mirror of https://github.com/apache/archiva.git
use an artifact with test resources from redback to avoid too much file duplication redback-core.xml
git-svn-id: https://svn.apache.org/repos/asf/archiva/trunk@1197359 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Olivier Lamy
parent
f91f284d77
commit
159806983d
|
|
@ -141,6 +141,11 @@
|
|||
<artifactId>redback-users-memory</artifactId>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.codehaus.redback</groupId>
|
||||
<artifactId>redback-common-test-resources</artifactId>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
<build>
|
||||
<pluginManagement>
|
||||
|
|
|
|||
|
|
@ -1,247 +0,0 @@
|
|||
<!--
|
||||
~ Licensed to the Apache Software Foundation (ASF) under one
|
||||
~ or more contributor license agreements. See the NOTICE file
|
||||
~ distributed with this work for additional information
|
||||
~ regarding copyright ownership. The ASF licenses this file
|
||||
~ to you under the Apache License, Version 2.0 (the
|
||||
~ "License"); you may not use this file except in compliance
|
||||
~ with the License. You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
|
||||
<redback-role-model>
|
||||
<modelVersion>1.0.0</modelVersion>
|
||||
<applications>
|
||||
<application>
|
||||
<id>System</id>
|
||||
<description>Roles that apply system-wide, across all of the applications</description>
|
||||
<version>1.0.0</version>
|
||||
<resources>
|
||||
<resource>
|
||||
<id>global</id>
|
||||
<name>*</name>
|
||||
<permanent>true</permanent>
|
||||
<description>global resource implies full access for authorization</description>
|
||||
</resource>
|
||||
<resource>
|
||||
<id>username</id>
|
||||
<name>${username}</name>
|
||||
<permanent>true</permanent>
|
||||
<description>replaced with the username of the principal at authorization check time</description>
|
||||
</resource>
|
||||
</resources>
|
||||
<operations>
|
||||
<operation>
|
||||
<id>configuration-edit</id>
|
||||
<name>configuration-edit</name>
|
||||
<description>edit configuration</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-create</id>
|
||||
<name>user-management-user-create</name>
|
||||
<description>create user</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-edit</id>
|
||||
<name>user-management-user-edit</name>
|
||||
<description>edit user</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-role</id>
|
||||
<name>user-management-user-role</name>
|
||||
<description>user roles</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-delete</id>
|
||||
<name>user-management-user-delete</name>
|
||||
<description>delete user</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-list</id>
|
||||
<name>user-management-user-list</name>
|
||||
<description>list users</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-role-grant</id>
|
||||
<name>user-management-role-grant</name>
|
||||
<description>grant role</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-role-drop</id>
|
||||
<name>user-management-role-drop</name>
|
||||
<description>drop role</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-rbac-admin</id>
|
||||
<name>user-management-rbac-admin</name>
|
||||
<description>administer rbac</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>guest-access</id>
|
||||
<name>guest-access</name>
|
||||
<description>access guest</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-manage-data</id>
|
||||
<name>user-management-manage-data</name>
|
||||
<description>manage data</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
</operations>
|
||||
<roles>
|
||||
<role>
|
||||
<id>system-administrator</id>
|
||||
<name>System Administrator</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>edit-redback-configuration</id>
|
||||
<name>Edit Redback Configuration</name>
|
||||
<operation>configuration-edit</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>manage-rbac-setup</id>
|
||||
<name>User RBAC Management</name>
|
||||
<operation>user-management-rbac-admin</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>manage-rbac-data</id>
|
||||
<name>RBAC Manage Data</name>
|
||||
<operation>user-management-manage-data</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
<childRoles>
|
||||
<childRole>user-administrator</childRole>
|
||||
</childRoles>
|
||||
</role>
|
||||
<role>
|
||||
<id>user-administrator</id>
|
||||
<name>User Administrator</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>drop-roles-for-anyone</id>
|
||||
<name>Drop Roles for Anyone</name>
|
||||
<operation>user-management-role-drop</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>grant-roles-for-anyone</id>
|
||||
<name>Grant Roles for Anyone</name>
|
||||
<operation>user-management-role-grant</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>user-create</id>
|
||||
<name>Create Users</name>
|
||||
<operation>user-management-user-create</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>user-delete</id>
|
||||
<name>Delete Users</name>
|
||||
<operation>user-management-user-delete</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>user-edit</id>
|
||||
<name>Edit Users</name>
|
||||
<operation>user-management-user-edit</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>access-users-roles</id>
|
||||
<name>Access Users Roles</name>
|
||||
