hidden projects cannot be modified or read
+ anymore (except published resources). However, information is
+ preserved so that the project can be re-activated by manual
+ modification of the database.
+ <ul>
+ <li><b>Input Parameters</b> deactivateProjectRequest, with elements
+ <ul>
+ <li>auth - String, SessionID of user that wants publish</li>
+ <li>log - String for log information, optional</li>
+ <li>project - String, ProjectID</li>
+ </ul>
+ </li>
+ <li><b>Output Parameters</b> booleanResponse, with element
+ <ul>
+ <li>result - boolean, true if operation was successful,
+ false otherwise</li>
+ </ul>
+ </li>
+ <li><b>Faults</b>
+ <ul>
+ <li>authenticationFault</li>
+ </ul>
+ </li>
+ </ul>
+ </wsdl:documentation>
+
<wsdl:input message="tns:deactivateProjectRequest" />
<wsdl:output message="tns:deactivateProjectResponse" />
<wsdl:fault name="authenticationFault" message="tns:authenticationFault" />
@@ -891,12 +1615,54 @@
<!-- #### getProjectDescription #### //-->
<wsdl:operation name="getProjectDescription">
+
+ <wsdl:documentation>
+ Returns name and description of project identified by ID. See
+ also getAllProjects().
+ <ul>
+ <li><b>Input Parameters</b> getProjectDescriptionRequest, with elements
+ <ul>
+ <li>auth - String, SessionID of user. Can be empty.</li>
+ <li>log - String for log information, optional</li>
+ <li>project - String, ProjectID</li>
+ </ul>
+ </li>
+ <li><b>Output Parameters</b> getProjectDescriptionResponse, with element
+ <ul>
+ <li>project - projectInfo<br/>
+ The type projectInfo consists of the following elements:
+ <ul>
+ <li>id - String, project ID, such as "TGPR123"</li>
+ <li>description - String, project description</li>
+ <li>name - String, project name</li>
+ <li>file - String with URI of project file for
+ project-specific settings. </li>
+ </ul>
+ </li>
+ </ul>
+ </li>
+ </ul>
+ </wsdl:documentation>
+
<wsdl:input message="tns:getProjectDescriptionRequest" />
<wsdl:output message="tns:getProjectDescriptionResponse" />
</wsdl:operation>
<!-- #### getSid #### //-->
<wsdl:operation name="getSid">
+
+ <wsdl:documentation>
+ Returns some random SessionID suitable for RBAC.
+ <ul>
+ <li><b>Input Parameters</b> none </li>
+ <li><b>Output Parameters</b> getSidResponse, with element
+ <ul>
+ <li>sid - String, approximately 60-70 bytes long, consisting of random characters taken from a-zA-Z0-9.</li>
+ </ul>
+ </li>
+ </ul>
+ </wsdl:documentation>
+
<wsdl:output message="tns:getSidResponse" />
</wsdl:operation>