<redback-role-model>
- <modelVersion>1.0.0</modelVersion>
- <id>Archiva</id>
- <version>1.0</version>
- <operations>
- <operation>
- <id>archiva-manage-users</id>
- <name>archiva-manage-users</name>
- <description>Manage Archiva Users</description>
- </operation>
- <operation>
- <id>archiva-manage-configuration</id>
- <name>archiva-manage-configuration</name>
- <description>Manage Archiva Configuration</description>
- </operation>
- <operation>
- <id>archiva-regenerate-index</id>
- <name>archiva-regenerate-index</name>
- <description>Regenerate Archiva Index</description>
- </operation>
- <operation>
- <id>archiva-run-indexer</id>
- <name>archiva-run-indexer</name>
- <description>Run Archiva Indexer</description>
- </operation>
- <operation>
- <id>archiva-access-reports</id>
- <name>archiva-access-reports</name>
- <description>Access Archiva Reports</description>
- </operation>
- <operation>
- <id>archiva-add-repository</id>
- <name>archiva-add-repository</name>
- <description>Add Archiva Repository</description>
- </operation>
- <operation>
- <id>archiva-delete-repository</id>
- <name>archiva-delete-repository</name>
- <description>Delete Archiva Repository</description>
- </operation>
- <operation>
- <id>archiva-read-repository</id>
- <name>archiva-read-repository</name>
- <description>Read Archiva Repository</description>
- </operation>
- <operation>
- <id>archiva-edit-repository</id>
- <name>archiva-edit-repository</name>
- <description>Edit Archiva Repository</description>
- </operation>
- <operation>
- <id>archiva-upload-repository</id>
- <name>archiva-upload-repository</name>
- <description>Upload Archiva Repository</description>
- </operation>
- <operation>
- <id>archiva-access-repository</id>
- <name>archiva-access-repository</name>
- <description>Access Archiva Repository</description>
- </operation>
- <operation>
- <id>archiva-guest</id>
- <name>archiva-guest</name>
- <description>Active Archiva Guest</description>
- </operation>
- </operations>
- <roles>
- <role>
- <id>archiva-system-administrator</id>
- <name>Archiva System Administrator</name>
-
<permanent>true</permanent>
-
<assignable>false</assignable>
- <id>archiva-manage-configuration</id>
- <name>archiva-manage-configuration</name>
- <operation>archiva-manage-configuration</operation>
- <resource>global</resource>
-
<permanent>true</permanent>
- </permission>
- <id>archiva-manage-users</id>
- <name>archiva-manage-users</name>
- <operation>archiva-manage-users</operation>
- <resource>global</resource>
-
<permanent>true</permanent>
- </permission>
- <id>archiva-run-indexer</id>
- <name>archiva-run-indexer</name>
- <operation>archiva-run-indexer</operation>
- <resource>global</resource>
-
<permanent>true</permanent>
- </permission>
- <id>archiva-regenerate-index</id>
- <name>archiva-regenerate-index</name>
- <operation>archiva-regenerate-index</operation>
- <resource>global</resource>
-
<permanent>true</permanent>
- </permission>
- <id>archiva-access-reports</id>
- <name>archiva-access-reports</name>
- <operation>archiva-access-reports</operation>
- <resource>global</resource>
-
<permanent>true</permanent>
- </permission>
- </permissions>
- <childRoles>
- <childRole>archiva-global-repository-manager</childRole>
- </childRoles>
-
<parentRole>system-administrator</parentRole>
- </parentRoles>
- </role>
- <role>
- <id>archiva-user-administrator</id>
- <name>Archiva User Administrator</name>
-
<permanent>true</permanent>
-
<assignable>false</assignable>
- <id>archiva-guest</id>
- <name>Archiva Guest Permission</name>
- <operation>archiva-guest</operation>
- <resource>global</resource>
-
<permanent>true</permanent>
- </permission>
- </permissions>
-
<parentRole>user-administrator</parentRole>
- </parentRoles>
- </role>
- <role>
- <id>archiva-guest</id>
- <name>Archiva Guest</name>
-
<permanent>true</permanent>
-
<assignable>false</assignable>
- <id>archiva-guest</id>
- <name>Archiva Guest Permission</name>
- <operation>archiva-guest</operation>
- <resource>global</resource>
-
<permanent>true</permanent>
- </permission>
- </permissions>
-
<parentRole>guest</parentRole>
- </parentRoles>
- </role>
- <role>
- <id>archiva-global-repository-manager</id>
- <name>Global Repository Manager</name>
-
