--
--  Accesss granted via tags; default is no accesss.
--  Permission must be explicitly granted.
--
--  Access permission is the disjunction of permit tags
--  Tags are split on "AND" to encode conjunction.
--
--  Note that nested routes automatically inherit all tags from the parent.
--
--  Admins always have access to entities within their assigned schools.
--
--  Access Tags:
--    !free           -- free for all
--    !lecturer       -- lecturer    for this course (or for any school, if route is not connected to a course)
--    !corrector      -- corrector   for this sheet  (or the submission, if route is connected to a submission, or the course, if route is not connected to a sheet, or any course, if route is not connected to a course)
--    !course-registered     -- participant for this course (no effect outside of courses)
--    !tutorial-registered   -- participant for this tutorial (no effect outside of courses)
--    !participant    -- connected with a given course (not necessarily registered), i.e. has a submission, is a corrector, etc. (no effect outside of courses)
--
--    !register-group -- user is member in no other tutorial with same register group
--
--    !owner          -- part of the group of owners of this submission
--    !self           -- route refers to the currently logged in user themselves
--    !capacity       -- course this route is associated with has at least one unit of participant capacity
--    !empty          -- course this route is associated with has no participants whatsoever
--
--    !materials      -- only if course allows all materials to be free (no meaning outside of courses)
--    !time           -- access depends on time somehow
--    !read           -- only if it is read-only access (i.e. GET but not POST)
--    !write          -- only if it is write access     (i.e. POST only, included for completeness)
--
--    !no-escalation  --
--    !deprecated     -- like free, but logs and gives a warning; entirely disabled in production
--    !development    -- like free, but only for development builds

/static StaticR EmbeddedStatic appStatic                      !free
/auth   AuthR   Auth   getAuth                                !free

/favicon.ico FaviconR GET                                     !free
/robots.txt RobotsR GET                                       !free

/                             HomeR            GET            !free
/users                        UsersR           GET            -- no tags, i.e. admins only
/users/#CryptoUUIDUser        AdminUserR       GET POST
/users/#CryptoUUIDUser/delete AdminUserDeleteR     POST
/users/#CryptoUUIDUser/hijack AdminHijackUserR     POST       !adminANDno-escalation
/users/#CryptoUUIDUser/notifications UserNotificationR GET POST   !self
/admin                        AdminR           GET
/admin/features               AdminFeaturesR   GET POST
/admin/test                   AdminTestR       GET POST
/admin/errMsg                 AdminErrMsgR     GET POST

/health                       HealthR          GET             !free
/instance                     InstanceR        GET             !free
/info                         InfoR            GET             !free
/info/lecturer                InfoLecturerR    GET             !lecturer
/info/data                    DataProtR        GET             !free
/impressum                    ImpressumR       GET             !free
/version                      VersionR         GET             !free

/help                         HelpR            GET POST        !free

/user                      ProfileR            GET POST        !free
/user/profile              ProfileDataR        GET             !free
/user/authpreds            AuthPredsR          GET POST        !free

/term                      TermShowR           GET             !free
/term/current              TermCurrentR        GET             !free
/term/edit                 TermEditR           GET POST
/term/#TermId/edit         TermEditExistR      GET POST
!/term/#TermId             TermCourseListR     GET             !free
!/term/#TermId/#SchoolId   TermSchoolCourseListR  GET          !free

/school                    SchoolListR         GET             !development
/school/#SchoolId          SchoolShowR         GET             !development


