(((meta (@ (content . "API: Encoding of Zettel Access Rights") (name . "title"))) (meta (@ (content . "manual") (name . "role"))) (meta (@ (content . "#api #manual #reference #zettelstore") (name . "tags"))) (meta (@ (content . "zmk") (name . "syntax"))) (meta (@ (content . "00001012051200 00001012051400 00001012053200 00001012053300 00001012053400 00001012054200") (name . "back"))) (meta (@ (content . "00001012051200 00001012051400 00001012053200 00001012053300 00001012053400 00001012054200") (name . "backward"))) (meta (@ (content . "1") (name . "box-number"))) (meta (@ (content . "(c) 2020-present by Detlef Stern ") (name . "copyright"))) (meta (@ (content . "20220201173115") (name . "created"))) (meta (@ (content . "00001003000000 00001006020400 00001010000000 00001010040100 00001010040200 00001010070200 00001010070300") (name . "forward"))) (meta (@ (content . "en") (name . "lang"))) (meta (@ (content . "EUPL-1.2-or-later") (name . "license"))) (meta (@ (content . "20240711183931") (name . "modified"))) (meta (@ (content . "20240711183931") (name . "published"))) (meta (@ (content . "public") (name . "visibility")))) (p "Various API calls return a symbolic expression list " (kbd "(rights N)") ", with " (kbd "N") " as a number, that encodes the access rights the user currently has." " " (kbd "N") " is an integer number between 0 and 62." (sup (@ (id . "fnref:1")) (a (@ (class . "zs-noteref") (href . "#fn:1") (role . "doc-noteref")) "1"))) (p "The value " (@L (@H "“") "0" (@H "”")) " signals that something went wrong internally while determining the access rights.") (p "A value of " (@L (@H "“") "1" (@H "”")) " says, that the current user has no access right for the given zettel." " " "In most cases, this value will not occur, because only zettel are presented, which are at least readable by the current user.") (p "Values " (@L (@H "“") "2" (@H "”")) " to " (@L (@H "“") "62" (@H "”")) " are binary encoded values, where each bit signals a special right.") (table (thead (tr (th (@ (class . "center")) "Bit number") (th (@ (class . "center")) "Bit value") (th "Meaning"))) (tbody (tr (td (@ (class . "center")) "1") (td (@ (class . "center")) "2") (td "User is allowed to create a new zettel")) (tr (td (@ (class . "center")) "2") (td (@ (class . "center")) "4") (td "User is allowed to read the zettel")) (tr (td (@ (class . "center")) "3") (td (@ (class . "center")) "8") (td "User is allowed to update the zettel")) (tr (td (@ (class . "center")) "4") (td (@ (class . "center")) "16") (td "(not in use; was assigned to an operation)")) (tr (td (@ (class . "center")) "5") (td (@ (class . "center")) "32") (td "User is allowed to delete the zettel")))) (p "The algorithm to calculate the actual access rights from the value is relatively simple:") (ol (li "Search for the biggest bit value that is less than the rights value." " " "This is an access right for the current user.") (li "Subtract the bit value from the rights value." " " "Remember the difference as the new rights value.") (li "If it is greater than zero, move to step 1.")) (p "As an example, let's assume a rights value of 42:") (ol (li "The first right is the right to delete a zettel." " " "The new value of the rights value is now 10 (42-32).") (li "The next right is the right to update a zettel (16 > 10, but 8 < 10)." " " "The new value of the rights value is now 2 (10-8).") (li "The last right is the right to create a new zettel." " " "The rights value is now zero, the algorithm ends.")) (p "In practice, not every rights value will occur." " " "A Zettelstore in " (a (@ (href . "00001010000000#read-only")) "read-only mode") " will always return the value 4." " " "Similar, a Zettelstore that you started with a " (a (@ (href . "00001003000000")) "double-click") " will return either the value " (@L (@H "“") "6" (@H "”")) " (reading and updating) or the value " (@L (@H "“") "62" (@H "”")) " (all operations are allowed).") (p "If you have added an additional " (a (@ (href . "00001010040200")) "user") " to your Zettelstore, this might change." " " "The access rights are calculated depending on " (a (@ (href . "00001010040100")) "enabled authentication") ", on the " (a (@ (href . "00001010070300")) "user role") " of the current user, on " (a (@ (href . "00001010070200")) "visibility rules") " for a given zettel and on the " (a (@ (href . "00001006020400")) "read-only status") " for the zettel."))