| <?xml version="1.0" encoding="UTF-8"?> |
| <!-- |
| ~ Licensed to the Apache Software Foundation (ASF) under one |
| ~ or more contributor license agreements. See the NOTICE file |
| ~ distributed with this work for additional information |
| ~ regarding copyright ownership. The ASF licenses this file |
| ~ to you under the Apache License, Version 2.0 (the |
| ~ "License"); you may not use this file except in compliance |
| ~ with the License. You may obtain a copy of the License at |
| ~ |
| ~ http://www.apache.org/licenses/LICENSE-2.0 |
| ~ |
| ~ Unless required by applicable law or agreed to in writing, |
| ~ software distributed under the License is distributed on an |
| ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| ~ KIND, either express or implied. See the License for the |
| ~ specific language governing permissions and limitations |
| ~ under the License. |
| --> |
| <model> |
| <id>rbac-jdo</id> |
| <name>RbacJdoModel</name> |
| <version>1.0.1</version> |
| <defaults> |
| <default> |
| <key>package</key> |
| <value>org.codehaus.plexus.security.authorization.rbac.jdo</value> |
| </default> |
| </defaults> |
| <classes> |
| <class rootElement="true" |
| stash.storable="false"> |
| <name>RbacDatabase</name> |
| <version>1.0.1+</version> |
| <fields> |
| <field> |
| <name>roles</name> |
| <version>1.0.1+</version> |
| <association> |
| <type>JdoRole</type> |
| <multiplicity>*</multiplicity> |
| </association> |
| </field> |
| <field> |
| <name>userAssignments</name> |
| <version>1.0.1+</version> |
| <association> |
| <type>JdoUserAssignment</type> |
| <multiplicity>*</multiplicity> |
| </association> |
| </field> |
| </fields> |
| </class> |
| |
| <class stash.storable="true" |
| jpox.table="SECURITY_ROLES" |
| jpox.not-persisted-fields="modelEncoding"> |
| <name>JdoRole</name> |
| <version>1.0.0+</version> |
| <fields> |
| <field jpox.primary-key="true" jpox.value-strategy="off"> |
| <name>name</name> |
| <version>1.0.0+</version> |
| <type>String</type> |
| <identifier>true</identifier> |
| </field> |
| <field> |
| <name>description</name> |
| <version>1.0.0+</version> |
| <type>String</type> |
| </field> |
| <field> |
| <name>assignable</name> |
| <version>1.0.0+</version> |
| <type>boolean</type> |
| <description> |
| true if this role is available to be assigned to a user |
| </description> |
| </field> |
| <field> |
| <name>permanent</name> |
| <version>1.0.0+</version> |
| <type>boolean</type> |
| <description> |
| true if this object is permanent. |
| </description> |
| </field> |
| <field jpox.persistence-modifier="persistent" |
| jpox.fetchGroupNames="role-child-detail" |
| jpox.join-table="ROLE_CHILDROLE_MAP"> |
| <name>childRoleNames</name> |
| <version>1.0.0+</version> |
| <association stash.part="true" |
| jpox.join="true" |
| java.init="field" |
| jpox.dependent="false" |
| java.generate-break="false" |
| java.generate-create="false"> |
| <type>String</type> |
| <multiplicity>*</multiplicity> |
| </association> |
| <description> |
| roles that will inherit the permissions of this role |
| </description> |
| </field> |
| <field jpox.fetchGroupNames="role-child-detail" |
| jpox.join-table="ROLE_PERMISSION_MAP"> |
| <name>permissions</name> |
| <version>1.0.0+</version> |
| <association stash.part="true" |
| jpox.join="true" |
| jpox.dependent="false" |
| java.init="field" |
| java.generate-break="false" |
| java.generate-create="false"> |
| <type>JdoPermission</type> |
| <multiplicity>*</multiplicity> |
| </association> |
| </field> |
| </fields> |
| </class> |
| |
| <class stash.storable="true" |
| jpox.table="PERMISSIONS" |
| jpox.not-persisted-fields="modelEncoding"> |
| <name>JdoPermission</name> |
| <version>1.0.0+</version> |
| <fields> |
| <field jpox.primary-key="true" jpox.value-strategy="off"> |
| <name>name</name> |
| <version>1.0.0+</version> |
| <type>String</type> |
| <identifier>true</identifier> |
| </field> |
| <field> |
| <name>description</name> |
| <version>1.0.0+</version> |
| <type>String</type> |
| </field> |
| <field> |
