Skip to content

Commit 1fc2b83

Browse files
tw4ltw4l
committed
Add docs for newer and older in ACL rules
1 parent ebd63cd commit 1fc2b83

File tree

1 file changed

+22
-4
lines changed

1 file changed

+22
-4
lines changed

docs/manual/access-control.rst

Lines changed: 22 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -95,7 +95,7 @@ An .aclj file may look as follows::
9595

9696
Each JSON entry contains an ``access`` field and the original ``url`` field that was used to convert to the SURT (if any).
9797

98-
The JSON entry may also contain ``user``, ``before``, and ``after`` fields, as explained below.
98+
The JSON entry may also contain ``user``, ``before``, ``after``, ``newer``, and ``older`` fields, as explained in the sections below.
9999

100100
The prefix consists of a SURT key and a ``-`` (currently reserved for a timestamp/date range field to be added later).
101101

@@ -166,10 +166,10 @@ Further examples of how to set this header will be provided in the deployments s
166166
See the :ref:`config-acl-header` section in Usage for examples on how to configure this header.
167167

168168

169-
Date-Based Access Controls
170-
^^^^^^^^^^^^^^^^^^^^^^^^^^
169+
Date-Based Access Controls: Before/After Exact Date
170+
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
171171

172-
The access control rules can further be customized be specifying different permissions based on capture timestamp, using ``before`` and ``after`` fields that operate in the same manner as their embargo counterparts for a specific URL or domain.
172+
It is also possible to control access based on capture timestamp, using ``before`` and ``after`` fields to specify an exact timestamp.
173173

174174
For example, the following access control settings restrict access to ``https://example.com/restricted/`` by default, but allow access for captures prior to December 1, 2010::
175175

@@ -183,6 +183,24 @@ Combined with the embargo settings, this can also be used to override the embarg
183183
com,example)/restricted - {"access": "allow"}
184184

185185

186+
Date-Based Access Controls: Time Interval
187+
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
188+
189+
Access can also be controlled by specifying a relative time interval, similar to embargos.
190+
191+
For example, the following access control settings restrict access to ``https://example.com/restricted/`` by default, but allow access to all captures newer than 1 year::
192+
193+
com,example)/restricted - {"access": "allow", "older": {"years": 1}}
194+
com,example)/restricted - {"access": "block"}
195+
196+
The following access control settings restrict access to ``https://example.com/restricted/`` by default, but allow access to all captures older than 1 year, 2 months, 3 weeks, and 4 days::
197+
198+
com,example)/restricted - {"access": "allow", "older": {"years": 1}, "months": 2, "weeks": 3, "days": 4}
199+
com,example)/restricted - {"access": "block"}
200+
201+
Any combination of years, months, weeks and days can be used (as long as at least one is provided) for the ``newer`` or ``older`` access control settings.
202+
203+
186204
Access Error Messages
187205
^^^^^^^^^^^^^^^^^^^^^
188206

0 commit comments

Comments
 (0)