fixed type and added mapping between authorization and data conditions

SciCatProject · Nov 2, 2023 · 5500084 · 5500084
1 parent 3212504
commit 5500084
Showing 1 changed file with 16 additions and 1 deletion.
diff --git a/Development/v4.x/backend/authorization/authorization_datasets.md b/Development/v4.x/backend/authorization/authorization_datasets.md
@@ -66,6 +66,21 @@ This is the list of the permissions methods available for datasets and all their
 - DatasetLogbookReadOwner
 - DatasetLogbookReadAny
 
+### Implementation
+How the different level of authorization translates in data condition applied byt he backend.
+- _*_ Public
+  - isPublished = true
+- _*_ Access (condition ar applied in logical _or_)
+  - isPublished = true
+  - ownerGroup is one of the groups that the user belongs
+  - accessGroups are one of the groups that the user belongs
+  - sharedWith contains the user's email
+- _*_ Owner  
+  - ownerGroup is one of the groups that the user belongs
+- _*_ Any  
+  - User can perform the action to any dataset
+
+
 ### Priority
 ```mermaid
 %%{init: {'theme' : 'base', 'themeVariables': { 'fontSize': '11px', 'fontFamily' : 'monospace'}}}%%
@@ -84,7 +99,7 @@ graph LR;
     DatasetUpdate-->DatasetUpdateOwner;
     DatasetUpdateOwner-->DatasetUpdateAny;
     DatasetDelete-->DatasetDeleteOwner;
-    DatasetDeleteOwner-->DatasetDelteAny;
+    DatasetDeleteOwner-->DatasetDeleteAny;
 ```
 
 ### Authorization table