<operation>user-management-user-role</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>access-user-list</id>
|
||||
<name>Access User List</name>
|
||||
<operation>user-management-user-list</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
</role>
|
||||
<role>
|
||||
<id>edit-users-list</id>
|
||||
<name>edit users list</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>access-user-list</id>
|
||||
<name>Access User List</name>
|
||||
<operation>user-management-user-list</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
</role>
|
||||
<role>
|
||||
<id>registered-user</id>
|
||||
<name>Registered User</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>edit-user-by-username</id>
|
||||
<name>Edit User Data by Username</name>
|
||||
<operation>user-management-user-edit</operation>
|
||||
<resource>username</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
</role>
|
||||
<role>
|
||||
<id>guest</id>
|
||||
<name>Guest</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>guest-permission</id>
|
||||
<name>Guest Permission</name>
|
||||
<operation>guest-access</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
</role>
|
||||
</roles>
|
||||
</application>
|
||||
</applications>
|
||||
</redback-role-model>
|
||||
|
|
@ -143,6 +143,11 @@
|
|||
<groupId>org.apache.archiva</groupId>
|
||||
<artifactId>archiva-security-common</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.codehaus.redback</groupId>
|
||||
<artifactId>redback-common-test-resources</artifactId>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
<build>
|
||||
<plugins>
|
||||
|
|
|
|||
|
|
@ -1,232 +0,0 @@
|
|||
<!--
|
||||
~ Licensed to the Apache Software Foundation (ASF) under one
|
||||
~ or more contributor license agreements. See the NOTICE file
|
||||
~ distributed with this work for additional information
|
||||
~ regarding copyright ownership. The ASF licenses this file
|
||||
~ to you under the Apache License, Version 2.0 (the
|
||||
~ "License"); you may not use this file except in compliance
|
||||
~ with the License. You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
|
||||
<redback-role-model>
|
||||
<modelVersion>1.0.0</modelVersion>
|
||||
<applications>
|
||||
<application>
|
||||
<id>System</id>
|
||||
<description>Roles that apply system-wide, across all of the applications</description>
|
||||
<version>1.0.0</version>
|
||||
<resources>
|
||||
<resource>
|
||||
<id>global</id>
|
||||
<name>*</name>
|
||||
<permanent>true</permanent>
|
||||
<description>global resource implies full access for authorization</description>
|
||||
</resource>
|
||||
<resource>
|
||||
<id>username</id>
|
||||
<name>${username}</name>
|
||||
<permanent>true</permanent>
|
||||
<description>replaced with the username of the principal at authorization check time</description>
|
||||
</resource>
|
||||
</resources>
|
||||
<operations>
|
||||
<operation>
|
||||
<id>configuration-edit</id>
|
||||
<name>configuration-edit</name>
|
||||
<description>edit configuration</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-create</id>
|
||||
<name>user-management-user-create</name>
|
||||
<description>create user</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-edit</id>
|
||||
<name>user-management-user-edit</name>
|
||||
<description>edit user</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-role</id>
|
||||
<name>user-management-user-role</name>
|
||||
<description>user roles</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-delete</id>
|
||||
<name>user-management-user-delete</name>
|
||||
<description>delete user</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-list</id>
|
||||
<name>user-management-user-list</name>
|
||||
<description>list users</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-role-grant</id>
|
||||
<name>user-management-role-grant</name>
|
||||
<description>grant role</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-role-drop</id>
|
||||
<name>user-management-role-drop</name>
|
||||
<description>drop role</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-rbac-admin</id>
|
||||
<name>user-management-rbac-admin</name>
|
||||
<description>administer rbac</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>guest-access</id>
|
||||
<name>guest-access</name>
|
||||
<description>access guest</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-manage-data</id>
|
||||
<name>user-management-manage-data</name>
|
||||
<description>manage data</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
</operations>
|
||||
<roles>
|
||||
<role>
|
||||
<id>system-administrator</id>
|
||||
<name>System Administrator</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>edit-redback-configuration</id>
|
||||
<name>Edit Redback Configuration</name>
|
||||
<operation>configuration-edit</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>manage-rbac-setup</id>
|
||||
<name>User RBAC Management</name>
|
||||
<operation>user-management-rbac-admin</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>manage-rbac-data</id>
|
||||
<name>RBAC Manage Data</name>
|
||||
<operation>user-management-manage-data</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
<childRoles>
|
||||
<childRole>user-administrator</childRole>
|
||||
</childRoles>
|
||||
</role>
|
||||
<role>
|
||||
<id>user-administrator</id>
|
||||
