Merge pull request #31 from admin-shell-io/IDTA-01004-3-0-1_working

Bugfix 3.0.1

Author: juileetikekar

README.md

@@ -28,12 +28,19 @@ The following release contains the latest version of the AAS schemas
  (see also the [releases](https://github.com/admin-shell-io/aas-specs-security/releases) 
 section of this repository):
 
-* [3.0.0](https://github.com/admin-shell-io/aas-specs-security/releases/tag/v3.0.0)
-is the latest release for the `V3.0.0` version of the AAS Security, 
+* [3.0.1](https://github.com/admin-shell-io/aas-specs-security/releases/tag/v3.0.1)
+is the latest bugfix release for the `V3.0.1` version of the AAS Security, 
 containing the normative sources for the published document
- "Specification of the Asset Administration Shell: Part 4 - **Version 3.0.0**". 
+ "Specification of the Asset Administration Shell: Part 4 - **Version 3.0.1**". 
 *Use this release if you want to work with the latest specified AAS version.*
 
+Previous releases:
+
+* [3.0.0](https://github.com/admin-shell-io/aas-specs-security/releases/tag/v3.0.0)
+is the first release for the `V3.0` version of the AAS Security, 
+containing the normative sources for the published document
+ "Specification of the Asset Administration Shell: Part 4 - Version 3.0.0". 
+
 ## Contributing
 
 Feature requests, reports about inconsistencies, mistakes *etc.* are highly

documentation/IDTA-01004/antora.yml

@@ -1,6 +1,6 @@
 name: IDTA-01004
 title: 'Part 4: Security'
-version: 'v3.0'
+version: 'v3.0.1'
 start_page: ROOT:index.adoc
 nav:
   - modules/ROOT/nav.adoc

documentation/IDTA-01004/modules/ROOT/pages/access-rule-model.adoc

@@ -223,13 +223,10 @@ The list element is written with [] to express, that $match shall check if a cer
 
 References are used in ReferenceAttributes, IdentifiableObjects, ReferableObjects, FragmentObjects and DescriptorObjects for the corresponding ReferenceLiterals, IdentifiableLiterals, ReferableLiterals, FragmentLiterals and DescriptorLiterals.
 
-Such references use the link:https://industrialdigitaltwin.io/aas-specifications/IDTA-01001/v3.1/mappings/mappings.html#reference-serialization[Part 1 Mapping in Section "Text Serialization of Values of Type Reference"] for specific instances of elements, e.g. an AAS, a Submodel, a ConceptDescription or a specific SubmodelElement.
+====
+Note: V3.1 will include a more detailed grammar for defining <ReferenceAttribute>, <IdentifiableObject>, <ReferableObject>, <FragmentObject> and <DescriptorObject>.
+====
 
-Access Rules may also be defined for all Identifiables of the Keytypes AssetAdministrationShell, Submodel or ConceptDescription.
-In this case an IdentifiableLiteral uses the format "(AssetAdministrationShell)\*", "(Submodel)*" and "(ConceptDescription)*".
-
-Access Rules extend the Keytypes of Part 1 by "(aasDesc)" for AAS Descriptors and "(smdesc)" for submodel descriptors.
-To define all descriptors "(aasDesc)\*" or "(smdesc)*" may be used in DescriptorLiterals accordingly.
 
 [[json-serialization]]
 == JSON Serialization of Access Rule Model

documentation/IDTA-01004/modules/ROOT/pages/annex/text-access-rule-examples.adoc

@@ -61,6 +61,7 @@ include::partial$examples/bpn.bnf[]
 include::partial$examples/allow-read-all-users-of-company-for-submodel.bnf[]
 ----
 
+[[allow-read-submodels-id-pattern]]
 == Allow READ to all Submodels with ID pattern for all authenticated users of a company for submodels with Nameplate and TechnicalData from 9:00-17:00
 
 [source,bnf,linenums]

documentation/IDTA-01004/modules/ROOT/pages/changelog.adoc

@@ -8,6 +8,24 @@ SPDX-License-Identifier: CC-BY-4.0
 
 ////
 
+[[change-notes]]
 = Change Notes
 
-This is the first Release.
+== Changes w.r.t. V3.0.1 vs. V3.0
+
+Bugfixes:
+
+* changed: Removed incorrect but required whitespaces from grammar and examples [#477 of API](https://github.com/admin-shell-io/aas-specs-api/issues/477)
+* changed: fixed idShortPath definition in the BNF Grammar for the Query Language [#34](https://github.com/admin-shell-io/aas-specs-security/issues/34)
+* changed:  xref:access-rule-model.adoc#text-serialization-of-values-of-type-reference[text serialization of Reference]  does not follow text serialization of Part 1 of References, the updated grammar will be added in the V3.1 [#33](https://github.com/admin-shell-io/aas-specs-security/issues/33)
+
+
+Minor Changes:
+
+* changed: correct xref:annex/text-access-rule-examples.adoc#allow-read-submodels-id-pattern[example] in Annex
+* removed: remove <FieldIdentifierString> in grammar and use <FieldIdentifier> directly
+
+
+== Changes V3.0
+
+This is the first release

documentation/IDTA-01004/modules/ROOT/pages/index.adoc

@@ -18,31 +18,37 @@ This specification is part of the https://industrialdigitaltwin.org/en/content-h
 
 == Version
 
-This is version 3.0 of the specification IDTA-01004.
+This is version 3.0.1 of the specification IDTA-01004.
+
+Previous version: 3.0.
 
