@inrupt/solid-client / acp/rule

Module: acp/rule

Type aliases

ResourceRule

Ƭ ResourceRule: ThingPersisted

A ResourceRule is like a Rule, but applied to a ResourcePolicy and therefore not re-used across different Resources, but only used for a single Resource and stored in that Resource’s Access Control Resource.

since 1.6.0


Rule

Ƭ Rule: ThingPersisted

A Rule can be applied to a Policy to determine under what circumstances that Policy is applied to a Resource.

since 1.6.0

Functions

addAgent

addAgent(rule, agent): Rule

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Apply the Rule to an additional agent.

since 1.6.0

Parameters

Name

Type

Description

rule

Rule

The Rule to be applied to an additional agent.

agent

WebId

The agent the Rule should apply to.

Returns

Rule

A copy of the Rule, applying to an additional agent.


addAllOfRuleUrl

addAllOfRuleUrl<P>(policy, rule): P

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Add a rule that refines the scope of a given the Policy. If an agent requesting access to a resource is not present in any of the “All Of” rules, they will not be granted access.

Also see addAnyOfRuleUrl and addNoneOfRuleUrl.

since 1.6.0

Type parameters

Name

Type

P

P: ThingPersisted

Parameters

Name

Type

Description

policy

P

The Policy to which the rule should be added.

rule

Rule | Url | UrlString

The rule to add to the policy.

Returns

P

A new Policy clone of the original one, with the new rule added.


addAnyOfRuleUrl

addAnyOfRuleUrl<P>(policy, rule): P

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Add a rule that extends the scope of a given the Policy. If an agent requesting access to a resource is present in any of the “Any Of” rules, they will be granted access.

Also see addAllOfRuleUrl and addNoneOfRuleUrl.

since 1.6.0

Type parameters

Name

Type

P

P: ThingPersisted

Parameters

Name

Type

Description

policy

P

The Policy to which the rule should be added.

rule

Rule | Url | UrlString

The rule to add to the policy.

Returns

P

A new Policy clone of the original one, with the new rule added.


addClient

addClient(rule, client): Rule

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Apply the Rule to an additional Client.

since 1.6.0

Parameters

Name

Type

Description

rule

Rule

The Rule to be applied to an additional Client.

client

WebId

The Client the Rule should apply to.

Returns

Rule

A copy of the Rule, applying to an additional Client.


addGroup

addGroup(rule, group): Rule

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Apply the Rule to an additional group.

since 1.6.0

Parameters

Name

Type

Description

rule

Rule

The Rule to be applied to an additional group.

group

UrlString

-

Returns

Rule

A copy of the Rule, applying to an additional group.


addNoneOfRuleUrl

addNoneOfRuleUrl<P>(policy, rule): P

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Add a rule that restricts the scope of a given the Policy. If an agent requesting access to a resource is present in any of the forbidden rules, they will not be granted access.

Also see addAllOfRuleUrl and addAnyOfRuleUrl.

since 1.6.0

Type parameters

Name

Type

P

P: ThingPersisted

Parameters

Name

Type

Description

policy

P

The Policy to which the rule should be added.

rule

Rule | Url | UrlString

The rule to add to the policy.

Returns

P

A new Policy clone of the original one, with the new rule added.


createResourceRuleFor

createResourceRuleFor(resourceWithAcr, name): ResourceRule

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Initialise a new, empty ResourceRule for the given Resource.

since 1.6.0

Parameters

Name

Type

Description

resourceWithAcr

WithAccessibleAcr

The Resource to which the new Rule is to apply.

name

string

Name that identifies this Rule.

Returns

ResourceRule


createRule

createRule(url): Rule

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Initialise a new, empty Rule.

since 1.6.0

Parameters

Name

Type

Description

url

Url | UrlString

URL that identifies this Rule.

Returns

Rule


getAgentAll

getAgentAll(rule): WebId[]

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

List all the agents a Rule applies directly to. This will not include agents that are part of a group the Rule applies to, nor will it include specific agent classes, such as authenticated or public agents.

since 1.6.0

Parameters

Name

Type

Description

rule

Rule

The rule from which agents are read.

Returns

WebId[]

A list of the WebIDs of agents included in the rule.


getAllOfRuleUrlAll

getAllOfRuleUrlAll<P>(policy): UrlString[]

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Get the “All Of” Rules for the given Policy

since 1.6.0

Type parameters

Name

Type

P

P: ThingPersisted

Parameters

Name

Type

Description

policy

P

The [[policy]] from which the rules should be read.

