diff --git a/docs/images/deposit-authentication-basic.uml b/docs/images/deposit-authentication-basic.uml --- a/docs/images/deposit-authentication-basic.uml +++ b/docs/images/deposit-authentication-basic.uml @@ -1,7 +1,7 @@ @startuml participant CLIENT as "SWORD client\n(eg. HAL)" participant DEPOSIT as "swh-deposit" -participant AUTH_BACKEND as "deposit storage" +participant AUTH_BACKEND as "deposit database" activate CLIENT activate DEPOSIT diff --git a/docs/images/deposit-create-chart.uml b/docs/images/deposit-create-chart.uml --- a/docs/images/deposit-create-chart.uml +++ b/docs/images/deposit-create-chart.uml @@ -1,26 +1,26 @@ @startuml participant CLIENT as "SWORD client\n(eg. HAL)" participant DEPOSIT as "swh-deposit" - participant DEPOSIT_STORAGE as "deposit storage" + participant DEPOSIT_DATABASE as "deposit database" activate CLIENT activate DEPOSIT - activate DEPOSIT_STORAGE + activate DEPOSIT_DATABASE CLIENT ->> DEPOSIT: GET /1// - DEPOSIT ->> DEPOSIT_STORAGE: check authentication - DEPOSIT_STORAGE -->> DEPOSIT: return ok (if client exists and credentials ok) + DEPOSIT ->> DEPOSIT_DATABASE: check authentication + DEPOSIT_DATABASE -->> DEPOSIT: return ok (if client exists and credentials ok) DEPOSIT -->> CLIENT: return 200, CLIENT ->> DEPOSIT: POST /1// - DEPOSIT ->> DEPOSIT_STORAGE: check authentication - DEPOSIT_STORAGE -->> DEPOSIT: return ok (if client exists and credentials ok) + DEPOSIT ->> DEPOSIT_DATABASE: check authentication + DEPOSIT_DATABASE -->> DEPOSIT: return ok (if client exists and credentials ok) - DEPOSIT ->> DEPOSIT_STORAGE: create new deposit - DEPOSIT_STORAGE -->> DEPOSIT: return deposit_id + DEPOSIT ->> DEPOSIT_DATABASE: create new deposit + DEPOSIT_DATABASE -->> DEPOSIT: return deposit_id DEPOSIT -->> CLIENT: return 201, @enduml diff --git a/docs/images/deposit-delete-chart.uml b/docs/images/deposit-delete-chart.uml --- a/docs/images/deposit-delete-chart.uml +++ b/docs/images/deposit-delete-chart.uml @@ -1,33 +1,33 @@ @startuml participant CLIENT as "SWORD client\n(eg. HAL)" participant DEPOSIT as "swh-deposit" - participant DEPOSIT_STORAGE as "deposit storage" + participant DEPOSIT_DATABASE as "deposit database" activate CLIENT activate DEPOSIT - activate DEPOSIT_STORAGE + activate DEPOSIT_DATABASE CLIENT ->> DEPOSIT: POST /1//\nHEADER In-Progress: true - DEPOSIT ->> DEPOSIT_STORAGE: check authentication - DEPOSIT_STORAGE -->> DEPOSIT: return ok (if client exists and credentials ok) + DEPOSIT ->> DEPOSIT_DATABASE: check authentication + DEPOSIT_DATABASE -->> DEPOSIT: return ok (if client exists and credentials ok) DEPOSIT -->> CLIENT: return 201, CLIENT -> DEPOSIT: DELETE /1///media/\nDELETE /1///metadata/ - DEPOSIT ->> DEPOSIT_STORAGE: check authentication - DEPOSIT_STORAGE -->> DEPOSIT: return ok + DEPOSIT ->> DEPOSIT_DATABASE: check authentication + DEPOSIT_DATABASE -->> DEPOSIT: return ok - DEPOSIT ->> DEPOSIT_STORAGE: check inputs() + DEPOSIT ->> DEPOSIT_DATABASE: check inputs() alt status is 'partial' - DEPOSIT_STORAGE -->> DEPOSIT: return ok - DEPOSIT ->> DEPOSIT_STORAGE: