Default policies
A set of policies can also be set up to be created upon the creation of
a Tenant through a file, which represents a series of default policies for the
root servicepath /
. The file is turtle (ttl) format, representing an RDF
graph.
See this example.
@prefix acl: <http://www.w3.org/ns/auth/acl#> .
@prefix oc-acl: <http://voc.orchestracities.io/oc-acl#> .
@prefix tenant: <https://tenant.url/> .
tenant:policy1 a acl:Authorization ;
acl:agentClass acl:agentClass:Admin ;
acl:default </> ;
acl:accessToClass <entity> ;
acl:mode acl:Control .
tenant:policy2 a acl:Authorization ;
acl:agentClass acl:AuthenticatedAgent ;
acl:default </> ;
acl:accessToClass oc-acl:entity> ;
acl:mode acl:Read .
tenant:policy3 a acl:Authorization ;
acl:agentClass acl:agentClass:Admin ;
acl:default </> ;
acl:accessToClass oc-acl:policy ;
acl:mode acl:Control .
acl:default
indicates that the policies is valid for all resources
contained in the default servicePath /
.
The path to this file can be set using the
DEFAULT_POLICIES_CONFIG_FILE
environment variable.
See Policies for defining new policies dynamically.