Returns

UrlString[]

A list of the “All Of” Rules


getAnyOfRuleUrlAll

getAnyOfRuleUrlAll<P>(policy): UrlString[]

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Get the “Any Of” Rules for the given Policy

since 1.6.0

Type parameters

Name

Type

P

P: ThingPersisted

Parameters

Name

Type

Description

policy

P

The [[policy]] from which the rules should be read.

Returns

UrlString[]

A list of the “Any Of” Rules


getClientAll

getClientAll(rule): WebId[]

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

List all the clients a Rule applies directly to. This will not include specific client classes, such as public clients.

since 1.6.0

Parameters

Name

Type

Description

rule

Rule

The rule from which clients are read.

Returns

WebId[]

A list of the WebIDs of clients included in the rule.


getGroupAll

getGroupAll(rule): UrlString[]

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Lists all the groups a Rule applies to.

since 1.6.0

Parameters

Name

Type

Description

rule

Rule

The rule from which groups are read.

Returns

UrlString[]

A list of the [[URL]]’s of groups included in the rule.


getNoneOfRuleUrlAll

getNoneOfRuleUrlAll<P>(policy): UrlString[]

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Get the “None Of” Rules for the given Policy

since 1.6.0

Type parameters

Name

Type

P

P: ThingPersisted

Parameters

Name

Type

Description

policy

P

The [[policy]] from which the rules should be read.

Returns

UrlString[]

A list of the forbidden Rules


getResourceRule

getResourceRule(resourceWithAcr, name): ResourceRule | null

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Get the ResourceRule with the given name from an Resource’s Access Control Resource.

since 1.6.0

Parameters

Name

Type

Description

resourceWithAcr

WithAccessibleAcr

The Resource whose Access Control Resource contains the given ResourceRule.

name

string

Name that identifies this ResourceRule.

Returns

ResourceRule | null

The requested ResourceRule, if it exists, or null if it does not.


getResourceRuleAll

getResourceRuleAll(resourceWithAcr): ResourceRule[]

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Gets the ResourceRules from a Resource’s Access Control Resource.

since 1.6.0

Parameters

Name

Type

Description

resourceWithAcr

WithAccessibleAcr

The Resource whose Access Control Resource contains (zero or more) ResourceRules.

Returns

ResourceRule[]

The ResourceRules contained in this Resource’s Access Control Resource.


getRule

getRule(ruleResource, url): Rule | null

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Get the Rule with the given URL from an SolidDataset.

since 1.6.0

Parameters

Name

Type

Description

ruleResource

SolidDataset

The Resource that contains the given Rule.

url

Url | UrlString

URL that identifies this Rule.

Returns

Rule | null

The requested Rule, if it exists, or null if it does not.


getRuleAll

getRuleAll(ruleResource): Rule[]

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Gets the Rules from a SolidDataset.

since 1.6.0

Parameters

Name

Type

Description

ruleResource

SolidDataset

The Resource that contains (zero or more) Rules.

Returns

Rule[]

The Rules contained in this resource.


hasAnyClient

hasAnyClient(rule): boolean

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Check if the rule applies to any client, i.e. all the applications regardless of their identifier.

since 1.6.0

Parameters

Name

Type

Description

rule

Rule

The rule checked for authenticated access.

Returns

boolean

Whether the rule applies to public clients.


hasAuthenticated

hasAuthenticated(rule): boolean

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Check if the rule applies to any authenticated agent.

status 1.6.0

Parameters

Name

Type

Description

rule

Rule

The rule checked for authenticated access.

Returns

boolean

Whether the rule applies to any authenticated agent or not.


hasCreator

hasCreator(rule): boolean

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Check if the rule applies to the creator of the Resource.

status 1.6.0

Parameters

Name

Type

Description

rule

Rule

The rule checked for authenticated access.

Returns

boolean

Whether the rule applies to the creator of the Resource or not.


hasPublic

hasPublic(rule): boolean

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Check if the rule applies to any agent.

status 1.6.0

Parameters

Name

Type

Description

rule

Rule

The rule checked for public access.

Returns

boolean

Whether the rule applies to any agent or not.


removeAgent

removeAgent(rule, agent): Rule

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Prevent the Rule from applying to a given agent directly. This will not remove the agent from any groups the rule applies to.

since 1.6.0

Parameters

Name

Type

Description

rule

Rule

The Rule that should no longer apply to a given agent.

agent

WebId

The agent the rule should no longer apply to.

Returns

Rule

A copy of the rule, not applying to the given agent.


removeAllOfRuleUrl

removeAllOfRuleUrl<P>(policy, rule): P

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Removes a rule that refines the scope of a given the Policy. If an agent requesting access to a resource is not present in any of the “All Of” rules, they will not be granted access.

since 1.6.0

Type parameters

Name

Type

P

P: ThingPersisted

Parameters

Name

Type

Description

policy

P

The Policy from which the rule should be removed.

rule

Rule | Url | UrlString

The rule to remove from the policy.

