current ldap schemas

git-svn-id: https://textgridlab.org/svn/textgrid/trunk/middleware/tgauth@6698 7c539038-3410-0410-b1ec-0f2a7bf1c452

current ldap schemas
9f24d7ed · Martin Haase · 514f9742 · 9f24d7ed · 9f24d7ed
Commit 9f24d7ed authored 14 years ago by Martin Haase
--- a/info.textgrid.middleware.tgauth.rbac/ldap-schemas/rbac.schema
+++ b/info.textgrid.middleware.tgauth.rbac/ldap-schemas/rbac.schema
+attributetype ( 1.3.6.1.4.1.10126.1.23.1.3.1
+	NAME 'rbacName'
+	DESC 'Eindeutiger Name eines RBAC-Eintrags'
+	EQUALITY caseIgnoreMatch
+	SUBSTR caseIgnoreSubstringsMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+
+attributetype ( 1.3.6.1.4.1.10126.1.23.1.3.2
+	NAME 'rbacResourceName'
+	DESC 'Eine Resource, die mit RBAC verwaltet wird'
+	EQUALITY caseIgnoreMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+
+attributetype ( 1.3.6.1.4.1.10126.1.23.1.3.3
+	NAME 'rbacOperation'
+	DESC 'Eine Operation, die auf eine rbacResource anwendbar ist'
+	EQUALITY caseIgnoreMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+
+attributetype ( 1.3.6.1.4.1.10126.1.23.1.3.4
+	NAME 'rbacPerformer'
+	DESC 'Inhaber einer Role'
+	EQUALITY caseIgnoreMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+
+attributetype ( 1.3.6.1.4.1.10126.1.23.1.3.5
+	NAME 'rbacAllow'
+	DESC 'Berechtigung einer Role'
+	EQUALITY caseIgnoreMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+
+attributetype ( 1.3.6.1.4.1.10126.1.23.1.3.6
+	NAME 'rbacSessionRole'
+	DESC 'Eine aktive Session-Rolle'
+	EQUALITY caseIgnoreMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+
+attributetype ( 1.3.6.1.4.1.10126.1.23.1.3.7
+	NAME 'rbacSessionUser'
+	DESC 'Der Besitzer einer Session'
+	EQUALITY caseIgnoreMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+
+attributetype ( 1.3.6.1.4.1.10126.1.23.1.3.8
+	NAME 'rbacDescription'
+	DESC 'Eine RBAC-spezifische Beschreibung'
+	EQUALITY caseIgnoreMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+
+attributetype ( 1.3.6.1.4.1.10126.1.23.1.3.9
+	NAME 'rbacPermission'
+	DESC 'Eine Berechtigung bestehend aus Rolle und Operation'
+	EQUALITY caseIgnoreMatch
+	SUBSTR caseIgnoreSubstringsMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+
+attributetype ( 1.3.6.1.4.1.10126.1.23.1.3.10
+	NAME 'rbacSDRole'
+	DESC 'Eine Rolle in einem SSD- oder DSD-Set'
+	EQUALITY caseIgnoreMatch
+	SUBSTR caseIgnoreSubstringsMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+
+attributetype ( 1.3.6.1.4.1.10126.1.23.1.3.11
+	NAME 'rbacCardinality'
+	DESC 'Die Kardinalitaet eine SSD- oder DSD-Set'
+	EQUALITY integerMatch
+	ORDERING integerOrderingMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
+
+
+attributetype ( 1.3.6.1.4.1.10126.1.23.1.3.12
+	NAME 'rbacSessionCreationTimestamp'
+	DESC 'Der Zeitpunkt, zu dem eine Session angelegt wurde'
+	EQUALITY generalizedTimeMatch
+	ORDERING generalizedTimeOrderingMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )
+
+
+attributetype ( 1.3.6.1.4.1.10126.1.23.1.3.13
+        NAME 'rbacSessionCheckTimestamp'
+        DESC 'Der Zeitpunkt, zu dem eine Session das letzte mal
+              verwendet wurde, um eine Entscheidung zu treffen.'
