]> source.dussan.org Git - archiva.git/blob
projects / archiva.git / blob
? search:


975b9329eb192718bb2db77316e0415ce9aa3143
[archiva.git] /
1 <redback-role-model>
2   <modelVersion>1.0.0</modelVersion>
3   <applications>
4     <application>
5       <id>System</id>
6       <description>Roles that apply system-wide, across all of the applications</description>
7       <version>1.0.0</version>
8       <resources>
9         <resource>
10           <id>global</id>
11           <name>*</name>
12           <permanent>true</permanent>
13           <description>global resource implies full access for authorization</description>
14         </resource>
15         <resource>
16           <id>username</id>
17           <name>${username}</name>
18           <permanent>true</permanent>
19           <description>replaced with the username of the principal at authorization check time</description>
20         </resource>
21       </resources>
22       <operations>
23         <operation>
24           <id>configuration-edit</id>
25           <name>configuration-edit</name>
26           <description>edit configuration</description>
27           <permanent>true</permanent>
28         </operation>
29         <operation>
30           <id>user-management-user-create</id>
31           <name>user-management-user-create</name>
32           <description>create user</description>
33           <permanent>true</permanent>
34         </operation>
35         <operation>
36           <id>user-management-user-edit</id>
37           <name>user-management-user-edit</name>
38           <description>edit user</description>
39           <permanent>true</permanent>
40         </operation>
41         <operation>
42           <id>user-management-user-role</id>
43           <name>user-management-user-role</name>
44           <description>user roles</description>
45           <permanent>true</permanent>
46         </operation>
47         <operation>
48           <id>user-management-user-delete</id>
49           <name>user-management-user-delete</name>
50           <description>delete user</description>
51           <permanent>true</permanent>
52         </operation>
53         <operation>
54           <id>user-management-user-list</id>
55           <name>user-management-user-list</name>
56           <description>list users</description>
57           <permanent>true</permanent>
58         </operation>
59         <operation>
60           <id>user-management-role-grant</id>
61           <name>user-management-role-grant</name>
62           <description>grant role</description>
63           <permanent>true</permanent>
64         </operation>
65         <operation>
66           <id>user-management-role-drop</id>
67           <name>user-management-role-drop</name>
68           <description>drop role</description>
69           <permanent>true</permanent>
70         </operation>
71         <operation>
72           <id>user-management-rbac-admin</id>
73           <name>user-management-rbac-admin</name>
74           <description>administer rbac</description>
75           <permanent>true</permanent>
76         </operation>
77         <operation>
78           <id>guest-access</id>
79           <name>guest-access</name>
80           <description>access guest</description>
81           <permanent>true</permanent>
82         </operation>
83         <operation>
84           <id>user-management-manage-data</id>
85           <name>user-management-manage-data</name>
86           <description>manage data</description>
87           <permanent>true</permanent>
88         </operation>
89       </operations>
90       <roles>
91         <role>
92           <id>system-administrator</id>
93           <name>System Administrator</name>
94           <permanent>true</permanent>
95           <assignable>true</assignable>
96           <permissions>
97             <permission>
98               <id>edit-redback-configuration</id>
99               <name>Edit Redback Configuration</name>
100               <operation>configuration-edit</operation>
101               <resource>global</resource>
102               <permanent>true</permanent>
103             </permission>
104             <permission>
105               <id>manage-rbac-setup</id>
106               <name>User RBAC Management</name>
107               <operation>user-management-rbac-admin</operation>
108               <resource>global</resource>
109               <permanent>true</permanent>
110             </permission>
111             <permission>
112               <id>manage-rbac-data</id>
113               <name>RBAC Manage Data</name>
114               <operation>user-management-manage-data</operation>
115               <resource>global</resource>
116               <permanent>true</permanent>
117             </permission>
118           </permissions>
119           <childRoles>
120             <childRole>user-administrator</childRole>
121           </childRoles>
122         </role>
123         <role>
124           <id>user-administrator</id>
125           <name>User Administrator</name>
126           <permanent>true</permanent>
127           <assignable>true</assignable>
128           <permissions>
129             <permission>
130               <id>drop-roles-for-anyone</id>
131               <name>Drop Roles for Anyone</name>
132               <operation>user-management-role-drop</operation>
133               <resource>global</resource>
134               <permanent>true</permanent>
135             </permission>
136             <permission>
137               <id>grant-roles-for-anyone</id>
138               <name>Grant Roles for Anyone</name>
139               <operation>user-management-role-grant</operation>
140               <resource>global</resource>
141               <permanent>true</permanent>
142             </permission>
143             <permission>
144               <id>user-create</id>
145               <name>Create Users</name>
146               <operation>user-management-user-create</operation>
147               <resource>global</resource>
148               <permanent>true</permanent>
149             </permission>
150             <permission>
151               <id>user-delete</id>
152               <name>Delete Users</name>
153               <operation>user-management-user-delete</operation>
154               <resource>global</resource>
155               <permanent>true</permanent>
156             </permission>
157             <permission>
158               <id>user-edit</id>
159               <name>Edit Users</name>
160               <operation>user-management-user-edit</operation>
161               <resource>global</resource>
162               <permanent>true</permanent>
163             </permission>
164             <permission>
165               <id>access-users-roles</id>
166               <name>Access Users Roles</name>
167               <operation>user-management-user-role</operation>
168               <resource>global</resource>
169               <permanent>true</permanent>
170             </permission>
171             <permission>
172               <id>access-user-list</id>
173               <name>Access User List</name>
174               <operation>user-management-user-list</operation>
175               <resource>global</resource>
176               <permanent>true</permanent>
177             </permission>
178           </permissions>
179         </role>
180         <role>
181           <id>edit-users-list</id>
182           <name>edit users list</name>
183           <permanent>true</permanent>
184           <assignable>true</assignable>
185           <permissions>
186             <permission>
187               <id>access-user-list</id>
188               <name>Access User List</name>
189               <operation>user-management-user-list</operation>
190               <resource>global</resource>
191               <permanent>true</permanent>
192             </permission>
193           </permissions>
194         </role>
195         <role>
196           <id>registered-user</id>
197           <name>Registered User</name>
198           <permanent>true</permanent>
199           <assignable>true</assignable>
200           <permissions>
201             <permission>
202               <id>edit-user-by-username</id>
203               <name>Edit User Data by Username</name>
204               <operation>user-management-user-edit</operation>
205               <resource>username</resource>
206               <permanent>true</permanent>
207             </permission>
208           </permissions>
209         </role>
210         <role>
211           <id>guest</id>
212           <name>Guest</name>
213           <permanent>true</permanent>
214           <assignable>true</assignable>
215           <permissions>
216             <permission>
217               <id>guest-permission</id>
218               <name>Guest Permission</name>
219               <operation>guest-access</operation>
220               <resource>global</resource>
221               <permanent>true</permanent>
222             </permission>
223           </permissions>
224         </role>
225       </roles>
226     </application>
227   </applications>
228 </redback-role-model>
Apache Archiva Repository: https://github.com/apache/archiva