<name>User Administrator</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>drop-roles-for-anyone</id>
|
||||
<name>Drop Roles for Anyone</name>
|
||||
<operation>user-management-role-drop</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>grant-roles-for-anyone</id>
|
||||
<name>Grant Roles for Anyone</name>
|
||||
<operation>user-management-role-grant</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>user-create</id>
|
||||
<name>Create Users</name>
|
||||
<operation>user-management-user-create</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>user-delete</id>
|
||||
<name>Delete Users</name>
|
||||
<operation>user-management-user-delete</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>user-edit</id>
|
||||
<name>Edit Users</name>
|
||||
<operation>user-management-user-edit</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>access-users-roles</id>
|
||||
<name>Access Users Roles</name>
|
||||
<operation>user-management-user-role</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>access-user-list</id>
|
||||
<name>Access User List</name>
|
||||
<operation>user-management-user-list</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
</role>
|
||||
<role>
|
||||
<id>registered-user</id>
|
||||
<name>Registered User</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>edit-user-by-username</id>
|
||||
<name>Edit User Data by Username</name>
|
||||
<operation>user-management-user-edit</operation>
|
||||
<resource>username</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
</role>
|
||||
<role>
|
||||
<id>guest</id>
|
||||
<name>Guest</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>guest-permission</id>
|
||||
<name>Guest Permission</name>
|
||||
<operation>guest-access</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
</role>
|
||||
</roles>
|
||||
</application>
|
||||
</applications>
|
||||
</redback-role-model>
|
||||
|
|
@ -194,6 +194,12 @@
|
|||
<scope>test</scope>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.codehaus.redback</groupId>
|
||||
<artifactId>redback-common-test-resources</artifactId>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
|
||||
</dependencies>
|
||||
|
||||
<build>
|
||||
|
|
|
|||
|
|
@ -1,232 +0,0 @@
|
|||
<!--
|
||||
~ Licensed to the Apache Software Foundation (ASF) under one
|
||||
~ or more contributor license agreements. See the NOTICE file
|
||||
~ distributed with this work for additional information
|
||||
~ regarding copyright ownership. The ASF licenses this file
|
||||
~ to you under the Apache License, Version 2.0 (the
|
||||
~ "License"); you may not use this file except in compliance
|
||||
~ with the License. You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
|
||||
<redback-role-model>
|
||||
<modelVersion>1.0.0</modelVersion>
|
||||
<applications>
|
||||
<application>
|
||||
<id>System</id>
|
||||
<description>Roles that apply system-wide, across all of the applications</description>
|
||||
<version>1.0.0</version>
|
||||
<resources>
|
||||
<resource>
|
||||
<id>global</id>
|
||||
<name>*</name>
|
||||
<permanent>true</permanent>
|
||||
<description>global resource implies full access for authorization</description>
|
||||
</resource>
|
||||
<resource>
|
||||
<id>username</id>
|
||||
<name>${username}</name>
|
||||
<permanent>true</permanent>
|
||||
<description>replaced with the username of the principal at authorization check time</description>
|
||||
</resource>
|
||||
</resources>
|
||||
<operations>
|
||||
<operation>
|
||||
<id>configuration-edit</id>
|
||||
<name>configuration-edit</name>
|
||||
<description>edit configuration</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-create</id>
|
||||
<name>user-management-user-create</name>
|
||||
<description>create user</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-edit</id>
|
||||
<name>user-management-user-edit</name>
|
||||
<description>edit user</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-role</id>
|
||||
<name>user-management-user-role</name>
|
||||
<description>user roles</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-delete</id>
|
||||
<name>user-management-user-delete</name>
|
||||
<description>delete user</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-list</id>
|
||||
<name>user-management-user-list</name>
|
||||
<description>list users</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-role-grant</id>
|
||||
<name>user-management-role-grant</name>
|
||||
<description>grant role</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-role-drop</id>
|
||||
<name>user-management-role-drop</name>
|
||||
<description>drop role</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-rbac-admin</id>
|
||||
<name>user-management-rbac-admin</name>
|
||||
<description>administer rbac</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>guest-access</id>
|
||||
<name>guest-access</name>
|
||||
<description>access guest</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-manage-data</id>
|
||||
<name>user-management-manage-data</name>
|
||||
<description>manage data</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
</operations>
|
||||
<roles>
|
||||
<role>
|
||||
<id>system-administrator</id>
|
||||
<name>System Administrator</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>edit-redback-configuration</id>
|
||||
<name>Edit Redback Configuration</name>
