Google Git
Sign in
apache / archiva-redback-components-modello-plugins / b797be36f33c1a5957ff848f97cc04c506b7fa00 / . / jpox-modello-maven-plugin / src / it / redback-model / src / main / mdo / rbac-jdo.mdo
blob: 06cf57e13883048774030677f25c8254c5b9a7d5 [file] [log] [blame]
<?xml version="1.0"?>
<!--
~ Licensed to the Apache Software Foundation (ASF) under one
~ or more contributor license agreements. See the NOTICE file
~ distributed with this work for additional information
~ regarding copyright ownership. The ASF licenses this file
~ to you under the Apache License, Version 2.0 (the
~ "License"); you may not use this file except in compliance
~ with the License. You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing,
~ software distributed under the License is distributed on an
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
~ KIND, either express or implied. See the License for the
~ specific language governing permissions and limitations
~ under the License.
-->
<model jpox.mapping-in-package="true"
jpox.table-prefix="SECURITY_">
<!-- TODO: there is no reason this model is JDO specific. Shouldn't it be the basis for the various providers? It would dramatically reduce the code in -memory, for example -->
<id>rbac-jdo</id>
<name>RbacJdoModel</name>
<version>1.0.1</version>
<defaults>
<default>
<key>package</key>
<value>org.apache.archiva.redback.components.modello.jpox.plugin</value>
</default>
</defaults>
<classes>
<class rootElement="true"
jpox.stashable="false">
<name>RbacDatabase</name>
<version>1.0.1+</version>
<fields>
<field jpox.column="RBAC_ROLES">
<name>roles</name>
<version>1.0.1+</version>
<association>
<type>JdoRole</type>
<multiplicity>*</multiplicity>
</association>
</field>
<field>
<name>permissions</name>
<version>1.0.1+</version>
<association>
<type>JdoPermission</type>
<multiplicity>*</multiplicity>
</association>
</field>
<field>
<name>operations</name>
<version>1.0.1+</version>
<association>
<type>JdoOperation</type>
<multiplicity>*</multiplicity>
</association>
</field>
<field>
<name>resources</name>
<version>1.0.1+</version>
<association>
<type>JdoResource</type>
<multiplicity>*</multiplicity>
</association>
</field>
<field>
<name>userAssignments</name>
<version>1.0.1+</version>
<association>
<type>JdoUserAssignment</type>
<multiplicity>*</multiplicity>
</association>
</field>
</fields>
</class>
<class jpox.stashable="true"
jpox.table="ROLES"
jpox.not-persisted-fields="modelEncoding">
<name>JdoRole</name>
<version>1.0.0+</version>
<fields>
<field jpox.primary-key="true" jpox.value-strategy="off">
<name>name</name>
<version>1.0.0+</version>
<type>String</type>
<identifier>true</identifier>
</field>
<field>
<name>description</name>
<version>1.0.0+</version>
<type>String</type>
</field>
<field>
<name>assignable</name>
<version>1.0.0+</version>
<type>boolean</type>
<description>
true if this role is available to be assigned to a user
</description>
</field>
<field>
<name>permanent</name>
<version>1.0.0+</version>
<type>boolean</type>
<description>
true if this object is permanent.
</description>
</field>
<field jpox.persistence-modifier="persistent"
jpox.fetch-groups="role-child-detail"
jpox.join-table="ROLE_CHILDROLE_MAP">
<name>childRoleNames</name>
<version>1.0.0+</version>
<association stash.part="true"
jpox.join="true"
java.init="field"
jpox.dependent="false"
java.generate-break="false"
java.generate-create="false">
<type>String</type>
<multiplicity>*</multiplicity>
</association>
<description>
roles that will inherit the permissions of this role
</description>
</field>
<field jpox.fetch-groups="role-child-detail"
jpox.join-table="ROLE_PERMISSION_MAP">
<name>permissions</name>
<version>1.0.0+</version>
<association stash.part="true"
xml.reference="true"
jpox.join="true"
jpox.dependent="false"
java.init="field"
java.generate-break="false"
java.generate-create="false">
<type>JdoPermission</type>
<multiplicity>*</multiplicity>
</association>
</field>
</fields>
</class>
<class jpox.stashable="true"
jpox.table="PERMISSIONS"
jpox.not-persisted-fields="modelEncoding">
<name>JdoPermission</name>
<version>1.0.0+</version>
<fields>
<field jpox.primary-key="true" jpox.value-strategy="off">
<name>name</name>
<version>1.0.0+</version>
<type>String</type>
<identifier>true</identifier>
</field>
<field>
<name>description</name>
<version>1.0.0+</version>
<type>String</type>
</field>
<field>
<name>permanent</name>
<version>1.0.0+</version>
<type>boolean</type>
<description>
true if this object is permanent.