delete-deposit-or-deposit-archives() - DEPOSIT_STORAGE -->> DEPOSIT: return ok + DEPOSIT_DATABASE -->> DEPOSIT: return ok + DEPOSIT ->> DEPOSIT_DATABASE: delete-deposit-or-deposit-archives() + DEPOSIT_DATABASE -->> DEPOSIT: return ok DEPOSIT -->> CLIENT: return 204 else status is not 'partial' - DEPOSIT_STORAGE -->> DEPOSIT: return ko + DEPOSIT_DATABASE -->> DEPOSIT: return ko DEPOSIT -->> CLIENT: return 400, "You can only act on deposit with status partial" end @enduml diff --git a/docs/images/deposit-update-chart.uml b/docs/images/deposit-update-chart.uml --- a/docs/images/deposit-update-chart.uml +++ b/docs/images/deposit-update-chart.uml @@ -1,38 +1,38 @@ @startuml participant CLIENT as "SWORD client\n(eg. HAL)" participant DEPOSIT as "swh-deposit" - participant DEPOSIT_STORAGE as "deposit storage" + participant DEPOSIT_DATABASE as "deposit database" activate CLIENT activate DEPOSIT - activate DEPOSIT_STORAGE + activate DEPOSIT_DATABASE CLIENT ->> DEPOSIT: POST /1//\nHEADER In-Progress: true - DEPOSIT ->> DEPOSIT_STORAGE: check authentication - DEPOSIT_STORAGE -->> DEPOSIT: return ok (if client exists and credentials ok) + DEPOSIT ->> DEPOSIT_DATABASE: check authentication + DEPOSIT_DATABASE -->> DEPOSIT: return ok (if client exists and credentials ok) DEPOSIT -->> CLIENT: return 201, CLIENT -> DEPOSIT: POST/PUT /1///media/\nPOST/PUT /1///metadata/ - DEPOSIT ->> DEPOSIT_STORAGE: check authentication - DEPOSIT_STORAGE -->> DEPOSIT: return ok + DEPOSIT ->> DEPOSIT_DATABASE: check authentication + DEPOSIT_DATABASE -->> DEPOSIT: return ok - DEPOSIT ->> DEPOSIT_STORAGE: check inputs() + DEPOSIT ->> DEPOSIT_DATABASE: check inputs() alt status is 'partial' - DEPOSIT_STORAGE -->> DEPOSIT: return ok + DEPOSIT_DATABASE -->> DEPOSIT: return ok alt HEADER: In-Progress = true - DEPOSIT ->> DEPOSIT_STORAGE: add-or-replace-data-and-update-status('partial') + DEPOSIT ->> DEPOSIT_DATABASE: add-or-replace-data-and-update-status('partial') else HEADER: In-Progress = false - DEPOSIT ->> DEPOSIT_STORAGE: add-or-replace-data-and-update-status('deposited') + DEPOSIT ->> DEPOSIT_DATABASE: add-or-replace-data-and-update-status('deposited') end - DEPOSIT_STORAGE -->> DEPOSIT: return ok + DEPOSIT_DATABASE -->> DEPOSIT: return ok DEPOSIT -->> CLIENT: return 204 else status is not partial - DEPOSIT_STORAGE -->> DEPOSIT: return ko + DEPOSIT_DATABASE -->> DEPOSIT: return ko DEPOSIT -->> CLIENT: return 400, "You can only act on deposit with status partial" end diff --git a/docs/internals/authentication.rst b/docs/internals/authentication.rst --- a/docs/internals/authentication.rst +++ b/docs/internals/authentication.rst @@ -11,8 +11,8 @@ ----- The first implementation uses `basic authentication -`_. The deposit storage backend has the -responsibility to check the authentication credentials sent by the deposit client. If +`_. The deposit server checks +the authentication credentials sent by the deposit client using its own database. If authorized, the deposit client is allowed to continue its deposit. Otherwise, a 401 response is returned to the client.