|
||||
<operation>configuration-edit</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>manage-rbac-setup</id>
|
||||
<name>User RBAC Management</name>
|
||||
<operation>user-management-rbac-admin</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>manage-rbac-data</id>
|
||||
<name>RBAC Manage Data</name>
|
||||
<operation>user-management-manage-data</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
<childRoles>
|
||||
<childRole>user-administrator</childRole>
|
||||
</childRoles>
|
||||
</role>
|
||||
<role>
|
||||
<id>user-administrator</id>
|
||||
<name>User Administrator</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>drop-roles-for-anyone</id>
|
||||
<name>Drop Roles for Anyone</name>
|
||||
<operation>user-management-role-drop</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>grant-roles-for-anyone</id>
|
||||
<name>Grant Roles for Anyone</name>
|
||||
<operation>user-management-role-grant</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>user-create</id>
|
||||
<name>Create Users</name>
|
||||
<operation>user-management-user-create</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>user-delete</id>
|
||||
<name>Delete Users</name>
|
||||
<operation>user-management-user-delete</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>user-edit</id>
|
||||
<name>Edit Users</name>
|
||||
<operation>user-management-user-edit</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>access-users-roles</id>
|
||||
<name>Access Users Roles</name>
|
||||
<operation>user-management-user-role</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>access-user-list</id>
|
||||
<name>Access User List</name>
|
||||
<operation>user-management-user-list</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
</role>
|
||||
<role>
|
||||
<id>registered-user</id>
|
||||
<name>Registered User</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>edit-user-by-username</id>
|
||||
<name>Edit User Data by Username</name>
|
||||
<operation>user-management-user-edit</operation>
|
||||
<resource>username</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
</role>
|
||||
<role>
|
||||
<id>guest</id>
|
||||
<name>Guest</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>guest-permission</id>
|
||||
<name>Guest Permission</name>
|
||||
<operation>guest-access</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
</role>
|
||||
</roles>
|
||||
</application>
|
||||
</applications>
|
||||
</redback-role-model>
|
||||
|
|
@ -119,6 +119,13 @@
|
|||
<artifactId>wagon-http</artifactId>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.codehaus.redback</groupId>
|
||||
<artifactId>redback-common-test-resources</artifactId>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
|
||||
</dependencies>
|
||||
|
||||
<build>
|
||||
|
|
|
|||
|
|
@ -1,247 +0,0 @@
|
|||
<!--
|
||||
~ Licensed to the Apache Software Foundation (ASF) under one
|
||||
~ or more contributor license agreements. See the NOTICE file
|
||||
~ distributed with this work for additional information
|
||||
~ regarding copyright ownership. The ASF licenses this file
|
||||
~ to you under the Apache License, Version 2.0 (the
|
||||
~ "License"); you may not use this file except in compliance
|
||||
~ with the License. You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
|
||||
<redback-role-model>
|
||||
<modelVersion>1.0.0</modelVersion>
|
||||
<applications>
|
||||
<application>
|
||||
<id>System</id>
|
||||
<description>Roles that apply system-wide, across all of the applications</description>
|
||||
<version>1.0.0</version>
|
||||
<resources>
|
||||
<resource>
|
||||
<id>global</id>
|
||||
<name>*</name>
|
||||
<permanent>true</permanent>
|
||||
<description>global resource implies full access for authorization</description>
|
||||
</resource>
|
||||
<resource>
|
||||
<id>username</id>
|
||||
<name>${username}</name>
|
||||
<permanent>true</permanent>
|
||||
<description>replaced with the username of the principal at authorization check time</description>
|
||||
</resource>
|
||||
</resources>
|
||||
<operations>
|
||||
<operation>
|
||||
<id>configuration-edit</id>
|
||||
<name>configuration-edit</name>
|
||||
<description>edit configuration</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-create</id>
|
||||
<name>user-management-user-create</name>
|
||||
<description>create user</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-edit</id>
|
||||
<name>user-management-user-edit</name>
|
||||
<description>edit user</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-role</id>
|
||||
<name>user-management-user-role</name>
|
||||
<description>user roles</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-delete</id>
|
||||
<name>user-management-user-delete</name>
|
||||
<description>delete user</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-list</id>
|
||||
<name>user-management-user-list</name>
|
||||
<description>list users</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-role-grant</id>
|
||||
<name>user-management-role-grant</name>
|
||||
<description>grant role</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-role-drop</id>
|
||||
<name>user-management-role-drop</name>
|
||||
<description>drop role</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-rbac-admin</id>
|
||||
<name>user-management-rbac-admin</name>
|
