# Access Control - Preparing Resources
This and the following notebooks introduces Access Control Policies and how to work with access control. 

This first notebook will create the necessary resources for the exercises in the following notebooks. 

- Register a first Application Entity : "aeAlice"
- CREATE a \<container> under the \<AE> "aeAlice"
- Register a second Application Entity : "aeBob"


## Intitialization
<div class="alert alert-block alert-info" style="border-radius: 10px;">
The following section imports and initializes necessary functions and configurations. 
It must be executed once for each notebook before running any of cells.</div>

In [None]:
%run ../src/init.py

## Register a first Application Entity : "aeAlice"

Here we register one Application Entity that will represent the first application. It will have the originator *CAlice*.

In [None]:
CREATE (                                  # CREATE request
    target                  = cseRN,      # Create the new <AE> under the CSEBase
    originator              = 'CAlice',   # Request's originator (mandatory)
    requestIdentifier       = '123',      # Request identifier (mandatory)
    releaseVersionIndicator = '3',        # Request's release version indicator (mandatory)
    resourceType            = tyAE,       # The request creates an <AE> resource
    
    # Request Content
    content = {
        'm2m:ae': {
            'rn': 'aeAlice',              # The first resource is named 'aeAlice'
            'api': 'NnbAcp1',             # An arbitrary App-ID
            'rr': False,                  # No need for request reachability
            'srv': [ '3' ]                # Supported release version is 3
        }
    }
)

## CREATE a Container under the \<AE> *aeAlice*

For the exercise we will create a \<container> resource under the \<AE> resource *aeAlice*. 

We will use the Originator the *AE-ID* "CAlice". "CAlice" is the creator of the \<AE> resource  and, without any other access control mechanisms in place, has all access rights for it.

<div class="alert alert-block alert-success" style="border-radius: 10px">
When no other access control mechanism is in place, then the creator of a resource has all access rights to that resource.
</div>

In [None]:
CREATE (                                           # CREATE request
    target                  = f'{cseRN}/aeAlice',  # Create the <container> under aeAlice
    originator              = 'CAlice',            # Request's originator (mandatory)
    requestIdentifier       = '123',               # Request identifier (mandatory)
    releaseVersionIndicator = '3',                 # Request's release version indicator (mandatory)
    resourceType            = tyContainer,         # The request creates an <container> resource

    # Request Content
    content = {
        'm2m:cnt': {
            'rn': 'container'
        }
    }
)

## Register a second Application Entity : "aeBob"

Here we register a second Application Entity that will represent the second application. It will have the originator *CBob*.

In [None]:
CREATE (                                # CREATE request
    target                  = cseRN,    # Create the new <AE> under the CSEBase
    originator              = 'CBob',   # Request's originator (mandatory)
    requestIdentifier       = '123',    # Request identifier (mandatory)
    releaseVersionIndicator = '3',      # Request's release version indicator (mandatory)
    resourceType            = tyAE,     # The request creates an <AE> resource
    
    # Request Content
    content = {
        'm2m:ae': {
            'rn': 'aeBob',              # The first resource is named 'aeBob'
            'api': 'NnbAcp2',           # An arbitrary App-ID
            'rr': False,                # No need for request reachability
            'srv': [ '3' ]              # Supported release version is 3
        }
    }
)

&nbsp;