# OpenSSO Authorization
# set ":server: " to disable A&A
:authorization:
  :server: AA
  :free_request: #request-method not controlled by A&A
    - "HEAD"
    - "DELETE"
    - "PUT"
  :authenticate_request: #only for authenticated user
    - ""
  :authorize_request:  #only for authenticated and authorizeduser
    - "GET"
    - "POST"
# Exceptions:
  :free_uris: #request-method for uri not controlled by A&A
    ? - :GET
    : - !ruby/regexp /http:\/\/ESCAPEDSERVERNGINX_PORT\/algorithm/
      - "http://SERVERNAMENGINX_PORT/model"
      - "http://SERVERNAMENGINX_PORT/dataset"
      - "http://SERVERNAMENGINX_PORT/validation"
      - !ruby/regexp /http:\/\/ESCAPEDSERVERNGINX_PORT\/validation\/resources/
      - !ruby/regexp /http:\/\/ESCAPEDSERVERNGINX_PORT\/validation\/[a-z,A-Z,\/,_\-]*$/
    ? - :GET
      - :POST
    : - !ruby/regexp /http:\/\/ESCAPEDSERVERNGINX_PORT\/toxcreate\/[a-z,A-Z,\/,_\-]*$/
      - !ruby/regexp /http:\/\/ESCAPEDSERVERNGINX_PORT\/task/
      - !ruby/regexp /http:\/\/ESCAPEDSERVERNGINX_PORT\/compound/
      - !ruby/regexp /sign_(in|out)$/
    ? - :PUT
    : - !ruby/regexp /http:\/\/ESCAPEDSERVERNGINX_PORT\/task/
    ? - :DELETE
    : - "http://SERVERNAMENGINX_PORT/task/cleanup"

  :authorize_exceptions: #request-method for uri only authenticated, no authorization
    ? - :POST
    : - !ruby/regexp /http:\/\/ESCAPEDSERVERNGINX_PORT\/algorithm/
      - "http://SERVERNAMENGINX_PORT/dataset"
      - "http://SERVERNAMENGINX_PORT/model"
      - "http://SERVERNAMENGINX_PORT/validation"
      - !ruby/regexp /http\:\/\/ESCAPEDSERVERNGINX_PORT\/validation\/[a-z,A-Z,\/,_\-]*$/