From 5500084e800db59f15db94b660ac81a8371fc062 Mon Sep 17 00:00:00 2001
From: Max Novelli <max.novelli@ess.eu>
Date: Thu, 2 Nov 2023 17:24:05 +0100
Subject: [PATCH] fixed type and added mapping between authorization and data
 conditions

---
 .../authorization/authorization_datasets.md     | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

diff --git a/Development/v4.x/backend/authorization/authorization_datasets.md b/Development/v4.x/backend/authorization/authorization_datasets.md
index 08786d97..23fa3312 100644
--- a/Development/v4.x/backend/authorization/authorization_datasets.md
+++ b/Development/v4.x/backend/authorization/authorization_datasets.md
@@ -66,6 +66,21 @@ This is the list of the permissions methods available for datasets and all their
 - DatasetLogbookReadOwner
 - DatasetLogbookReadAny
 
+### Implementation
+How the different level of authorization translates in data condition applied byt he backend.
+- _*_ Public
+  - isPublished = true
+- _*_ Access (condition ar applied in logical _or_)
+  - isPublished = true
+  - ownerGroup is one of the groups that the user belongs
+  - accessGroups are one of the groups that the user belongs
+  - sharedWith contains the user's email
+- _*_ Owner  
+  - ownerGroup is one of the groups that the user belongs
+- _*_ Any  
+  - User can perform the action to any dataset
+
+
 ### Priority
 ```mermaid
 %%{init: {'theme' : 'base', 'themeVariables': { 'fontSize': '11px', 'fontFamily' : 'monospace'}}}%%
@@ -84,7 +99,7 @@ graph LR;
     DatasetUpdate-->DatasetUpdateOwner;
     DatasetUpdateOwner-->DatasetUpdateAny;
     DatasetDelete-->DatasetDeleteOwner;
-    DatasetDeleteOwner-->DatasetDelteAny;
+    DatasetDeleteOwner-->DatasetDeleteAny;
 ```
 
 ### Authorization table