| <?xml version="1.0" encoding="UTF-8"?> |
| <!-- |
| Licensed to the Apache Software Foundation (ASF) under one |
| or more contributor license agreements. See the NOTICE file |
| distributed with this work for additional information |
| regarding copyright ownership. The ASF licenses this file |
| to you under the Apache License, Version 2.0 (the |
| "License"); you may not use this file except in compliance |
| with the License. You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, |
| software distributed under the License is distributed on an |
| "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| KIND, either express or implied. See the License for the |
| specific language governing permissions and limitations |
| under the License. |
| --> |
| |
| <entitymodel xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" |
| xsi:noNamespaceSchemaLocation="http://ofbiz.apache.org/dtds/entitymodel.xsd"> |
| <!-- ========================================================= --> |
| <!-- ======================== Defaults ======================= --> |
| <!-- ========================================================= --> |
| <title>Entity of an Apache OFBiz Component</title> |
| <description>None</description> |
| <version>1.0</version> |
| |
| <!-- ========================================================= --> |
| <!-- ======================== Data Model ===================== --> |
| <!-- The modules in this file are as follows: --> |
| <!-- - org.apache.ofbiz.security.cert --> |
| <!-- - org.apache.ofbiz.security.login --> |
| <!-- - org.apache.ofbiz.security.securitygroup --> |
| <!-- ========================================================= --> |
| |
| |
| <!-- ========================================================= --> |
| <!-- org.apache.ofbiz.security.cert --> |
| <!-- ========================================================= --> |
| <entity entity-name="X509IssuerProvision" |
| package-name="org.apache.ofbiz.security.cert" |
| never-cache="true" |
| title="Valid issuer data for authentication of x.509 certificates"> |
| <field name="certProvisionId" type="id-ne"></field> |
| <field name="commonName" type="value"></field> |
| <field name="organizationalUnit" type="value"></field> |
| <field name="organizationName" type="value"></field> |
| <field name="cityLocality" type="value"></field> |
| <field name="stateProvince" type="value"></field> |
| <field name="country" type="value"></field> |
| <field name="serialNumber" type="value"></field> |
| <prim-key field="certProvisionId"/> |
| </entity> |
| |
| <!-- ========================================================= --> |
| <!-- org.apache.ofbiz.security.login --> |
| <!-- ========================================================= --> |
| |
| <entity entity-name="UserLogin" |
| package-name="org.apache.ofbiz.security.login" |
| title="User Login Entity"> |
| <field name="userLoginId" type="id-vlong-ne"></field> |
| <field name="currentPassword" type="long-varchar"></field> |
| <field name="passwordHint" type="description"></field> |
| <field name="isSystem" type="indicator"></field> |
| <field name="enabled" type="indicator"></field> |
| <field name="hasLoggedOut" type="indicator"></field> |
| <field name="requirePasswordChange" type="indicator"></field> |
| <field name="lastCurrencyUom" type="id"></field> |
| <field name="lastLocale" type="very-short"></field> |
| <field name="lastTimeZone" type="id-long"></field> |
| <field name="disabledDateTime" type="date-time"></field> |
| <field name="successiveFailedLogins" type="numeric"></field> |
| <field name="externalAuthId" type="id-vlong-ne"> |
| <description>For use with external authentication; the userLdapDn should be replaced with this</description> |
| </field> |
| <field name="userLdapDn" type="id-vlong-ne"> |
| <description>The user's LDAP Distinguished Name - used for LDAP authentication</description> |
| </field> |
| <field name="disabledBy" type="id-vlong"></field> |
| <prim-key field="userLoginId"/> |
| </entity> |
| <entity entity-name="UserLoginPasswordHistory" |
| package-name="org.apache.ofbiz.security.login" |