||||
<description>administer rbac</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>guest-access</id>
|
||||
<name>guest-access</name>
|
||||
<description>access guest</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-manage-data</id>
|
||||
<name>user-management-manage-data</name>
|
||||
<description>manage data</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
</operations>
|
||||
<roles>
|
||||
<role>
|
||||
<id>system-administrator</id>
|
||||
<name>System Administrator</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>edit-redback-configuration</id>
|
||||
<name>Edit Redback Configuration</name>
|
||||
<operation>configuration-edit</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>manage-rbac-setup</id>
|
||||
<name>User RBAC Management</name>
|
||||
<operation>user-management-rbac-admin</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>manage-rbac-data</id>
|
||||
<name>RBAC Manage Data</name>
|
||||
<operation>user-management-manage-data</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
<childRoles>
|
||||
<childRole>user-administrator</childRole>
|
||||
</childRoles>
|
||||
</role>
|
||||
<role>
|
||||
<id>user-administrator</id>
|
||||
<name>User Administrator</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>drop-roles-for-anyone</id>
|
||||
<name>Drop Roles for Anyone</name>
|
||||
<operation>user-management-role-drop</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>grant-roles-for-anyone</id>
|
||||
<name>Grant Roles for Anyone</name>
|
||||
<operation>user-management-role-grant</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>user-create</id>
|
||||
<name>Create Users</name>
|
||||
<operation>user-management-user-create</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>user-delete</id>
|
||||
<name>Delete Users</name>
|
||||
<operation>user-management-user-delete</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>user-edit</id>
|
||||
<name>Edit Users</name>
|
||||
<operation>user-management-user-edit</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>access-users-roles</id>
|
||||
<name>Access Users Roles</name>
|
||||
<operation>user-management-user-role</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>access-user-list</id>
|
||||
<name>Access User List</name>
|
||||
<operation>user-management-user-list</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
</role>
|
||||
<role>
|
||||
<id>edit-users-list</id>
|
||||
<name>edit users list</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>access-user-list</id>
|
||||
<name>Access User List</name>
|
||||
<operation>user-management-user-list</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
</role>
|
||||
<role>
|
||||
<id>registered-user</id>
|
||||
<name>Registered User</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>edit-user-by-username</id>
|
||||
<name>Edit User Data by Username</name>
|
||||
<operation>user-management-user-edit</operation>
|
||||
<resource>username</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
</role>
|
||||
<role>
|
||||
<id>guest</id>
|
||||
<name>Guest</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>guest-permission</id>
|
||||
<name>Guest Permission</name>
|
||||
<operation>guest-access</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
</role>
|
||||
</roles>
|
||||
</application>
|
||||
</applications>
|
||||
</redback-role-model>
|
||||
|
|
@ -147,6 +147,11 @@
|
|||
<artifactId>spring-test</artifactId>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.codehaus.redback</groupId>
|
||||
<artifactId>redback-common-test-resources</artifactId>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
<build>
|
||||
<plugins>
|
||||
|
|
|
|||
|
|
@ -1,222 +0,0 @@
|
|||
<!--
|
||||
~ Licensed to the Apache Software Foundation (ASF) under one
|
||||
~ or more contributor license agreements. See the NOTICE file
|
||||
~ distributed with this work for additional information
|
||||
~ regarding copyright ownership. The ASF licenses this file
|
||||
~ to you under the Apache License, Version 2.0 (the
|
||||
~ "License"); you may not use this file except in compliance
|
||||
~ with the License. You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
<redback-role-model>
|
||||
<modelVersion>1.0.0</modelVersion>
|
||||
<applications>
|
||||
<application>
|
||||
<id>Redback XWork Integration Security Core</id>
|
||||
<version>1.0</version>
|
||||
<resources>
|
||||
<resource>
|
||||
<id>global</id>
|
||||
<name>*</name>
|
||||
<permanent>true</permanent>
|
||||
<description>
|
||||
global resource implies full access for authorization
|
||||
</description>
|
||||
</resource>
|
||||
<resource>
|
||||
<id>username</id>
|
||||
<name>${username}</name>
|
||||
<permanent>true</permanent>
|
||||
<description>
|
||||
replaced with the username of the principal at authorization
|
||||
check time
|
||||
</description>
|
||||
</resource>
|
||||
</resources>
|
||||
<operations>
|
||||
<operation>
|
||||
<id>configuration-edit</id>
|
||||
<name>configuration-edit</name>
|
||||
<description>edit configuration</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-create</id>
|
||||
<name>user-management-user-create</name>
|
||||
<description>create user</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-edit</id>
|
||||
<name>user-management-user-edit</name>
|
||||