 [#metamodel-versions]
 == Metamodel Versions
 
-This document (version 3.0) uses the following parts of the “Specification of the Asset Administration Shell” series:
+This document uses the following parts and versions of the “Specification of the Asset Administration Shell” series:
 
 * IDTA-01001 Part 1: Metamodel in version 3.1 xref:bibliography.adoc#bib1[[1\]]
 * IDTA-01002 Part 2: Application Programming Interfaces in version 3.1 xref:bibliography.adoc#bib2[[2\]]
 * IDTA-01003-a Part 3a: Data Specification – IEC 61360 in version 3.1 xref:bibliography.adoc#bib3[[3\]]
 
+If there are bugfixes of the parts, these shall be used.
+
 == Notice
 
 Copyright: Industrial Digital Twin Association e.V. (IDTA)
 
-DOI: https://doi.org/10.62628/IDTA.01004-3-0
+DOI: https://doi.org/10.62628/IDTA.01004-3-0-1
+
+IDTA Number: IDTA-01004
 
-IDTA Document Number: IDTA-01004-3-0
+Version: 3.0.1
 
 This work is licensed under a
 https://creativecommons.org/licenses/by/4.0/[Creative Commons Attribution 4.0 International License].
 
 SPDX-License-Identifier: CC-BY-4.0
 
-May 2025
+July 2025
 
 == How to Get in Contact
 

documentation/IDTA-01004/modules/ROOT/partials/bnf/access-rules.bnf

@@ -103,13 +103,13 @@
 <stringComparison> ::=
     ( ( "$starts-with" | "$ends-with" | "$contains" | "$regex") <ws> "(" <ws> <stringOperand> <ws> "," <ws> <stringOperand> <ws> ")" <ws> ) |
     ( <stringOperand> <ws> <allComparisons> <ws> <stringOperand> <ws> ) |
-    ( <stringOperand> <ws> <allComparisons> <ws> <FieldIdentifierString> <ws> ) |
-    ( <FieldIdentifierString> <ws> <allComparisons> <ws> <stringOperand> <ws> )
+    ( <stringOperand> <ws> <allComparisons> <ws> <FieldIdentifier> <ws> ) |
+    ( <FieldIdentifier> <ws> <allComparisons> <ws> <stringOperand> <ws> )
 
 <numericalComparison> ::=
     ( <numericalOperand> <ws> <allComparisons> <ws> <numericalOperand> <ws> ) |
-    ( <numericalOperand> <ws> <allComparisons> <ws> <FieldIdentifierString> <ws> ) |
-    ( <FieldIdentifierString> <ws> <allComparisons> <ws> <numericalOperand> <ws> )
+    ( <numericalOperand> <ws> <allComparisons> <ws> <FieldIdentifier> <ws> ) |
+    ( <FieldIdentifier> <ws> <allComparisons> <ws> <numericalOperand> <ws> )
 
 <hexComparison> ::=
     <hexOperand> <ws> <allComparisons> <ws> <hexOperand> <ws>
@@ -129,7 +129,7 @@
 <operand> ::= <stringOperand> | <numericalOperand> | <hexOperand> | <boolOperand> | <dateTimeOperand> | <timeOperand>
 
 <stringOperand> ::=
-    <FieldIdentifierString> | <StringLiteral> | <castToString> | <SingleAttribute>
+    <FieldIdentifier> | <StringLiteral> | <castToString> | <SingleAttribute>
 
 <numericalOperand> ::=
     <NumericalLiteral> | <castToNumerical> | <dateTimeToNum>
@@ -164,22 +164,21 @@
 <castToTime> ::=
     "time" <ws> "(" <ws> ( <stringOperand> | <dateTimeOperand> ) <ws> ")" <ws>
 