| never-cache="true" |
| title="User Login Password History Entity"> |
| <field name="userLoginId" type="id-vlong-ne"></field> |
| <field name="fromDate" type="date-time"></field> |
| <field name="thruDate" type="date-time"></field> |
| <field name="currentPassword" type="long-varchar"></field> |
| <prim-key field="userLoginId"/> |
| <prim-key field="fromDate"/> |
| <relation type="one" fk-name="USER_LPH_USER" rel-entity-name="UserLogin"> |
| <key-map field-name="userLoginId"/> |
| </relation> |
| </entity> |
| <entity entity-name="UserLoginHistory" |
| package-name="org.apache.ofbiz.security.login" |
| never-cache="true" |
| title="User Login History Entity"> |
| <field name="userLoginId" type="id-vlong-ne"></field> |
| <field name="visitId" type="id"></field> |
| <field name="fromDate" type="date-time"></field> |
| <field name="thruDate" type="date-time"></field> |
| <field name="passwordUsed" type="long-varchar" encrypt="true"></field> |
| <field name="successfulLogin" type="indicator"></field> |
| <prim-key field="userLoginId"/> |
| <prim-key field="fromDate"/> |
| <relation type="one" fk-name="USER_LH_USER" rel-entity-name="UserLogin"> |
| <key-map field-name="userLoginId"/> |
| </relation> |
| </entity> |
| <entity entity-name="UserLoginSession" |
| package-name="org.apache.ofbiz.security.login" |
| never-cache="true" |
| title="User Login History Entity"> |
| <field name="userLoginId" type="id-vlong-ne"></field> |
| <field name="savedDate" type="date-time"></field> |
| <field name="sessionData" type="very-long"></field> |
| <prim-key field="userLoginId"/> |
| <relation type="one" fk-name="USER_SESSION_USER" rel-entity-name="UserLogin"> |
| <key-map field-name="userLoginId"/> |
| </relation> |
| </entity> |
| |
| <!-- ========================================================= --> |
| <!-- org.apache.ofbiz.security.securitygroup --> |
| <!-- ========================================================= --> |
| |
| <entity entity-name="SecurityGroup" |
| package-name="org.apache.ofbiz.security.securitygroup" |
| default-resource-name="SecurityEntityLabels" |
| title="Security Component - Security Group Entity"> |
| <field name="groupId" type="id-ne"></field> |
| <field name="description" type="description"></field> |
| <prim-key field="groupId"/> |
| </entity> |
| <entity entity-name="SecurityGroupPermission" |
| package-name="org.apache.ofbiz.security.securitygroup" |
| title="Security Component - Security Group Permission Entity"> |
| <description>Defines a permission available to a security group; there is no FK to SecurityPermission because we want to leave open the possibility of ad-hoc permissions, especially for the Entity Data Maintenance pages which have TONS of permissions</description> |
| <field name="groupId" type="id-ne"></field> |
| <field name="permissionId" type="id-long-ne"></field> |
| <prim-key field="groupId"/> |
| <prim-key field="permissionId"/> |
| <relation type="one" fk-name="SEC_GRP_PERM_GRP" rel-entity-name="SecurityGroup"> |
| <key-map field-name="groupId"/> |
| </relation> |
| <relation type="one-nofk" rel-entity-name="SecurityPermission"> |
| <key-map field-name="permissionId"/> |
| </relation> |
| </entity> |
| <entity entity-name="SecurityPermission" |
| package-name="org.apache.ofbiz.security.securitygroup" |
| default-resource-name="SecurityEntityLabels" |
| title="Security Component - Security Permission Entity"> |
| <field name="permissionId" type="id-long-ne"></field> |
| <field name="description" type="description"></field> |
| <prim-key field="permissionId"/> |
| </entity> |
| <view-entity entity-name="UserLoginAndSecurityGroup" |
| package-name="org.apache.ofbiz.security.securitygroup" |
| never-cache="true" |
| title="UserLogin And SecurityGroup View Entity"> |
| <member-entity entity-alias="ULSG" entity-name="UserLoginSecurityGroup"/> |
| <member-entity entity-alias="UL" entity-name="UserLogin"/> |
| <alias-all entity-alias="ULSG"/> |
| <alias-all entity-alias="UL"/> |
| <view-link entity-alias="ULSG" rel-entity-alias="UL"> |
| <key-map field-name="userLoginId"/> |
| </view-link> |
| </view-entity> |