<permanent>true</permanent>
-
<assignable>true</assignable>
- <id>archiva-add-repository</id>
- <name>Archiva Add Repository</name>
- <operation>archiva-add-repository</operation>
- <resource>global</resource>
-
<permanent>true</permanent>
- </permission>
- </permissions>
- </role>
- <role>
- <id>archiva-global-repository-observer</id>
- <name>Global Repository Observer</name>
-
<permanent>true</permanent>
-
<assignable>true</assignable>
- </role>
- </roles>
- <templates>
- <template>
- <id>archiva-repository-manager</id>
- <namePrefix>Repository Manager</namePrefix>
-
<assignable>true</assignable>
- <id>archiva-edit-repository</id>
- <name>Archiva Edit Repository</name>
- <operation>archiva-edit-repository</operation>
- <resource>${resource}</resource>
- </permission>
- <id>archiva-delete-repository</id>
- <name>Archiva Delete Repository</name>
- <operation>archiva-delete-repository</operation>
- <resource>${resource}</resource>
- </permission>
- <id>archiva-upload-repository</id>
- <name>Archiva Upload to Repository</name>
- <operation>archiva-upload-repository</operation>
- <resource>${resource}</resource>
- </permission>
- </permissions>
- <childTemplates>
- <childTemplate>archiva-repository-observer</childTemplate>
- </childTemplates>
-
<parentRole>archiva-global-repository-manager</parentRole>
- </parentRoles>
- </template>
- <template>
- <id>archiva-repository-observer</id>
- <namePrefix>Repository Observer</namePrefix>
-
<assignable>true</assignable>
- <id>archiva-read-repository</id>
- <name>Archiva Read Repository</name>
- <operation>archiva-read-repository</operation>
- <resource>${resource}</resource>
- </permission>
- </permissions>
-
<parentRole>archiva-global-repository-observer</parentRole>
- </parentRoles>
- </template>
- </templates>
- </application>
- </applications>
+ <modelVersion>1.0.0</modelVersion>
+ <applications>
+ <application>
+ <id>Archiva</id>
+ <version>1.0</version>
+ <operations>
+ <operation>
+ <id>archiva-manage-users</id>
+ <name>archiva-manage-users</name>
+ <description>Manage Archiva Users</description>
+ </operation>
+ <operation>
+ <id>archiva-manage-configuration</id>
+ <name>archiva-manage-configuration</name>
+ <description>Manage Archiva Configuration</description>
+ </operation>
+ <operation>
+ <id>archiva-regenerate-index</id>
+ <name>archiva-regenerate-index</name>
+ <description>Regenerate Archiva Index</description>
+ </operation>
+ <operation>
+ <id>archiva-run-indexer</id>
+ <name>archiva-run-indexer</name>
+ <description>Run Archiva Indexer</description>
+ </operation>
+ <operation>
+ <id>archiva-access-reports</id>
+ <name>archiva-access-reports</name>
+ <description>Access Archiva Reports</description>
+ </operation>
+ <operation>
+ <id>archiva-add-repository</id>
+ <name>archiva-add-repository</name>
+ <description>Add Archiva Repository</description>
+ </operation>
+ <operation>
+ <id>archiva-delete-repository</id>
+ <name>archiva-delete-repository</name>
+ <description>Delete Archiva Repository</description>
+ </operation>
+ <operation>
+ <id>archiva-read-repository</id>
+ <name>archiva-read-repository</name>
+ <description>Read Archiva Repository</description>
+ </operation>
+ <operation>
+ <id>archiva-edit-repository</id>
+ <name>archiva-edit-repository</name>
+ <description>Edit Archiva Repository</description>
+ </operation>
+ <operation>
+ <id>archiva-upload-repository</id>
+ <name>archiva-upload-repository</name>
+ <description>Upload Archiva Repository</description>
+ </operation>
+ <operation>
+ <id>archiva-access-repository</id>
+ <name>archiva-access-repository</name>
+ <description>Access Archiva Repository</description>
+ </operation>
+ <operation>
+ <id>archiva-guest</id>
+ <name>archiva-guest</name>
+ <description>Active Archiva Guest</description>
+ </operation>
+ </operations>
+ <roles>
+ <role>
+ <id>archiva-system-administrator</id>
+ <name>Archiva System Administrator</name>
+ <permanent>true</permanent>
+ <assignable>false</assignable>
+ <permissions>
+ <permission>
+ <id>archiva-manage-configuration</id>
+ <name>archiva-manage-configuration</name>
+ <operation>archiva-manage-configuration</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ <permission>
+ <id>archiva-manage-users</id>
