Repository Bootstrapping
Introduction
When the repository service starts, a bootstrapping system will create default folders and groups that effect how Entities without parents are treated by default.
Default Groups
The bootstrap system will create two distinct default groups that will always exist:
- AUTHENTICATED_USERS - All users except ANONYMOUS belong to this group. Therefore it represents any user that has been authenticated.
- PUBLIC - This is the only group that ANONYMOUS belongs too. Therefore, adding this group to an ACL will grant permission to ANONYMOUS users. All authenticated users also belong to this group.
These two groups replace the deprecated ambiguous group:
@Deprecated PUBLIC_GROUP_NAME = "Identified Users"
Default Folders
The bootstrap system will also create three folders upon start-up of the repository system, each with a special ACL. In addition, any child added to one of these folders will automatically have one of the following ACL schemes applied to it:
- GRANT_CREATOR_ALL - For this scheme the child entity will be given an ACL which grants the creator (the user that created the entity) all permissions. This will give the creator full control of the entity but it will be private (no other user can see it).
- INHERIT_FROM_PARENT - For this scheme the child entity will not have its own ACL, rather it will inherit the ACL of its parent.
Here are the default folders
- /root
- ACL:
- AUTHENTICATED_USERS
- CREATE
- AUTHENTICATED_USERS
- Default ACL scheme for children: GRANT_CREATOR_ALL
- ACL:
- /root/eulas
- ACL:
- PUBLIC:
- READ
- AUTHENTICATED_USERS:
- CREATE
- READ
- PUBLIC:
- Default ACL scheme for children: INHERIT_FROM_PARENT
- ACL:
- /root/agreements
- ACL:
- PUBLIC:
- READ
- AUTHENTICATED_USERS:
- CREATE
- READ
- PUBLIC:
- Default ACL scheme for children: INHERIT_FROM_PARENT
- ACL:
Default Folders for each Entity type
When an entity is created without a parent (parentId=null), it will automatically be assigned to one of the bootstrapped folders depending on the type of the entity. These are the default folders for each type:
- project - default to /root
- folder - default to /root
- eula -default to /root/eulas
- agreements - default to /root/agreements
All other entity types must have a parent of the correct type assigned at creation time and will have the INHERIT_FROM_PARENT ACL scheme :
- dataset - can be assigned to a project.
- layer - can be assigned to a dataset
- location - can be assigned to a dataset or a layer
- preview - can be assigned to a layer