<description>edit user</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-role</id>
|
||||
<name>user-management-user-role</name>
|
||||
<description>user roles</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-delete</id>
|
||||
<name>user-management-user-delete</name>
|
||||
<description>delete user</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-list</id>
|
||||
<name>user-management-user-list</name>
|
||||
<description>list users</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-role-grant</id>
|
||||
<name>user-management-role-grant</name>
|
||||
<description>grant role</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-role-drop</id>
|
||||
<name>user-management-role-drop</name>
|
||||
<description>drop role</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-rbac-admin</id>
|
||||
<name>user-management-rbac-admin</name>
|
||||
<description>administer rbac</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>guest-access</id>
|
||||
<name>guest-access</name>
|
||||
<description>access guest</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
</operations>
|
||||
<roles>
|
||||
<role>
|
||||
<id>system-administrator</id>
|
||||
<name>System Administrator</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>edit-redback-configuration</id>
|
||||
<name>Edit Redback Configuration</name>
|
||||
<operation>configuration-edit</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>manage-rbac-setup</id>
|
||||
<name>User RBAC Management</name>
|
||||
<operation>user-management-rbac-admin</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
<childRoles>
|
||||
<childRole>user-administrator</childRole>
|
||||
</childRoles>
|
||||
</role>
|
||||
<role>
|
||||
<id>user-administrator</id>
|
||||
<name>User Administrator</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>drop-roles-for-anyone</id>
|
||||
<name>Drop Roles for Anyone</name>
|
||||
<operation>user-management-role-drop</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>grant-roles-for-anyone</id>
|
||||
<name>Grant Roles for Anyone</name>
|
||||
<operation>user-management-role-grant</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>user-create</id>
|
||||
<name>Create Users</name>
|
||||
<operation>user-management-user-create</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>user-delete</id>
|
||||
<name>Delete Users</name>
|
||||
<operation>user-management-user-delete</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>user-edit</id>
|
||||
<name>Edit Users</name>
|
||||
<operation>user-management-user-edit</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>access-users-roles</id>
|
||||
<name>Access Users Roles</name>
|
||||
<operation>user-management-user-role</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>access-user-list</id>
|
||||
<name>Access User List</name>
|
||||
<operation>user-management-user-list</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
</role>
|
||||
<role>
|
||||
<id>registered-user</id>
|
||||
<name>Registered User</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>edit-user-by-username</id>
|
||||
<name>Edit User Data by Username</name>
|
||||
<operation>user-management-user-edit</operation>
|
||||
<resource>username</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
</role>
|
||||
<role>
|
||||
<id>guest</id>
|
||||
<name>Guest</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>guest-permission</id>
|
||||
<name>Guest Permission</name>
|
||||
<operation>guest-access</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
</role>
|
||||
</roles>
|
||||
</application>
|
||||
</applications>
|
||||
</redback-role-model>
|
||||
|
|
@ -128,6 +128,11 @@
|
|||
<groupId>org.apache.derby</groupId>
|
||||
<artifactId>derby</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.codehaus.redback</groupId>
|
||||
<artifactId>redback-common-test-resources</artifactId>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
<build>
|
||||
<plugins>
|
||||
|
|
|
|||
|
|
@ -1,228 +0,0 @@
|
|||
<!--
|
||||
~ Licensed to the Apache Software Foundation (ASF) under one
|
||||
~ or more contributor license agreements. See the NOTICE file
|
||||
~ distributed with this work for additional information
|
||||
~ regarding copyright ownership. The ASF licenses this file
|
||||
~ to you under the Apache License, Version 2.0 (the
|
||||
~ "License"); you may not use this file except in compliance
|
||||
~ with the License. You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
<redback-role-model>
|
||||
<modelVersion>1.0.0</modelVersion>
|
||||
<applications>
|
||||
<application>
|
||||
<id>Redback XWork Integration Security Core</id>
|
||||
<version>1.0</version>
|
||||
<resources>
|
||||
<resource>
|
||||
<id>global</id>
|
||||
<name>*</name>
|
||||
<permanent>true</permanent>
|
||||
<description>
|
||||
global resource implies full access for authorization
|
||||
</description>
|
||||
</resource>
|
||||
<resource>
|
||||
<id>username</id>
|
||||
<name>${username}</name>
|
||||
<permanent>true</permanent>
|
||||
<description>
|
||||
replaced with the username of the principal at authorization
|
||||
check time
|
||||
</description>
|
||||
</resource>
|
||||
</resources>
|
||||
<operations>
|
||||
<operation>
|
||||
<id>configuration-edit</id>
|
||||
<name>configuration-edit</name>
|
||||