Returns

P

A new Policy clone of the original one, with the rule removed.


removeAnyClient

removeAnyClient(rule): Rule

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Make the Rule no longer apply to any client application.

since 1.6.0

Parameters

Name

Type

Description

rule

Rule

The rule for which clients are set.

Returns

Rule

A copy of the rule, updated to no longer apply to any client


removeAnyOfRuleUrl

removeAnyOfRuleUrl<P>(policy, rule): P

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Removes a rule that extends the scope of a given the Policy. If an agent requesting access to a resource is present in any of the “Any Of” rules, they will be granted access.

since 1.6.0

Type parameters

Name

Type

P

P: ThingPersisted

Parameters

Name

Type

Description

policy

P

The Policy from which the rule should be removed.

rule

Rule | Url | UrlString

The rule to remove from the policy.

Returns

P

A new Policy clone of the original one, with the rule removed.


removeAuthenticated

removeAuthenticated(rule): Rule

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Set a Rule to no longer apply to any authenticated Agent.

status 1.6.0

Parameters

Name

Type

Description

rule

Rule

The rule being modified.

Returns

Rule

A copy of the rule, updated to apply/not apply to any authenticated agent.


removeClient

removeClient(rule, client): Rule

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Prevent the Rule from applying to a given Client directly.

since 1.6.0

Parameters

Name

Type

Description

rule

Rule

The Rule that should no longer apply to a given Client.

client

WebId

The Client the rule should no longer apply to.

Returns

Rule

A copy of the rule, not applying to the given Client.


removeCreator

removeCreator(rule): Rule

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Set a Rule to no longer apply to the creator of a Resource.

status 1.6.0

Parameters

Name

Type

Description

rule

Rule

The rule being modified.

Returns

Rule

A copy of the rule, updated to apply/not apply to the creator of a Resource.


removeGroup

removeGroup(rule, group): Rule

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Prevent the Rule from applying to a given group.

since 1.6.0

Parameters

Name

Type

Description

rule

Rule

The Rule that should no longer apply to a given group.

group

UrlString

-

Returns

Rule

A copy of the rule, not applying to the given group.


removeNoneOfRuleUrl

removeNoneOfRuleUrl<P>(policy, rule): P

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Removes a rule that restricts the scope of a given the Policy. If an agent requesting access to a resource is present in any of the forbidden rules, they will not be granted access.

since 1.6.0

Type parameters

Name

Type

P

P: ThingPersisted

Parameters

Name

Type

Description

policy

P

The Policy from which the rule should be removed.

rule

Rule | Url | UrlString

The rule to remove from the policy.

Returns

P

A new Policy clone of the original one, with the rule removed.


removePublic

removePublic(rule): Rule

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Set a Rule to no longer apply to any Agent.

status 1.6.0

Parameters

Name

Type

Description

rule

Rule

The rule being modified.

Returns

Rule

A copy of the rule, updated to no longer apply to any agent.


removeResourceRule

removeResourceRule<ResourceExt>(resourceWithAcr, rule): ResourceExt

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Removes the given ResourceRule from the given Resource’s Access Control Resource.

since 1.6.0

Type parameters

Name

Type

ResourceExt

ResourceExt: WithAccessibleAcr

Parameters

Name

Type

Description

resourceWithAcr

ResourceExt

The Resource whose Access Control Resource contains (zero or more) ResourceRules.

rule

string | Url | UrlString | ResourceRule

-

Returns

ResourceExt

A new Resource equal to the given Resource, but without the given Rule in its ACR.


removeRule

removeRule<Dataset>(ruleResource, rule): Dataset

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Removes the given Rule from the given SolidDataset.

since 1.6.0

Type parameters

Name

Type

Dataset

Dataset: Readonly<Object>

Parameters

Name

Type

Description

ruleResource

Dataset

The Resource that contains (zero or more) Rules.

rule

Url | UrlString | Rule

-

Returns

Dataset

A new SolidDataset equal to the given Rule Resource, but without the given Rule.


ruleAsMarkdown

ruleAsMarkdown(rule): string

Gets a human-readable representation of the given Rule to aid debugging.

Note that changes to the exact format of the return value are not considered a breaking change; it is intended to aid in debugging, not as a serialisation method that can be reliably parsed.

since 1.6.0

Parameters

Name

Type

Description

rule

Rule

The Rule to get a human-readable representation of.

