From 9f24d7ed1fb74d3cf1d098b5f3f53e9b023608ea Mon Sep 17 00:00:00 2001
From: Martin Haase <martin.haase@daasi.de>
Date: Thu, 15 Jul 2010 15:07:05 +0000
Subject: [PATCH] current ldap schemas

git-svn-id: https://textgridlab.org/svn/textgrid/trunk/middleware/tgauth@6698 7c539038-3410-0410-b1ec-0f2a7bf1c452
---
 .../ldap-schemas/rbac.schema                  | 143 ++++++++++++++++++
 .../ldap-schemas/textgrid.schema              | 117 ++++++++++++++
 2 files changed, 260 insertions(+)
 create mode 100644 info.textgrid.middleware.tgauth.rbac/ldap-schemas/rbac.schema
 create mode 100644 info.textgrid.middleware.tgauth.rbac/ldap-schemas/textgrid.schema

diff --git a/info.textgrid.middleware.tgauth.rbac/ldap-schemas/rbac.schema b/info.textgrid.middleware.tgauth.rbac/ldap-schemas/rbac.schema
new file mode 100644
index 0000000..5377700
--- /dev/null
+++ b/info.textgrid.middleware.tgauth.rbac/ldap-schemas/rbac.schema
@@ -0,0 +1,143 @@
+attributetype ( 1.3.6.1.4.1.10126.1.23.1.3.1
+	NAME 'rbacName'
+	DESC 'Eindeutiger Name eines RBAC-Eintrags'
+	EQUALITY caseIgnoreMatch
+	SUBSTR caseIgnoreSubstringsMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+
+attributetype ( 1.3.6.1.4.1.10126.1.23.1.3.2
+	NAME 'rbacResourceName'
+	DESC 'Eine Resource, die mit RBAC verwaltet wird'
+	EQUALITY caseIgnoreMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+
+attributetype ( 1.3.6.1.4.1.10126.1.23.1.3.3
+	NAME 'rbacOperation'
+	DESC 'Eine Operation, die auf eine rbacResource anwendbar ist'
+	EQUALITY caseIgnoreMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+
+attributetype ( 1.3.6.1.4.1.10126.1.23.1.3.4
+	NAME 'rbacPerformer'
+	DESC 'Inhaber einer Role'
+	EQUALITY caseIgnoreMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+
+attributetype ( 1.3.6.1.4.1.10126.1.23.1.3.5
+	NAME 'rbacAllow'
+	DESC 'Berechtigung einer Role'
+	EQUALITY caseIgnoreMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+
+attributetype ( 1.3.6.1.4.1.10126.1.23.1.3.6
+	NAME 'rbacSessionRole'
+	DESC 'Eine aktive Session-Rolle'
+	EQUALITY caseIgnoreMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+
+attributetype ( 1.3.6.1.4.1.10126.1.23.1.3.7
+	NAME 'rbacSessionUser'
+	DESC 'Der Besitzer einer Session'
+	EQUALITY caseIgnoreMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+
+attributetype ( 1.3.6.1.4.1.10126.1.23.1.3.8
+	NAME 'rbacDescription'
+	DESC 'Eine RBAC-spezifische Beschreibung'
+	EQUALITY caseIgnoreMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+
+attributetype ( 1.3.6.1.4.1.10126.1.23.1.3.9
+	NAME 'rbacPermission'
+	DESC 'Eine Berechtigung bestehend aus Rolle und Operation'
+	EQUALITY caseIgnoreMatch
+	SUBSTR caseIgnoreSubstringsMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+
+attributetype ( 1.3.6.1.4.1.10126.1.23.1.3.10
+	NAME 'rbacSDRole'
+	DESC 'Eine Rolle in einem SSD- oder DSD-Set'
+	EQUALITY caseIgnoreMatch
+	SUBSTR caseIgnoreSubstringsMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+
+attributetype ( 1.3.6.1.4.1.10126.1.23.1.3.11
+	NAME 'rbacCardinality'
+	DESC 'Die Kardinalitaet eine SSD- oder DSD-Set'
+	EQUALITY integerMatch
+	ORDERING integerOrderingMatch
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 )
+
+
+attributetype ( 1.3.6.1.4.1.10126.1.23.1.3.12
+	NAME 'rbacSessionCreationTimestamp'
+	DESC 'Der Zeitpunkt, zu dem eine Session angelegt wurde'
+	EQUALITY generalizedTimeMatch
+	ORDERING generalizedTimeOrderingMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )
+
+
+attributetype ( 1.3.6.1.4.1.10126.1.23.1.3.13
+        NAME 'rbacSessionCheckTimestamp'
+        DESC 'Der Zeitpunkt, zu dem eine Session das letzte mal
+              verwendet wurde, um eine Entscheidung zu treffen.'
