# $This file is distributed under the terms of the license in /doc/license.txt$ 

@prefix rdfs: <http://www.w3.org/2000/01/rdf-schema#> .
@prefix auth: <http://vitro.mannlib.cornell.edu/ns/vitro/authorization#> .
@prefix simplePermission: <java:edu.cornell.mannlib.vitro.webapp.auth.permissions.SimplePermission#> .

auth:ADMIN 
    a auth:PermissionSet ;
    rdfs:label "Site Admin" ;
    
    # ADMIN-only permissions
    auth:hasPermission simplePermission:AccessSpecialDataModels ;
    auth:hasPermission simplePermission:ManageMenus ;
    auth:hasPermission simplePermission:ManageProxies ;
    auth:hasPermission simplePermission:ManageSearchIndex ;
    auth:hasPermission simplePermission:ManageUserAccounts ;
    auth:hasPermission simplePermission:RebuildVClassGroupCache ;
    auth:hasPermission simplePermission:RefreshVisualizationCache ;
    auth:hasPermission simplePermission:SeeStartupStatus ;
    auth:hasPermission simplePermission:UseAdvancedDataToolsPages ;
    auth:hasPermission simplePermission:UseMiscellaneousAdminPages ;
    
    # permissions for CURATOR and above.
    auth:hasPermission simplePermission:EditOntology ;
    auth:hasPermission simplePermission:EditSiteInformation ;
    auth:hasPermission simplePermission:ManagePortals ;
    auth:hasPermission simplePermission:ManageTabs ;
    auth:hasPermission simplePermission:SeeVerbosePropertyInformation ;
    auth:hasPermission simplePermission:UseMiscellaneousCuratorPages ;
    
    # permissions for EDITOR and above.
    auth:hasPermission simplePermission:DoBackEndEditing ;
    auth:hasPermission simplePermission:SeeIndividualEditingPanel ;
    auth:hasPermission simplePermission:SeeRevisionInfo ;
    auth:hasPermission simplePermission:SeeSiteAdminPage ;
    auth:hasPermission simplePermission:UseMiscellaneousEditorPages ;

    # permissions for ANY logged-in user.
    auth:hasPermission simplePermission:DoFrontEndEditing ;
    auth:hasPermission simplePermission:EditOwnAccount ;
    auth:hasPermission simplePermission:ManageOwnProxies ;
    auth:hasPermission simplePermission:QueryUserAccountsModel ;
    auth:hasPermission simplePermission:UseBasicAjaxControllers ;
    auth:hasPermission simplePermission:UseMiscellaneousPages ;
    
    # permissions for ANY user, even if they are not logged in.
    auth:hasPermission simplePermission:QueryFullModel ;
    .

auth:CURATOR 
    a auth:PermissionSet ;
    rdfs:label "Curator" ;
    
    # permissions for CURATOR and above.
    auth:hasPermission simplePermission:EditOntology ;
    auth:hasPermission simplePermission:EditSiteInformation ;
    auth:hasPermission simplePermission:ManagePortals ;
    auth:hasPermission simplePermission:ManageTabs ;
    auth:hasPermission simplePermission:SeeVerbosePropertyInformation ;
    auth:hasPermission simplePermission:UseMiscellaneousCuratorPages ;
    
    # permissions for EDITOR and above.
    auth:hasPermission simplePermission:DoBackEndEditing ;
    auth:hasPermission simplePermission:SeeIndividualEditingPanel ;
    auth:hasPermission simplePermission:SeeRevisionInfo ;
    auth:hasPermission simplePermission:SeeSiteAdminPage ;
    auth:hasPermission simplePermission:UseMiscellaneousEditorPages ;

    # permissions for ANY logged-in user.
    auth:hasPermission simplePermission:DoFrontEndEditing ;
    auth:hasPermission simplePermission:EditOwnAccount ;
    auth:hasPermission simplePermission:ManageOwnProxies ;
    auth:hasPermission simplePermission:QueryUserAccountsModel ;
    auth:hasPermission simplePermission:UseBasicAjaxControllers ;
    auth:hasPermission simplePermission:UseMiscellaneousPages ;
    
    # permissions for ANY user, even if they are not logged in.
    auth:hasPermission simplePermission:QueryFullModel ;
    .

auth:EDITOR 
    a auth:PermissionSet ;
    rdfs:label "Editor" ;
    
    # permissions for EDITOR and above.
    auth:hasPermission simplePermission:DoBackEndEditing ;
    auth:hasPermission simplePermission:SeeIndividualEditingPanel ;
    auth:hasPermission simplePermission:SeeRevisionInfo ;
    auth:hasPermission simplePermission:SeeSiteAdminPage ;
    auth:hasPermission simplePermission:UseMiscellaneousEditorPages ;

    # permissions for ANY logged-in user.
    auth:hasPermission simplePermission:DoFrontEndEditing ;
    auth:hasPermission simplePermission:EditOwnAccount ;
    auth:hasPermission simplePermission:ManageOwnProxies ;
    auth:hasPermission simplePermission:QueryUserAccountsModel ;
    auth:hasPermission simplePermission:UseBasicAjaxControllers ;
    auth:hasPermission simplePermission:UseMiscellaneousPages ;
    
    # permissions for ANY user, even if they are not logged in.
    auth:hasPermission simplePermission:QueryFullModel ;
    .

auth:SELF_EDITOR
    a auth:PermissionSet ;
    a auth:PermissionSetForNewUsers ;
    rdfs:label "Self Editor" ;

    # permissions for ANY logged-in user.
    auth:hasPermission simplePermission:DoFrontEndEditing ;
    auth:hasPermission simplePermission:EditOwnAccount ;
    auth:hasPermission simplePermission:ManageOwnProxies ;
    auth:hasPermission simplePermission:QueryUserAccountsModel ;
    auth:hasPermission simplePermission:UseBasicAjaxControllers ;
    auth:hasPermission simplePermission:UseMiscellaneousPages ;
    
    # permissions for ANY user, even if they are not logged in.
    auth:hasPermission simplePermission:QueryFullModel ;
    .

auth:PUBLIC
    a auth:PermissionSet ;
    a auth:PermissionSetForPublic ;
    rdfs:label "Public" ;
    
    # permissions for ANY user, even if they are not logged in.
    auth:hasPermission simplePermission:QueryFullModel ;
    .