| <entity entity-name="UserLoginSecurityGroup" |
| package-name="org.apache.ofbiz.security.securitygroup" |
| title="Security Component - User Login Security Group Entity"> |
| <description>Maps a UserLogin to a security group</description> |
| <field name="userLoginId" type="id-vlong-ne"></field> |
| <field name="groupId" type="id-ne"></field> |
| <field name="fromDate" type="date-time"></field> |
| <field name="thruDate" type="date-time"></field> |
| <prim-key field="userLoginId"/> |
| <prim-key field="groupId"/> |
| <prim-key field="fromDate"/> |
| <relation type="one" fk-name="USER_SECGRP_USER" rel-entity-name="UserLogin"> |
| <key-map field-name="userLoginId"/> |
| </relation> |
| <relation type="one" fk-name="USER_SECGRP_GRP" rel-entity-name="SecurityGroup"> |
| <key-map field-name="groupId"/> |
| </relation> |
| <relation type="many" rel-entity-name="SecurityGroupPermission"> |
| <key-map field-name="groupId"/> |
| </relation> |
| </entity> |
| <entity entity-name="ProtectedView" |
| package-name="org.apache.ofbiz.security.securitygroup" |
| title="Security Component - Protected View Entity"> |
| <description>Defines views protected from data leakage</description> |
| <field name="groupId" type="id-ne"></field> |
| <field name="viewNameId" type="id-long-ne"><description>name of view to protect from data theft</description></field> |
| <field name="maxHits" type="numeric"><description>number of hits before tarpitting a login for a view</description></field> |
| <field name="maxHitsDuration" type="numeric"><description>period of time associated with maxHits (in seconds)</description></field> |
| <field name="tarpitDuration" type="numeric"><description>period of time a login will not be able to acces this view again (in seconds)</description></field> |
| <prim-key field="groupId"/> |
| <prim-key field="viewNameId"/> |
| <relation type="one" fk-name="VIEW_SECGRP_GRP" rel-entity-name="SecurityGroup"> |
| <key-map field-name="groupId"/> |
| </relation> |
| <relation type="many" rel-entity-name="SecurityGroupPermission"> |
| <key-map field-name="groupId"/> |
| </relation> |
| </entity> |
| <view-entity entity-name="UserLoginAndProtectedView" |
| package-name="org.apache.ofbiz.security.securitygroup" |
| title="UserLogin And ProtectedView View Entity"> |
| <member-entity entity-alias="ULSGPV" entity-name="UserLoginSecurityGroup"/> |
| <member-entity entity-alias="PV" entity-name="ProtectedView"/> |
| <alias-all entity-alias="ULSGPV"/> |
| <alias-all entity-alias="PV"/> |
| <view-link entity-alias="ULSGPV" rel-entity-alias="PV"> |
| <key-map field-name="groupId"/> |
| </view-link> |
| </view-entity> |
| <entity entity-name="TarpittedLoginView" |
| package-name="org.apache.ofbiz.security.securitygroup" |
| title="Security Component - Protected View Entity"> |
| <description>Login View couple currently tarpitted : any access to the view for the login is denied</description> |
| <field name="viewNameId" type="id-long-ne"><description>name of view protected from data theft</description></field> |
| <field name="userLoginId" type="id-vlong-ne"/> |
| <field name="tarpitReleaseDateTime" type="numeric"><description>Date/Time at which the login will gain anew access to the view (in milliseconds from midnight, January 1, 1970 UTC , 0 meaning no tarpit to allow the admin to free a view and to keep history</description></field> |
| <prim-key field="viewNameId"/> |
| <prim-key field="userLoginId"/> |
| </entity> |
| <entity entity-name="UserLoginSecurityQuestion" package-name="org.apache.ofbiz.security.login"> |
| <field name="questionEnumId" type="id-ne" /> |
| <field name="userLoginId" type="id-vlong-ne" /> |
| <field name="securityAnswer" type="description" /> |
| <prim-key field="questionEnumId"/> |
| <prim-key field="userLoginId"/> |
| <relation rel-entity-name="Enumeration" type="one" fk-name="SECQ_ENUM"> |
| <key-map field-name="questionEnumId" rel-field-name="enumId"/> |
| </relation> |
| <relation rel-entity-name="UserLogin" type="one" fk-name="ULGNSECQ_ULGN"> |
| <key-map field-name="userLoginId"/> |
| </relation> |
| </entity> |
| </entitymodel> |
