On 1/18/2011 5:27 PM, Michael McIntosh wrote:
> Are there any samples showing how the Graph Access Controls are supposed
> to work?
There are examples of various aspects of using the Anzo API in the
org.openanzo.client.sample project. They are Java examples but almost
all of the concepts translate directly to the Anzo JavaScript API. See
http://svn.openanzo.org/svn/openanzo/openanzo/trunk/org.openanzo.client.sample/
However, the example for access control there isn't very deep. I've
attached an example that goes into more detail to demonstrate and
explain the access control system. The biggest differences when doing a
similar example in JavaScript are the constants such as the
EVERYONE_ROLE, canBeReadBy predicate, etc. Also, in JavaScript many of
the methods used in the example are asynchronous and you'll need to
supply callbacks.
One gotcha that you may possibly be running into is that, in Anzo, you
can configure any user as a 'sysadmin'. If the user is in the group that
denotes them as a sysadmin, then they can do anything they want to any
graph in Anzo. This is sort of like the unix 'root' idea. In the default
configuration for users that is included with Open Anzo, many of the
users there are marked as sysadmins. The only two that aren't are:
'default' and 'defaultNoRights'. If you are using some of the others
like 'tom', 'melissa', etc. you wouldn't see any effect from the access
control statements, since they always have full access no matter what.
> Is the implementation dependent on the DB used?
No. The access control behavior is completely independent of the DB used.
--
Jordi Albornoz Mulligan
Founding Engineer - Cambridge Semantics
jo...@cambridgesemantics.com
(617) 401-7321
--
You received this message because you are currently subscribed to the "OpenAnzo" group.
To post to this group, send email to open...@googlegroups.com
To unsubscribe from this group, send email to openanzo-u...@googlegroups.com
For more options, visit this group at http://groups.google.com/group/openanzo?hl=en