</description>
</field>
<field jpox.indexed="true"
jpox.persistence-modifier="persistent"
jpox.column="RBAC_OPERATION">
<name>operation</name>
<version>1.0.0+</version>
<association stash.part="true"
xml.reference="true"
jpox.dependent="false">
<type>JdoOperation</type>
<multiplicity>1</multiplicity>
</association>
</field>
<field jpox.indexed="true"
jpox.persistence-modifier="persistent"
jpox.column="RBAC_RESOURCE">
<name>resource</name>
<version>1.0.0+</version>
<association stash.part="true"
xml.reference="true"
jpox.dependent="false">
<type>JdoResource</type>
<multiplicity>1</multiplicity>
</association>
</field>
</fields>
</class>
<class jpox.stashable="true"
jpox.table="OPERATIONS"
jpox.not-persisted-fields="modelEncoding">
<name>JdoOperation</name>
<version>1.0.0+</version>
<fields>
<field jpox.primary-key="true" jpox.value-strategy="off">
<name>name</name>
<version>1.0.0+</version>
<type>String</type>
<identifier>true</identifier>
</field>
<field>
<name>description</name>
<version>1.0.0+</version>
<type>String</type>
</field>
<field>
<name>permanent</name>
<version>1.0.0+</version>
<type>boolean</type>
<description>
true if this object is permanent.
</description>
</field>
<field>
<name>resourceRequired</name>
<version>1.0.0+</version>
<type>boolean</type>
<description>
true if the resource is required for authorization to be granted
</description>
</field>
</fields>
</class>
<class jpox.stashable="true"
jpox.table="RESOURCES"
jpox.not-persisted-fields="modelEncoding">
<name>JdoResource</name>
<version>1.0.0+</version>
<description>
In RBAC terms, this is the entity which an operation is associated with that which permissions are based on.
</description>
<fields>
<field jpox.primary-key="true" jpox.value-strategy="off">
<name>identifier</name>
<version>1.0.0+</version>
<type>String</type>
<description>
The string identifier for a resource.
</description>
<identifier>true</identifier>
</field>
<field>
<name>pattern</name>
<version>1.0.0+</version>
<type>boolean</type>
<description>
true if the identifer is a pattern that is to be evaluated, for example x.* could match x.a or x.b and x.**
could match x.foo
</description>
</field>
<field>
<name>permanent</name>
<version>1.0.0+</version>
<type>boolean</type>
<description>
true if this object is permanent.
</description>
</field>
</fields>
</class>
<class jpox.stashable="true"
jpox.table="USER_ASSIGNMENTS"
jpox.not-persisted-fields="modelEncoding">
<name>JdoUserAssignment</name>
<description>binding of a principal to a role</description>
<fields>
<field jpox.primary-key="true" jpox.value-strategy="off">
<name>principal</name>
<version>1.0.0+</version>
<type>String</type>
<identifier>true</identifier>
</field>
<field jpox.column="LAST_UPDATED">
<name>timestamp</name>
<version>1.0.0+</version>
<type>Date</type>
</field>
<field>
<name>permanent</name>
<version>1.0.0+</version>
<type>boolean</type>
<description>
true if this object is permanent.
</description>
</field>
<field java.adder="false"
jpox.persistence-modifier="persistent"
jpox.indexed="false"
jpox.join-table="USERASSIGNMENT_ROLENAMES">
<name>roleNames</name>
<version>1.0.0+</version>
<association stash.part="true"
jpox.join="true"
java.init="field"
java.generate-break="false"
java.generate-create="false">
<type>String</type>
<multiplicity>*</multiplicity>
</association>
</field>
</fields>
</class>
</classes>
</model>