| <name>permanent</name> |
| <version>1.0.0+</version> |
| <type>boolean</type> |
| <description> |
| true if this object is permanent. |
| </description> |
| </field> |
| <field jpox.indexed="true" |
| jpox.column="SECURITY_OPERATIONS"> |
| <name>operation</name> |
| <version>1.0.0+</version> |
| <association stash.part="true" |
| jpox.dependent="false"> |
| <type>JdoOperation</type> |
| <multiplicity>1</multiplicity> |
| </association> |
| </field> |
| <field jpox.indexed="true" |
| jpox.column="SECURITY_RESOURCES"> |
| <name>resource</name> |
| <version>1.0.0+</version> |
| <association stash.part="true" |
| jpox.dependent="false"> |
| <type>JdoResource</type> |
| <multiplicity>1</multiplicity> |
| </association> |
| </field> |
| </fields> |
| </class> |
| |
| <class stash.storable="true" |
| jpox.table="OPERATIONS" |
| jpox.not-persisted-fields="modelEncoding"> |
| <name>JdoOperation</name> |
| <version>1.0.0+</version> |
| <fields> |
| <field jpox.primary-key="true" jpox.value-strategy="off"> |
| <name>name</name> |
| <version>1.0.0+</version> |
| <type>String</type> |
| <identifier>true</identifier> |
| </field> |
| <field> |
| <name>description</name> |
| <version>1.0.0+</version> |
| <type>String</type> |
| </field> |
| <field> |
| <name>permanent</name> |
| <version>1.0.0+</version> |
| <type>boolean</type> |
| <description> |
| true if this object is permanent. |
| </description> |
| </field> |
| <field> |
| <name>resourceRequired</name> |
| <version>1.0.0+</version> |
| <type>boolean</type> |
| <description> |
| true if the resource is required for authorization to be granted |
| </description> |
| </field> |
| </fields> |
| </class> |
| |
| <class stash.storable="true" |
| jpox.table="RESOURCES" |
| jpox.not-persisted-fields="modelEncoding"> |
| <name>JdoResource</name> |
| <version>1.0.0+</version> |
| <description> |
| In RBAC terms, this is the entity which an operation is associated with that which permissions are based on. |
| </description> |
| <fields> |
| <field jpox.primary-key="true" jpox.value-strategy="off"> |
| <name>identifier</name> |
| <version>1.0.0+</version> |
| <type>String</type> |
| <description> |
| The string identifier for an operation. |
| </description> |
| <identifier>true</identifier> |
| </field> |
| <field> |
| <name>pattern</name> |
| <version>1.0.0+</version> |
| <type>boolean</type> |
| <description> |
| true if the identifer is a pattern that is to be evaluated, for example x.* could match x.a or x.b and x.** |
| could match x.foo |
| </description> |
| </field> |
| <field> |
| <name>permanent</name> |
| <version>1.0.0+</version> |
| <type>boolean</type> |
| <description> |
| true if this object is permanent. |
| </description> |
| </field> |
| </fields> |
| </class> |
| |
| <class stash.storable="true" |
| jpox.table="USER_ASSIGNMENTS" |
| jpox.not-persisted-fields="modelEncoding"> |
| <name>JdoUserAssignment</name> |
| <description>binding of a principal to a role</description> |
| <version>1.0.0+</version> |
| <fields> |
| <field jpox.primary-key="true" |
| jpox.value-strategy="off" |
| jpox.foreign-key-delete-action="cascade"> |
| <name>principal</name> |
| <version>1.0.0+</version> |
| <type>String</type> |
| <identifier>true</identifier> |
| </field> |
| <field jpox.column="LAST_UPDATED"> |
| <name>timestamp</name> |
| <version>1.0.0+</version> |
| <type>Date</type> |
| </field> |
| <field> |
| <name>permanent</name> |
| <version>1.0.0+</version> |
| <type>boolean</type> |
| <description> |
| true if this object is permanent. |
| </description> |
| </field> |
| <field java.adder="false" |
| jpox.persistence-modifier="persistent" |
| jpox.indexed="true" |
| jpox.join-table="USERASSIGNMENT_ROLENAMES"> |
| <name>roleNames</name> |
| <version>1.0.0+</version> |
| <association stash.part="true" |
| jpox.join="true" |
| java.init="field" |
| java.generate-break="false" |
| java.generate-create="false"> |
| <type>String</type> |
| <multiplicity>*</multiplicity> |
| </association> |
| </field> |
| </fields> |
| </class> |
| </classes> |
| </model> |