<description>edit configuration</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-create</id>
|
||||
<name>user-management-user-create</name>
|
||||
<description>create user</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-edit</id>
|
||||
<name>user-management-user-edit</name>
|
||||
<description>edit user</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-role</id>
|
||||
<name>user-management-user-role</name>
|
||||
<description>user roles</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-delete</id>
|
||||
<name>user-management-user-delete</name>
|
||||
<description>delete user</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-list</id>
|
||||
<name>user-management-user-list</name>
|
||||
<description>list users</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-role-grant</id>
|
||||
<name>user-management-role-grant</name>
|
||||
<description>grant role</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-role-drop</id>
|
||||
<name>user-management-role-drop</name>
|
||||
<description>drop role</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-rbac-admin</id>
|
||||
<name>user-management-rbac-admin</name>
|
||||
<description>administer rbac</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>guest-access</id>
|
||||
<name>guest-access</name>
|
||||
<description>access guest</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>add-repository</id>
|
||||
<name>add-repository</name>
|
||||
<description>add repository</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
</operations>
|
||||
<roles>
|
||||
<role>
|
||||
<id>system-administrator</id>
|
||||
<name>System Administrator</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>edit-redback-configuration</id>
|
||||
<name>Edit Redback Configuration</name>
|
||||
<operation>configuration-edit</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>manage-rbac-setup</id>
|
||||
<name>User RBAC Management</name>
|
||||
<operation>user-management-rbac-admin</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
<childRoles>
|
||||
<childRole>user-administrator</childRole>
|
||||
</childRoles>
|
||||
</role>
|
||||
<role>
|
||||
<id>user-administrator</id>
|
||||
<name>User Administrator</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>drop-roles-for-anyone</id>
|
||||
<name>Drop Roles for Anyone</name>
|
||||
<operation>user-management-role-drop</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>grant-roles-for-anyone</id>
|
||||
<name>Grant Roles for Anyone</name>
|
||||
<operation>user-management-role-grant</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>user-create</id>
|
||||
<name>Create Users</name>
|
||||
<operation>user-management-user-create</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>user-delete</id>
|
||||
<name>Delete Users</name>
|
||||
<operation>user-management-user-delete</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>user-edit</id>
|
||||
<name>Edit Users</name>
|
||||
<operation>user-management-user-edit</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>access-users-roles</id>
|
||||
<name>Access Users Roles</name>
|
||||
<operation>user-management-user-role</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>access-user-list</id>
|
||||
<name>Access User List</name>
|
||||
<operation>user-management-user-list</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
</role>
|
||||
<role>
|
||||
<id>registered-user</id>
|
||||
<name>Registered User</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>edit-user-by-username</id>
|
||||
<name>Edit User Data by Username</name>
|
||||
<operation>user-management-user-edit</operation>
|
||||
<resource>username</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
</role>
|
||||
<role>
|
||||
<id>guest</id>
|
||||
<name>Guest</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>guest-permission</id>
|
||||
<name>Guest Permission</name>
|
||||
<operation>guest-access</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
</role>
|
||||
</roles>
|
||||
</application>
|
||||
</applications>
|
||||
</redback-role-model>
|
||||
|
|
@ -142,6 +142,11 @@
|
|||
<artifactId>redback-users-memory</artifactId>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.codehaus.redback</groupId>
|
||||
<artifactId>redback-common-test-resources</artifactId>
|
||||
<scope>test</scope>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
<build>
|
||||
<pluginManagement>
|
||||
|
|
|
|||
|
|
@ -1,247 +0,0 @@
|
|||
<!--
|
||||
~ Licensed to the Apache Software Foundation (ASF) under one
|
||||
~ or more contributor license agreements. See the NOTICE file
|
||||
~ distributed with this work for additional information
|
||||
~ regarding copyright ownership. The ASF licenses this file
|
||||
~ to you under the Apache License, Version 2.0 (the
|
||||
~ "License"); you may not use this file except in compliance
|
||||
~ with the License. You may obtain a copy of the License at
|
||||
~
|
||||
~ http://www.apache.org/licenses/LICENSE-2.0
|
||||
~
|
||||
~ Unless required by applicable law or agreed to in writing,
|
||||
~ software distributed under the License is distributed on an
|
||||
~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
~ KIND, either express or implied. See the License for the
|
||||
~ specific language governing permissions and limitations
|
||||
~ under the License.
