xdocs/example.xml - turbine-fulcrum-security - Git at Google

 <?xml version="1.0"?>
 <!--
  Licensed to the Apache Software Foundation (ASF) under one
  or more contributor license agreements.  See the NOTICE file
  distributed with this work for additional information
  regarding copyright ownership.  The ASF licenses this file
  to you under the Apache License, Version 2.0 (the
  "License"); you may not use this file except in compliance
  with the License.  You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

  Unless required by applicable law or agreed to in writing,
  software distributed under the License is distributed on an
  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  KIND, either express or implied.  See the License for the
  specific language governing permissions and limitations
  under the License.
 -->

 <document>

   <properties>
     <title>Example of the security models</title>
     <author email="hhernandez@itweb.com.mx">Humberto Hernandez</author>
   </properties>

   <body>

   <section name="Example">
     <subsection name="Requirements">
       <p>
       This is example is inspired in Scarab but it doesn't follow it exactly. The system controls bug reports in a software project.
       The system allows  the following operations.
       </p>
       <ul>
         <li>create an issue.</li>
         <li>view an issue.</li>
         <li>modify an issue.</li>
         <li>close an issue.</li>
       </ul>
       <p>The system is able to manage several projects.</p>
       <ul>
         <li>Project A.</li>
         <li>Project B.</li>
       </ul>
       <p>And there are several roles in each project:</p>
       <ul>
         <li>Manager - It can create an issue, view an issue, modify an issue and close an issue.</li>
         <li>Developer - It can create an issue, view an issue and modify an issue.</li>
         <li>Observer - It can view an issue.</li>
       </ul>
       <p>Project A has the following roles and users:</p>
       <ul>
         <li>Salma is the manager.</li>
         <li>Britney and Demi are developers.</li>
         <li>Cameron is an observer.</li>
       </ul>
       <p>Project B has the following roles and users:</p>
       <ul>
         <li>Demi is the manager.</li>
         <li>Madona and Britney are developers.</li>
         <li>Barbara is an observer.</li>
       </ul>
     </subsection>
     <subsection name="Turbine">
     <ul>
     <li>Declare two groups. One for each project.</li>
     <li>Declare four permissions. One for each operation.</li>
     <li>Declare three roles. Manager, Developer and Observer</li>
     <li>Create users for Salma, Britney, Demi, Cameron, Madona and Barbara</li>
     <li>Grant Salma the role of manager in project A.</li>
     <li>Grant Britney the role of develop in projects A and B.</li>
     <li>Grant Demi the role of developer in project A and the role of manager in project B</li>
     <li>Grant Cameron the role of observer in project A.</li>
     <li>Grant Madona the role of developer in project B.</li>
     <li>Grant Barbara the role of observer in project B.</li>
     </ul>
     </subsection>
     <subsection name="Dynamic">
     <ul>
     <li>Declare a group of "managers for project A"</li>
     <li>Declare a group of "developers for project A"</li>
     <li>Declare a group of "observers for project A"</li>
     <li>Declare a group of "managers for project B"</li>
     <li>Declare a group of "developers for project B"</li>
     <li>Declare a group of "observers for project B"</li>
     <li>Declare four permissions. One for each operation.</li>
     <li>Declare three roles. Manager, Developer and Observer</li>
     <li>Declare another three groups. One for each role.</li>
     <li>Declare another two roles. One for each</li>
     <li>Create users for Salma, Britney, Demi, Cameron, Madona and Barbara</li>
     <li>Make Salma, Britney, Demi and Cameron part of group "project A".</li>
     <li>Make Demi, Madona, Britney and Barbara part of group "project B".</li>
     </ul>
     <p>We need to do more work on this</p>
     </subsection>
     <subsection name="Basic">
     <ul>
     <li>Declare two groups. One for each project</li>
     <li>Create users for Salma, Britney, Demi, Cameron, Madona and Barbara</li>
     <li>Make Salma, Britney, Demi and Cameron part of group "project A".</li>
     <li>Make Demi, Madona, Britney and Barbara part of group "project B".</li>
     </ul>
     <p>
     With this configuration you can control that one project is afected only by the members
     of the project. However, you don't have control over which operations can be done by each member
     within the project.
     </p>
     </subsection>