+        EQUALITY generalizedTimeMatch
+	ORDERING generalizedTimeOrderingMatch
+        SINGLE-VALUE
+        SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )
+
+
+objectclass ( 1.3.6.1.4.1.10126.1.23.1.4.2
+	NAME 'rbacRole'
+	DESC 'Eine RBAC-Rolle'
+	SUP top
+	STRUCTURAL
+	MUST ( rbacName )
+	MAY ( rbacAllow $ rbacPerformer $ rbacDescription ) )
+
+
+objectclass ( 1.3.6.1.4.1.10126.1.23.1.4.3
+	NAME 'rbacSession'
+	DESC 'Eine RBAC-Session'
+	SUP top
+	STRUCTURAL
+	MUST ( rbacName $ rbacSessionUser $ rbacSessionCreationTimestamp )
+	MAY ( rbacSessionRole $ rbacDescription $ rbacSessionCheckTimestamp ) )
+
+
+objectClass ( 1.3.6.1.4.1.10126.1.23.1.4.4
+	NAME 'rbacResource'
+	DESC 'Eine RBAC-Resource'
+	AUXILIARY
+	MAY ( rbacName $ rbacOperation $ rbacDescription $ rbacPermission ) )
+
+
+objectclass ( 1.3.6.1.4.1.10126.1.23.1.4.5
+	NAME 'rbacSSD'
+	DESC 'Ein SSD-Set'
+	SUP top
+	STRUCTURAL
+	MUST ( rbacName $ rbacCardinality )
+	MAY ( rbacSDRole ) )
+
+objectclass ( 1.3.6.1.4.1.10126.1.23.1.4.6
+	NAME 'rbacDSD'
+	DESC 'Ein DSD-Set'
+	SUP top
+	STRUCTURAL
+	MUST ( rbacName $ rbacCardinality )
+	MAY ( rbacSDRole ) )
--- a/info.textgrid.middleware.tgauth.rbac/ldap-schemas/textgrid.schema
+++ b/info.textgrid.middleware.tgauth.rbac/ldap-schemas/textgrid.schema
+attributetype ( 1.3.6.1.4.1.10126.1.35.3.1
+	NAME 'TGResourceURI'
+	DESC 'URI of a Textgrid object'
+	EQUALITY caseExactMatch
+	SUBSTR caseExactSubstringsMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype ( 1.3.6.1.4.1.10126.1.35.3.8
+	NAME 'TGProjectFile'
+	DESC 'URI of the Textgrid object representing the ProjectFile for a TextGridProject'
+	EQUALITY caseExactMatch
+	SUBSTR caseExactSubstringsMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype ( 1.3.6.1.4.1.10126.1.35.3.2
+	NAME 'TGResourceOwner'
+	DESC 'Owner of a Textgrid object, in eduPersonPrincipalName format'
+	EQUALITY caseIgnoreMatch
+	SUBSTR caseIgnoreSubstringsMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype ( 1.3.6.1.4.1.10126.1.35.3.3
+	NAME 'TGProjectId'
+	DESC 'Id of TextGrid project, format: tgpr123'
+	EQUALITY caseIgnoreMatch
+	SUBSTR caseIgnoreSubstringsMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype ( 1.3.6.1.4.1.10126.1.35.3.4
+	NAME 'TGProjectName'
+	DESC '(short) Name of TextGrid project'
+	EQUALITY caseIgnoreMatch
+	SUBSTR caseIgnoreSubstringsMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype ( 1.3.6.1.4.1.10126.1.35.3.5
+	NAME 'TGProjectDescription'
+	DESC '(longer) description of TextGrid project'
+	EQUALITY caseIgnoreMatch
+	SUBSTR caseIgnoreSubstringsMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype ( 1.3.6.1.4.1.10126.1.35.3.6
+	NAME 'TGisPublic'
+	DESC 'Flag if this TextGrid Resource is publicly readable'
+	EQUALITY booleanMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
+
+attributetype ( 1.3.6.1.4.1.10126.1.35.3.7
+	NAME 'TGProjectDeactivated'
+	DESC 'Flag if the project is deactivated'
+	EQUALITY booleanMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
+
+attributetype ( 1.3.6.1.4.1.10126.1.35.3.9
+	NAME 'TGWantsNewsletter'
+	DESC 'Flag if the user wants the TextGrid newsletter'
+	EQUALITY booleanMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
+
+attributetype ( 1.3.6.1.4.1.10126.1.35.3.10
+        NAME 'TGisProjectFile'
+        DESC 'Flag if the project is deactivated'
+	EQUALITY booleanMatch
+        SINGLE-VALUE
+        SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
+
+attributetype ( 1.3.6.1.4.1.10126.1.35.3.11
+        NAME 'TGagreeSearch'
+        DESC 'Flag if user agrees to be searchable by name / e-mail'
+        EQUALITY booleanMatch
+        SINGLE-VALUE
+        SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
+
+attributetype ( 1.3.6.1.4.1.10126.1.35.3.12
+        NAME 'TGuserSuppliedData'
+        DESC 'Flag if user supplied his personal data (name, mail) himself (set to FALSE if fetched from external source)'
+        EQUALITY booleanMatch
+        SINGLE-VALUE
+        SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
+
+
+
+objectclass ( 1.3.6.1.4.1.10126.1.35.4.1
+	NAME 'TextGridResource'
+	DESC 'Main ObjectClass of a TextGrid resource'
+	SUP top
+	STRUCTURAL
+	MUST ( TGResourceURI $ TGisPublic $ TGProjectId )
+	MAY ( TGResourceOwner $ TGisProjectFile ) )
+
+objectclass ( 1.3.6.1.4.1.10126.1.35.4.2
+	NAME 'TextGridProject'
+	DESC 'Auxiliary information for a project role'
+	SUP top
+	AUXILIARY
+	MUST ( TGProjectId )
+	MAY ( TGProjectName $ TGProjectDescription $ TGProjectDeactivated $ TGProjectFile) )
+
+
+objectclass ( 1.3.6.1.4.1.10126.1.35.4.3
+	NAME 'TextGridUser'
+	DESC 'User Account in TextGrid'
+	SUP top
+	AUXILIARY
+	MUST ( )
+	MAY ( TGWantsNewsletter $ TGagreeSearch $ TGuserSuppliedData ) )
+