|
||||
-->
|
||||
|
||||
<redback-role-model>
|
||||
<modelVersion>1.0.0</modelVersion>
|
||||
<applications>
|
||||
<application>
|
||||
<id>System</id>
|
||||
<description>Roles that apply system-wide, across all of the applications</description>
|
||||
<version>1.0.0</version>
|
||||
<resources>
|
||||
<resource>
|
||||
<id>global</id>
|
||||
<name>*</name>
|
||||
<permanent>true</permanent>
|
||||
<description>global resource implies full access for authorization</description>
|
||||
</resource>
|
||||
<resource>
|
||||
<id>username</id>
|
||||
<name>${username}</name>
|
||||
<permanent>true</permanent>
|
||||
<description>replaced with the username of the principal at authorization check time</description>
|
||||
</resource>
|
||||
</resources>
|
||||
<operations>
|
||||
<operation>
|
||||
<id>configuration-edit</id>
|
||||
<name>configuration-edit</name>
|
||||
<description>edit configuration</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-create</id>
|
||||
<name>user-management-user-create</name>
|
||||
<description>create user</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-edit</id>
|
||||
<name>user-management-user-edit</name>
|
||||
<description>edit user</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-role</id>
|
||||
<name>user-management-user-role</name>
|
||||
<description>user roles</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-delete</id>
|
||||
<name>user-management-user-delete</name>
|
||||
<description>delete user</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-user-list</id>
|
||||
<name>user-management-user-list</name>
|
||||
<description>list users</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-role-grant</id>
|
||||
<name>user-management-role-grant</name>
|
||||
<description>grant role</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-role-drop</id>
|
||||
<name>user-management-role-drop</name>
|
||||
<description>drop role</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-rbac-admin</id>
|
||||
<name>user-management-rbac-admin</name>
|
||||
<description>administer rbac</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>guest-access</id>
|
||||
<name>guest-access</name>
|
||||
<description>access guest</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
<operation>
|
||||
<id>user-management-manage-data</id>
|
||||
<name>user-management-manage-data</name>
|
||||
<description>manage data</description>
|
||||
<permanent>true</permanent>
|
||||
</operation>
|
||||
</operations>
|
||||
<roles>
|
||||
<role>
|
||||
<id>system-administrator</id>
|
||||
<name>System Administrator</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>edit-redback-configuration</id>
|
||||
<name>Edit Redback Configuration</name>
|
||||
<operation>configuration-edit</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>manage-rbac-setup</id>
|
||||
<name>User RBAC Management</name>
|
||||
<operation>user-management-rbac-admin</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>manage-rbac-data</id>
|
||||
<name>RBAC Manage Data</name>
|
||||
<operation>user-management-manage-data</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
<childRoles>
|
||||
<childRole>user-administrator</childRole>
|
||||
</childRoles>
|
||||
</role>
|
||||
<role>
|
||||
<id>user-administrator</id>
|
||||
<name>User Administrator</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>drop-roles-for-anyone</id>
|
||||
<name>Drop Roles for Anyone</name>
|
||||
<operation>user-management-role-drop</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>grant-roles-for-anyone</id>
|
||||
<name>Grant Roles for Anyone</name>
|
||||
<operation>user-management-role-grant</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>user-create</id>
|
||||
<name>Create Users</name>
|
||||
<operation>user-management-user-create</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>user-delete</id>
|
||||
<name>Delete Users</name>
|
||||
<operation>user-management-user-delete</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>user-edit</id>
|
||||
<name>Edit Users</name>
|
||||
<operation>user-management-user-edit</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>access-users-roles</id>
|
||||
<name>Access Users Roles</name>
|
||||
<operation>user-management-user-role</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
<permission>
|
||||
<id>access-user-list</id>
|
||||
<name>Access User List</name>
|
||||
<operation>user-management-user-list</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
</role>
|
||||
<role>
|
||||
<id>edit-users-list</id>
|
||||
<name>edit users list</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>access-user-list</id>
|
||||
<name>Access User List</name>
|
||||
<operation>user-management-user-list</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
</role>
|
||||
<role>
|
||||
<id>registered-user</id>
|
||||
<name>Registered User</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>edit-user-by-username</id>
|
||||
<name>Edit User Data by Username</name>
|
||||
<operation>user-management-user-edit</operation>
|
||||
<resource>username</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
</role>
|
||||
<role>
|
||||
<id>guest</id>
|
||||
<name>Guest</name>
|
||||
<permanent>true</permanent>
|
||||
<assignable>true</assignable>
|
||||
<permissions>
|
||||
<permission>
|
||||
<id>guest-permission</id>
|
||||
<name>Guest Permission</name>
|
||||
<operation>guest-access</operation>
|
||||
<resource>global</resource>
|
||||
<permanent>true</permanent>
|
||||
</permission>
|
||||
</permissions>
|
||||
</role>
|
||||
</roles>
|
||||
</application>
|
||||
</applications>
|
||||
</redback-role-model>
|
||||
Loading…
Reference in New Issue