+        EQUALITY generalizedTimeMatch
+	ORDERING generalizedTimeOrderingMatch
+        SINGLE-VALUE
+        SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 )
+
+
+objectclass ( 1.3.6.1.4.1.10126.1.23.1.4.2
+	NAME 'rbacRole'
+	DESC 'Eine RBAC-Rolle'
+	SUP top
+	STRUCTURAL
+	MUST ( rbacName )
+	MAY ( rbacAllow $ rbacPerformer $ rbacDescription ) )
+
+
+objectclass ( 1.3.6.1.4.1.10126.1.23.1.4.3
+	NAME 'rbacSession'
+	DESC 'Eine RBAC-Session'
+	SUP top
+	STRUCTURAL
+	MUST ( rbacName $ rbacSessionUser $ rbacSessionCreationTimestamp )
+	MAY ( rbacSessionRole $ rbacDescription $ rbacSessionCheckTimestamp ) )
+
+
+objectClass ( 1.3.6.1.4.1.10126.1.23.1.4.4
+	NAME 'rbacResource'
+	DESC 'Eine RBAC-Resource'
+	AUXILIARY
+	MAY ( rbacName $ rbacOperation $ rbacDescription $ rbacPermission ) )
+
+
+objectclass ( 1.3.6.1.4.1.10126.1.23.1.4.5
+	NAME 'rbacSSD'
+	DESC 'Ein SSD-Set'
+	SUP top
+	STRUCTURAL
+	MUST ( rbacName $ rbacCardinality )
+	MAY ( rbacSDRole ) )
+
+objectclass ( 1.3.6.1.4.1.10126.1.23.1.4.6
+	NAME 'rbacDSD'
+	DESC 'Ein DSD-Set'
+	SUP top
+	STRUCTURAL
+	MUST ( rbacName $ rbacCardinality )
+	MAY ( rbacSDRole ) )
diff --git a/info.textgrid.middleware.tgauth.rbac/ldap-schemas/textgrid.schema b/info.textgrid.middleware.tgauth.rbac/ldap-schemas/textgrid.schema
new file mode 100644
index 0000000..d06e76c
--- /dev/null
+++ b/info.textgrid.middleware.tgauth.rbac/ldap-schemas/textgrid.schema
@@ -0,0 +1,117 @@
+attributetype ( 1.3.6.1.4.1.10126.1.35.3.1
+	NAME 'TGResourceURI'
+	DESC 'URI of a Textgrid object'
+	EQUALITY caseExactMatch
+	SUBSTR caseExactSubstringsMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype ( 1.3.6.1.4.1.10126.1.35.3.8
+	NAME 'TGProjectFile'
+	DESC 'URI of the Textgrid object representing the ProjectFile for a TextGridProject'
+	EQUALITY caseExactMatch
+	SUBSTR caseExactSubstringsMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype ( 1.3.6.1.4.1.10126.1.35.3.2
+	NAME 'TGResourceOwner'
+	DESC 'Owner of a Textgrid object, in eduPersonPrincipalName format'
+	EQUALITY caseIgnoreMatch
+	SUBSTR caseIgnoreSubstringsMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype ( 1.3.6.1.4.1.10126.1.35.3.3
+	NAME 'TGProjectId'
+	DESC 'Id of TextGrid project, format: tgpr123'
+	EQUALITY caseIgnoreMatch
+	SUBSTR caseIgnoreSubstringsMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype ( 1.3.6.1.4.1.10126.1.35.3.4
+	NAME 'TGProjectName'
+	DESC '(short) Name of TextGrid project'
+	EQUALITY caseIgnoreMatch
+	SUBSTR caseIgnoreSubstringsMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype ( 1.3.6.1.4.1.10126.1.35.3.5
+	NAME 'TGProjectDescription'
+	DESC '(longer) description of TextGrid project'
+	EQUALITY caseIgnoreMatch
+	SUBSTR caseIgnoreSubstringsMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )
+
+attributetype ( 1.3.6.1.4.1.10126.1.35.3.6
+	NAME 'TGisPublic'
+	DESC 'Flag if this TextGrid Resource is publicly readable'
+	EQUALITY booleanMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
+
+attributetype ( 1.3.6.1.4.1.10126.1.35.3.7
+	NAME 'TGProjectDeactivated'
+	DESC 'Flag if the project is deactivated'
+	EQUALITY booleanMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
+
+attributetype ( 1.3.6.1.4.1.10126.1.35.3.9
+	NAME 'TGWantsNewsletter'
+	DESC 'Flag if the user wants the TextGrid newsletter'
+	EQUALITY booleanMatch
+	SINGLE-VALUE
+	SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
+
+attributetype ( 1.3.6.1.4.1.10126.1.35.3.10
+        NAME 'TGisProjectFile'
+        DESC 'Flag if the project is deactivated'
+	EQUALITY booleanMatch
+        SINGLE-VALUE
+        SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
+
+attributetype ( 1.3.6.1.4.1.10126.1.35.3.11
+        NAME 'TGagreeSearch'
+        DESC 'Flag if user agrees to be searchable by name / e-mail'
+        EQUALITY booleanMatch
+        SINGLE-VALUE
+        SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
+
+attributetype ( 1.3.6.1.4.1.10126.1.35.3.12
+        NAME 'TGuserSuppliedData'
+        DESC 'Flag if user supplied his personal data (name, mail) himself (set to FALSE if fetched from external source)'
+        EQUALITY booleanMatch
+        SINGLE-VALUE
+        SYNTAX 1.3.6.1.4.1.1466.115.121.1.7 )
+
+
+
+objectclass ( 1.3.6.1.4.1.10126.1.35.4.1
+	NAME 'TextGridResource'
+	DESC 'Main ObjectClass of a TextGrid resource'
+	SUP top
+	STRUCTURAL
+	MUST ( TGResourceURI $ TGisPublic $ TGProjectId )
+	MAY ( TGResourceOwner $ TGisProjectFile ) )
+
+objectclass ( 1.3.6.1.4.1.10126.1.35.4.2
+	NAME 'TextGridProject'
+	DESC 'Auxiliary information for a project role'
+	SUP top
+	AUXILIARY
+	MUST ( TGProjectId )
+	MAY ( TGProjectName $ TGProjectDescription $ TGProjectDeactivated $ TGProjectFile) )
+
+
+objectclass ( 1.3.6.1.4.1.10126.1.35.4.3
+	NAME 'TextGridUser'
+	DESC 'User Account in TextGrid'
+	SUP top
+	AUXILIARY
+	MUST ( )
+	MAY ( TGWantsNewsletter $ TGagreeSearch $ TGuserSuppliedData ) )
+
-- 
GitLab