Skip to content

Latest commit

 

History

History
85 lines (58 loc) · 4.61 KB

glossary.rst

File metadata and controls

85 lines (58 loc) · 4.61 KB

Glossary

.. glossary::
    :sorted:

    access token
        A string granted by the authorization server used to identify the issuer of a request.
        The access token has to be sent to the resource server every time that the client wants
        to access protected resources.
        This token is sent in ``Authorization`` HTTP header using a ``Bearer`` scheme on each request like this: ``Authorization: Bearer <token>``


    folder
        A folder is a special :term:`object` used to create tree structures. The concept is similar to folders in computer filesystems. In a :term:`project` you may have multiple folder trees, hence multiple root folders. Each folder, that is not a root folder, has one and only one parent folder. Other object types can instead have more than one parent folder (multifiling).


    json api
    JSON API
        `JSON API <http://jsonapi.org/>`_ is a specification for how a client should request that resources be fetched or modified, and how a server should respond to those requests. JSON API is designed to minimize both the number of requests and the amount of data transmitted between clients and servers. This efficiency is achieved without compromising readability, flexibility, or discoverability [cit. from the specification]


    json schema
    JSON Schema
        `JSON Schema <http://json-schema.org/>`_  is a JSON-based format for describing the structure of JSON data. JSON Schema asserts
        what a JSON document must look like, ways to extract information from it, and how to interact with it, ideal for annotating
        existing JSON APIs that would not otherwise have hypermedia controls or be machine-readable [from the `core spec
        <http://json-schema.org/latest/json-schema-core.html>`_]


    jwt
    JWT
        JSON Web Tokens are an open, industry standard `RFC 7519 <https://tools.ietf.org/html/rfc7519>`_
        method for representing claims securely between two parties.

        A JWT is composed by three parts:

        * an **header** containing informations about the token type and algorithm used. It is Base64URL encoded.
        * a **payload** containing informations in the form of claims (informations we want to transmit).
          It is Base64URL encoded.
        * a **signature** used to verify the authenticity of the JWT using a valid algorithm defined by
          `JSON Web Signature (JWS) <https://tools.ietf.org/html/rfc7515>`_
          specification (for example a shared secret `HMAC <https://tools.ietf.org/html/rfc7515#page-36>`_).

        More info `here <http://jwt.io>`_.


    object
        An object in BEdita is the atomic content of your project's data, it could be a core types like a document, an event, an image,
        a video or it could be a custom type defined specifically in your project. Have a look at :ref:`bedita-objects` for
        a detailed overview.


    project
        A project in BEdita is an independent data set consisting mainly of objects, resources and media files; you may think of a
        database with a set of related resources like media files and configurations; each project will expose its own endpoint to applications


    refresh token
        An opaque token issued by the authorization server. It is useful to renew an expired :term:`access token`
        without send the user credentials again.


    resource
        A resource in BEdita is an entity with a fixed and predefined set of attributes that generally maps a single record on a table;
        resources are used to make BEdita internals work and may not be seen or used by an application. Noteworthy examples of resources are `roles`, `applications` and `streams`.
        Have a look at :ref:`bedita-objects` to better understand the difference between `objects` and `resources`.


    role
        A role in RBAC permission model (https://en.wikipedia.org/wiki/Role-based_access_control)
        is used to assign permissions to perform some operations


    stream
        A stream in BEdita is a :term:`resource` that represents a generic uploaded file;
        it may be a local file, reachable via filesystem, or a remote one with its own URI.


    user
        Project users accessing resources with credentials to login; main attributes are username and password or some external
        auth provider identifiers and other profile data like first name, surname, and other contact information;
        each user has usually at least one role, used to grant access on endpoint operations;
        user authentication is not always mandatory, some endpoints may respond to GET anonymous requests,
        but to perform **write** operations a user has to be identified