   </section>
   </body>
 </document>
	<?xml version="1.0"?>
	<!--
	Licensed to the Apache Software Foundation (ASF) under one
	or more contributor license agreements. See the NOTICE file
	distributed with this work for additional information
	regarding copyright ownership. The ASF licenses this file
	to you under the Apache License, Version 2.0 (the
	"License"); you may not use this file except in compliance
	with the License. You may obtain a copy of the License at

	http://www.apache.org/licenses/LICENSE-2.0

	Unless required by applicable law or agreed to in writing,
	software distributed under the License is distributed on an
	"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	KIND, either express or implied. See the License for the
	specific language governing permissions and limitations
	under the License.
	-->

	<document>

	<properties>
	<title>Example of the security models</title>
	<author email="hhernandez@itweb.com.mx">Humberto Hernandez</author>
	</properties>

	<body>

	<section name="Example">
	<subsection name="Requirements">
	<p>
	This is example is inspired in Scarab but it doesn't follow it exactly. The system controls bug reports in a software project.
	The system allows the following operations.
	</p>
	<ul>
	<li>create an issue.</li>
	<li>view an issue.</li>
	<li>modify an issue.</li>
	<li>close an issue.</li>
	</ul>
	<p>The system is able to manage several projects.</p>
	<ul>
	<li>Project A.</li>
	<li>Project B.</li>
	</ul>
	<p>And there are several roles in each project:</p>
	<ul>
	<li>Manager - It can create an issue, view an issue, modify an issue and close an issue.</li>
	<li>Developer - It can create an issue, view an issue and modify an issue.</li>
	<li>Observer - It can view an issue.</li>
	</ul>
	<p>Project A has the following roles and users:</p>
	<ul>
	<li>Salma is the manager.</li>
	<li>Britney and Demi are developers.</li>
	<li>Cameron is an observer.</li>
	</ul>
	<p>Project B has the following roles and users:</p>
	<ul>
	<li>Demi is the manager.</li>
	<li>Madona and Britney are developers.</li>
	<li>Barbara is an observer.</li>
	</ul>
	</subsection>
	<subsection name="Turbine">
	<ul>
	<li>Declare two groups. One for each project.</li>
	<li>Declare four permissions. One for each operation.</li>
	<li>Declare three roles. Manager, Developer and Observer</li>
	<li>Create users for Salma, Britney, Demi, Cameron, Madona and Barbara</li>
	<li>Grant Salma the role of manager in project A.</li>
	<li>Grant Britney the role of develop in projects A and B.</li>
	<li>Grant Demi the role of developer in project A and the role of manager in project B</li>
	<li>Grant Cameron the role of observer in project A.</li>
	<li>Grant Madona the role of developer in project B.</li>
	<li>Grant Barbara the role of observer in project B.</li>
	</ul>
	</subsection>
	<subsection name="Dynamic">
	<ul>
	<li>Declare a group of "managers for project A"</li>
	<li>Declare a group of "developers for project A"</li>
	<li>Declare a group of "observers for project A"</li>
	<li>Declare a group of "managers for project B"</li>
	<li>Declare a group of "developers for project B"</li>
	<li>Declare a group of "observers for project B"</li>
	<li>Declare four permissions. One for each operation.</li>
	<li>Declare three roles. Manager, Developer and Observer</li>
	<li>Declare another three groups. One for each role.</li>
	<li>Declare another two roles. One for each</li>
	<li>Create users for Salma, Britney, Demi, Cameron, Madona and Barbara</li>
	<li>Make Salma, Britney, Demi and Cameron part of group "project A".</li>
	<li>Make Demi, Madona, Britney and Barbara part of group "project B".</li>
	</ul>
	<p>We need to do more work on this</p>
	</subsection>
	<subsection name="Basic">
	<ul>
	<li>Declare two groups. One for each project</li>
	<li>Create users for Salma, Britney, Demi, Cameron, Madona and Barbara</li>
	<li>Make Salma, Britney, Demi and Cameron part of group "project A".</li>
	<li>Make Demi, Madona, Britney and Barbara part of group "project B".</li>
	</ul>
	<p>
	With this configuration you can control that one project is afected only by the members
	of the project. However, you don't have control over which operations can be done by each member
	within the project.
	</p>
	</subsection>

	</section>
	</body>
	</document>