-
 <DateTimeLiteral> ::= <datetime> <ws>
 <TimeLiteral> ::= <time> <ws>
-<datetime> ::= <date> <ws> ( "T" | " " ) <ws> <time> <ws> ( <timezone> <ws> )?
-<date> ::= <year> <ws> "-" <ws> <month> <ws> "-" <ws> <day> <ws>
-<year> ::= <digit> <ws> <digit> <ws> <digit> <ws> <digit> <ws>
-<month> ::= <digit> <ws> <digit> <ws>
-<day> ::= <digit> <ws> <digit> <ws>
-<time> ::= <hour> <ws> ":" <ws> <minute> <ws> ( ":" <ws> <second> <ws> )? ( "." <ws> <fraction> <ws> )?
-<timezone> ::= ( "Z" | ( "+" | "-" ) <ws> <hour> <ws> ":" <ws> <minute> <ws> )
-<hour> ::= <digit> <ws> <digit> <ws>
-<minute> ::= <digit> <ws> <digit> <ws>
-<second> ::= <digit> <ws> <digit> <ws>
-<fraction> ::= <digit>+ <ws>
-
-<digit> ::= [0-9] <ws>
+<datetime> ::= <date> ( "T" | "" ) <time> ( <timezone> )?
+<date> ::= <year> "-" <month> "-" <day>
+<year> ::= <digit> <digit> <digit> <digit>
+<month> ::= <digit> <digit>
+<day> ::= <digit> <digit>
+<time> ::= <hour> ":" <minute> ( ":" <second> )? ( "." <fraction> )?
+<timezone> ::= ( "Z" | ( "+" | "-" ) <hour> ":" <minute> )
+<hour> ::= <digit> <digit>
+<minute> ::= <digit> <digit>
+<second> ::= <digit> <digit>
+<fraction> ::= <digit>+
+ 
+<digit> ::= [0-9]
 <StringLiteral> ::= "\"" ( [A-Z] | [a-z] | [0-9] | "/" | "*" | "[" | "]" | "(" | ")" | " " | "_" | "@" | "#" | "\\" | "+" | "-" | "." | "," | ":" | "$" | "^" )+ "\""
 <ClaimLiteral> ::= <StringLiteral>
 <ReferenceLiteral> ::= <StringLiteral>
@@ -191,8 +190,8 @@
 <NumericalLiteral> ::= ( "+" | "-" )? ( [0-9]+ ( "." [0-9]* )? | "." [0-9]+ ) ( ( "e" | "E" )? [0-9]+ )
 <HexLiteral> ::= "16#" ( [0-9] | [A-F] )+
 <BoolLiteral> ::= "true" | "false"
-<FieldIdentifier> ::= <FieldIdentifierString>
-<FieldIdentifierString> ::= <FieldIdentifierAAS> | <FieldIdentifierSM> | <FieldIdentifierSME> | <FieldIdentifierCD> | <FieldIdentifierAasDescriptor> | <FieldIdentifierSmDescriptor>
+
+<FieldIdentifier> ::= <FieldIdentifierAAS> | <FieldIdentifierSM> | <FieldIdentifierSME> | <FieldIdentifierCD> | <FieldIdentifierAasDescriptor> | <FieldIdentifierSmDescriptor>
 <FieldIdentifierAAS> ::= "$aas#" ( "idShort" | "id" | "assetInformation.assetKind" | "assetInformation.assetType" | "assetInformation.globalAssetId" | "assetInformation." <SpecificAssetIdsClause> | "submodels." <ReferenceClause> )
 <FieldIdentifierSM> ::= "$sm#" ( <SemanticIdClause> | "idShort" | "id" )
 <FieldIdentifierSME> ::= "$sme" ( "." <idShortPath> )? "#" ( <SemanticIdClause> | "idShort" | "value" | "valueType" | "language" )
@@ -205,7 +204,7 @@
 <ReferenceClause> ::= ( "type" | "keys" ( "[" ( [0-9]* ) "]" ) ( ".type" | ".value" ) )
 <SemanticIdClause> ::= ( "semanticId" | "semanticId." <ReferenceClause> )
 <SpecificAssetIdsClause> ::=  ( "specificAssetIds" ( "[" ( [0-9]* ) "]" ) ( ".name" | ".value" | ".externalSubjectId" | ".externalSubjectId." <ReferenceClause> ) )
-<idShortPath> ::= ( <idShort> ("[" ( [0-9]* ) "]" ) ( "." <idShortPath> )* )
+<idShortPath> ::= ( <idShort> ("[" ( [0-9]* ) "]" )* ( "." <idShortPath> )* )
 <idShort> ::= ( ( [a-z] | [A-Z] ) ( [a-z] | [A-Z] | [0-9] | "_" )* )
 
-<ws> ::= ( " " | "\t" | "\r" | "\n" )+
+<ws> ::= ( " " | "\t" | "\r" | "\n" )*

documentation/IDTA-01004/modules/ROOT/partials/examples/allow-read-submodels-id-pattern.bnf

@@ -12,7 +12,7 @@ ACCESSRULE:
         $sm#semanticId $eq "SemanticID-TechnicalData"
       ),
       CLAIM("companyName") $eq "company1-name",
-      $regex(REFERENCE("(Submodel)*#Id"), "^https://company1.com/.*$"),
+      $regex($sm#id, "^https://company1.com/.*$"),
       GLOBAL(UTCNOW) $ge "09:00",
       GLOBAL(UTCNOW) $le "17:00"
     )