+ <name>archiva-manage-users</name>
+ <operation>archiva-manage-users</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ <permission>
+ <id>archiva-run-indexer</id>
+ <name>archiva-run-indexer</name>
+ <operation>archiva-run-indexer</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ <permission>
+ <id>archiva-regenerate-index</id>
+ <name>archiva-regenerate-index</name>
+ <operation>archiva-regenerate-index</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ <permission>
+ <id>archiva-access-reports</id>
+ <name>archiva-access-reports</name>
+ <operation>archiva-access-reports</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ </permissions>
+ <childRoles>
+ <childRole>archiva-global-repository-manager</childRole>
+ </childRoles>
+ <parentRoles>
+ <parentRole>system-administrator</parentRole>
+ </parentRoles>
+ </role>
+ <role>
+ <id>archiva-user-administrator</id>
+ <name>Archiva User Administrator</name>
+ <permanent>true</permanent>
+ <assignable>false</assignable>
+ <permissions>
+ <permission>
+ <id>archiva-guest</id>
+ <name>Archiva Guest Permission</name>
+ <operation>archiva-guest</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ </permissions>
+ <parentRoles>
+ <parentRole>user-administrator</parentRole>
+ </parentRoles>
+ </role>
+ <role>
+ <id>archiva-guest</id>
+ <name>Archiva Guest</name>
+ <permanent>true</permanent>
+ <assignable>false</assignable>
+ <permissions>
+ <permission>
+ <id>archiva-guest</id>
+ <name>Archiva Guest Permission</name>
+ <operation>archiva-guest</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ </permissions>
+ <parentRoles>
+ <parentRole>guest</parentRole>
+ </parentRoles>
+ </role>
+ <role>
+ <id>archiva-global-repository-manager</id>
+ <name>Global Repository Manager</name>
+ <permanent>true</permanent>
+ <assignable>true</assignable>
+ <permissions>
+ <permission>
+ <id>archiva-add-repository</id>
+ <name>Archiva Add Repository</name>
+ <operation>archiva-add-repository</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ </permissions>
+ </role>
+ <role>
+ <id>archiva-global-repository-observer</id>
+ <name>Global Repository Observer</name>
+ <permanent>true</permanent>
+ <assignable>true</assignable>
+ </role>
+ </roles>
+ <templates>
+ <template>
+ <id>archiva-repository-manager</id>
+ <namePrefix>Repository Manager</namePrefix>
+ <assignable>true</assignable>
+ <permissions>
+ <permission>
+ <id>archiva-edit-repository</id>
+ <name>Archiva Edit Repository</name>
+ <operation>archiva-edit-repository</operation>
+ <resource>${resource}</resource>
+ </permission>
+ <permission>
+ <id>archiva-delete-repository</id>
+ <name>Archiva Delete Repository</name>
+ <operation>archiva-delete-repository</operation>
+ <resource>${resource}</resource>
+ </permission>
+ <permission>
+ <id>archiva-upload-repository</id>
+ <name>Archiva Upload to Repository</name>
+ <operation>archiva-upload-repository</operation>
+ <resource>${resource}</resource>
+ </permission>
+ </permissions>
+ <childTemplates>
+ <childTemplate>archiva-repository-observer</childTemplate>
+ </childTemplates>
+ <parentRoles>
+ <parentRole>archiva-global-repository-manager</parentRole>
+ </parentRoles>
+ </template>
+ <template>
+ <id>archiva-repository-observer</id>
+ <namePrefix>Repository Observer</namePrefix>
+ <assignable>true</assignable>
+ <permissions>
+ <permission>
+ <id>archiva-read-repository</id>
+ <name>Archiva Read Repository</name>
+ <operation>archiva-read-repository</operation>
+ <resource>${resource}</resource>
+ </permission>
+ </permissions>
+ <parentRoles>
+ <parentRole>archiva-global-repository-observer</parentRole>
+ </parentRoles>
+ </template>
+ </templates>
+ </application>
+ </applications>
</redback-role-model>
\ No newline at end of file
<redback-role-model>
- <modelVersion>1.0.0</modelVersion>
- <applications>
- <application>
- <id>Redback XWork Integration Security Core</id>
- <version>1.0</version>
- <resources>
- <resource>
- <id>global</id>
- <name>*</name>
- <permanent>true</permanent>
- <description>global resource implies full access for authorization</description>
- </resource>
- <resource>
- <id>username</id>
- <name>${username}</name>
- <permanent>true</permanent>