-- For Pattern Synonyms see Foundation
/course/                    CourseListR        GET             !free
!/course/new                CourseNewR         GET POST        !lecturer
/course/#TermId/#SchoolId/#CourseShorthand CourseR             !lecturer:
  /                           CShowR           GET             !free
  /register                   CRegisterR       GET POST        !timeANDcapacity
  /edit                       CEditR           GET POST
  /lecturer-invite            CLecInviteR      GET POST
  /delete                     CDeleteR         GET POST        !lecturerANDempty
  /users                      CUsersR          GET POST
  !/users/new                 CAddUserR        GET POST
  !/users/invite              CInviteR         GET POST
  /users/#CryptoUUIDUser      CUserR           GET POST        !lecturerANDparticipant
  /correctors                 CHiWisR          GET
  /communication              CCommR           GET POST
  /notes                      CNotesR          GET POST        !corrector -- THIS route is used to check for overall course corrector access!
  /subs                       CCorrectionsR    GET POST
  /subs/assigned              CAssignR         GET POST
  /ex                         SheetListR       GET             !course-registered !materials !corrector
  /ex/new                     SheetNewR        GET POST
  /ex/current                 SheetCurrentR    GET             !course-registered !materials !corrector
  /ex/unassigned              SheetOldUnassignedR  GET
  /ex/#SheetName SheetR:
    /show                       SShowR         GET             !timeANDcourse-registered !timeANDmaterials !corrector !timeANDtutor
    /show/download              SArchiveR      GET             !timeANDcourse-registered !timeANDmaterials !corrector !timeANDtutor
    /edit                       SEditR         GET POST
    /delete                     SDelR          GET POST
    /subs                       SSubsR         GET POST        -- for lecturer only
    !/subs/new                  SubmissionNewR GET POST        !timeANDcourse-registeredANDuser-submissions
    !/subs/own                  SubmissionOwnR GET             !free -- just redirect
    !/subs/assign               SAssignR       GET POST        !lecturerANDtime
    /subs/#CryptoFileNameSubmission SubmissionR:
      /                         SubShowR       GET POST        !ownerANDtimeANDuser-submissions !ownerANDread !correctorANDread
      /delete                   SubDelR        GET POST        !ownerANDtimeANDuser-submissions
      /assign                   SubAssignR     GET POST        !lecturerANDtime
      /correction               CorrectionR    GET POST        !corrector !ownerANDreadANDrated
      /invite                   SInviteR       GET POST        !ownerANDtimeANDuser-submissions
      !/#SubmissionFileType     SubArchiveR    GET             !owner !corrector
      !/#SubmissionFileType/*FilePath SubDownloadR  GET        !owner !corrector
    /correctors                 SCorrR         GET POST
    /iscorrector                SIsCorrR       GET             !corrector -- Route is used to check for corrector access to this sheet
    /pseudonym                  SPseudonymR    GET POST        !course-registeredANDcorrector-submissions
    /corrector-invite/          SCorrInviteR   GET POST
    !/#SheetFileType            SZipR          GET             !timeANDcourse-registered !timeANDmaterials !corrector !timeANDtutor
    !/#SheetFileType/*FilePath  SFileR         GET             !timeANDcourse-registered !timeANDmaterials !corrector !timeANDtutor
  /file                          MaterialListR GET             !course-registered !materials !corrector !tutor
  /file/new                      MaterialNewR  GET POST
  /file/#MaterialName MaterialR:
    /edit                       MEditR         GET POST
    /delete                     MDelR          GET POST
    /show                       MShowR         GET             !timeANDcourse-registered !timeANDmaterials !corrector !tutor
    !/download                  MArchiveR      GET             !timeANDcourse-registered !timeANDmaterials !corrector !tutor
    !/download/*FilePath        MFileR         GET             !timeANDcourse-registered !timeANDmaterials !corrector !tutor
  /tuts                         CTutorialListR GET             !tutor -- THIS route is used to check for overall course tutor access!
  /tuts/new                     CTutorialNewR  GET POST
  /tuts/#TutorialName TutorialR:
    /edit                     TEditR           GET POST
    /delete                   TDeleteR         GET POST
    /participants             TUsersR          GET POST        !tutor
    /register                 TRegisterR           POST        !timeANDcapacityANDcourse-registeredANDregister-group !timeANDtutorial-registered
    /communication            TCommR           GET POST        !tutor
    /tutor-invite             TInviteR         GET POST
  /exams                        CExamListR     GET             !free
  /exams/new                    CExamNewR      GET POST
  /exams/#ExamName ExamR:
    /show                       EShowR         GET             !time
    /edit                       EEditR         GET POST
    /corrector-invite           ECInviteR      GET POST
    /users                      EUsersR        GET POST
    /users/new                  EAddUserR      GET POST
    /users/invite               EInviteR       GET POST
    /register                   ERegisterR         POST        !timeANDcourse-registered !timeANDexam-registered

/subs          CorrectionsR          GET POST !corrector !lecturer
/subs/upload   CorrectionsUploadR    GET POST !corrector !lecturer
/subs/create   CorrectionsCreateR    GET POST !corrector !lecturer
/subs/grade    CorrectionsGradeR     GET POST !corrector !lecturer
/subs/download CorrectionsDownloadR  GET      !corrector !lecturer


/msgs                           MessageListR GET POST
/msg/#{CryptoUUIDSystemMessage} MessageR      GET POST        !timeANDreadANDauthentication


!/#UUID CryptoUUIDDispatchR GET                               !free -- just redirect
-- !/*{CI FilePath} CryptoFileNameDispatchR GET                  !free -- Disabled until preliminary check for valid cID exists
