Open chicco785 opened 2 years ago
Is your feature request related to a problem? Please describe.
Currently, by implementing the WAC standard profile, anubis supports only RBAC. While not formalized, the specs discuss the possibility to use ODRL to express obligations required to be met by agents prior to accessing a resource cf. authorization-extensions section in WAC spec
We could define the extension as
oc-acl:constraint a rdf:Property; :comment "The information resource to which access is being granted."; :domain acl:Authorization; :label "Has Constraint"@en; rdfs:range [ a owl:Class ; owl:unionOf ( odrl:Constraint odrl:LogicalConstraint ) ; ] .
to allow acl rules to have constraints.
oc-acl:constraint [ odrl:leftOperand ? ; odrl:operator odrl:isA ; odrl:rightOperand ? ]
Describe the solution you'd like A clear and concise description of what you want to happen.
Describe alternatives you've considered A clear and concise description of any alternative solutions or features you've considered.
Additional context Add any other context or screenshots about the feature request here.
the language is documented in https://github.com/orchestracities/anubis-vocabulary
we need to decide in a next release how to implement this in the backend
Is your feature request related to a problem? Please describe.
Currently, by implementing the WAC standard profile, anubis supports only RBAC. While not formalized, the specs discuss the possibility to use ODRL to express obligations required to be met by agents prior to accessing a resource cf. authorization-extensions section in WAC spec
We could define the extension as
to allow acl rules to have constraints.
Describe the solution you'd like A clear and concise description of what you want to happen.
Describe alternatives you've considered A clear and concise description of any alternative solutions or features you've considered.
Additional context Add any other context or screenshots about the feature request here.