Returns

string


setAgent

setAgent(rule, agent): Rule

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Overwrite the agents the Rule applies to with the provided agents.

since 1.6.0

Parameters

Name

Type

Description

rule

Rule

The rule for which agents are set.

agent

WebId

The agent the rule should apply to.

Returns

Rule

A copy of the input rule, applying to a different set of agents.


setAllOfRuleUrl

setAllOfRuleUrl<P>(policy, rule): P

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Overwrites the rule refining the scope of a given the Policy. If an agent requesting access to a resource is not present in any of the “All Of” rules, they will not be granted access.

since 1.6.0

Type parameters

Name

Type

P

P: ThingPersisted

Parameters

Name

Type

Description

policy

P

The Policy to which the rule should be added.

rule

Rule | Url | UrlString

-

Returns

P

A new Policy clone of the original one, with the “All Of” rules replaced.


setAnyClient

setAnyClient(rule): Rule

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Make the Rule apply to any client application.

since 1.6.0

Parameters

Name

Type

Description

rule

Rule

The rule for which clients are set.

Returns

Rule

A copy of the rule, updated to apply to any client


setAnyOfRuleUrl

setAnyOfRuleUrl<P>(policy, rule): P

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Overwrite the rule extending the scope of a given the Policy. If an agent requesting access to a resource is present in any of the “Any Of” rules, they will be granted access.

since 1.6.0

Type parameters

Name

Type

P

P: ThingPersisted

Parameters

Name

Type

Description

policy

P

The Policy to which the rule should be added.

rule

Rule | Url | UrlString

-

Returns

P

A new Policy clone of the original one, with the “Any Of” rules replaced.


setAuthenticated

setAuthenticated(rule): Rule

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Set a Rule to apply to any authenticated Agent.

status 1.6.0

Parameters

Name

Type

Description

rule

Rule

The rule being modified.

Returns

Rule

A copy of the rule, updated to apply to any authenticated Agent.


setClient

setClient(rule, client): Rule

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Overwrite the clients the Rule applies to with the provided Client.

since 1.6.0

Parameters

Name

Type

Description

rule

Rule

The rule for which clients are set.

client

WebId

The Client the rule should apply to.

Returns

Rule

A copy of the input rule, applying to a different set of Clients.


setCreator

setCreator(rule): Rule

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Set a Rule to apply to the creator of a Resource.

status 1.6.0

Parameters

Name

Type

Description

rule

Rule

The rule being modified.

Returns

Rule

A copy of the rule, updated to apply to the creator of a Resource.


setGroup

setGroup(rule, group): Rule

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Overwrite the groups the Rule applies to with the provided groups.

since 1.6.0

Parameters

Name

Type

Description

rule

Rule

The rule for which groups are set.

group

UrlString

The group the rule should apply to.

Returns

Rule

A copy of the input rule, applying to a different set of groups.


setNoneOfRuleUrl

setNoneOfRuleUrl<P>(policy, rule): P

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Set the rules restrincting the scope of a given the Policy. If an agent requesting access to a resource is present in any of the “None Of” rules, they will not be granted access.

since 1.6.0

Type parameters

Name

Type

P

P: ThingPersisted

Parameters

Name

Type

Description

policy

P

The Policy to which the rule should be added.

rule

Rule | Url | UrlString

-

Returns

P

A new Policy clone of the original one, with the “Any Of” rules replaced.


setPublic

setPublic(rule): Rule

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Set a Rule to apply to any Agent.

status 1.6.0

Parameters

Name

Type

Description

rule

Rule

The rule being modified.

Returns

Rule

A copy of the rule, updated to apply to any agent.


setResourceRule

setResourceRule<ResourceExt>(resourceWithAcr, rule): ResourceExt

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Insert the given ResourceRule into the given Resource’s Access Control Resource, replacing previous instances of that Rule.

since 1.6.0

Type parameters

Name

Type

ResourceExt

ResourceExt: WithAccessibleAcr

Parameters

Name

Type

Description

resourceWithAcr

ResourceExt

The Resource whose Access Control Resource contains (zero or more) ResourceRules.

rule

ResourceRule

-

Returns

ResourceExt

A new Resource equal to the given Resource, but with the given Rule in its ACR.


setRule

setRule<Dataset>(ruleResource, rule): Dataset

Note

There is no Access Control Policies specification yet. As such, this function is still experimental and subject to change, even in a non-major release.

Insert the given Rule into the given SolidDataset, replacing previous instances of that Rule.

since 1.6.0

Type parameters

Name

Type

Dataset

Dataset: Readonly<Object>

Parameters

Name

Type

Description

ruleResource

Dataset

The Resource that contains (zero or more) Rules.

rule

Rule

-

Returns

Dataset

A new SolidDataset equal to the given Rule Resource, but with the given Rule.