- <description>replaced with the username of the principal at authorization check time</description>
- </resource>
- </resources>
- <operations>
- <operation>
- <id>configuration-edit</id>
- <name>configuration-edit</name>
- <description>edit configuration</description>
- <permanent>true</permanent>
- </operation>
- <operation>
- <id>user-management-user-create</id>
- <name>user-management-user-create</name>
- <description>create user</description>
- <permanent>true</permanent>
- </operation>
- <operation>
- <id>user-management-user-edit</id>
- <name>user-management-user-edit</name>
- <description>edit user</description>
- <permanent>true</permanent>
- </operation>
- <operation>
- <id>user-management-user-role</id>
- <name>user-management-user-role</name>
- <description>user roles</description>
- <permanent>true</permanent>
- </operation>
- <operation>
- <id>user-management-user-delete</id>
- <name>user-management-user-delete</name>
- <description>delete user</description>
- <permanent>true</permanent>
- </operation>
- <operation>
- <id>user-management-user-list</id>
- <name>user-management-user-list</name>
- <description>list users</description>
- <permanent>true</permanent>
- </operation>
- <operation>
- <id>user-management-role-grant</id>
- <name>user-management-role-grant</name>
- <description>grant role</description>
- <permanent>true</permanent>
- </operation>
- <operation>
- <id>user-management-role-drop</id>
- <name>user-management-role-drop</name>
- <description>drop role</description>
- <permanent>true</permanent>
- </operation>
- <operation>
- <id>user-management-rbac-admin</id>
- <name>user-management-rbac-admin</name>
- <description>administer rbac</description>
- <permanent>true</permanent>
- </operation>
- <operation>
- <id>guest-access</id>
- <name>guest-access</name>
- <description>access guest</description>
- <permanent>true</permanent>
- </operation>
- </operations>
- <roles>
- <role>
- <id>system-administrator</id>
- <name>System Administrator</name>
- <permanent>true</permanent>
- <assignable>true</assignable>
- <permissions>
- <permission>
- <id>edit-redback-configuration</id>
- <name>Edit Redback Configuration</name>
- <operation>configuration-edit</operation>
- <resource>global</resource>
- <permanent>true</permanent>
- </permission>
- <permission>
- <id>manage-rbac-setup</id>
- <name>User RBAC Management</name>
- <operation>user-management-rbac-admin</operation>
- <resource>global</resource>
- <permanent>true</permanent>
- </permission>
- </permissions>
- <childRoles>
- <childRole>user-administrator</childRole>
- </childRoles>
- </role>
- <role>
- <id>user-administrator</id>
- <name>User Administrator</name>
- <permanent>true</permanent>
- <assignable>true</assignable>
- <permissions>
- <permission>
- <id>drop-roles-for-anyone</id>
- <name>Drop Roles for Anyone</name>
- <operation>user-management-role-drop</operation>
- <resource>global</resource>
- <permanent>true</permanent>
- </permission>
- <permission>
- <id>grant-roles-for-anyone</id>
- <name>Grant Roles for Anyone</name>
- <operation>user-management-role-grant</operation>
- <resource>global</resource>
- <permanent>true</permanent>
- </permission>
- <permission>
- <id>user-create</id>
- <name>Create Users</name>
- <operation>user-management-user-create</operation>
- <resource>global</resource>
- <permanent>true</permanent>
- </permission>
- <permission>
- <id>user-delete</id>
- <name>Delete Users</name>
- <operation>user-management-user-delete</operation>
- <resource>global</resource>
- <permanent>true</permanent>
- </permission>
- <permission>
- <id>user-edit</id>
- <name>Edit Users</name>
- <operation>user-management-user-edit</operation>
- <resource>global</resource>
- <permanent>true</permanent>
- </permission>
- <permission>
- <id>access-users-roles</id>
- <name>Access Users Roles</name>
- <operation>user-management-user-role</operation>
- <resource>global</resource>
- <permanent>true</permanent>
- </permission>
- <permission>
- <id>access-user-list</id>
- <name>Access User List</name>
- <operation>user-management-user-list</operation>
- <resource>global</resource>
- <permanent>true</permanent>
- </permission>
- </permissions>
- </role>
- <role>
- <id>registered-user</id>
- <name>Registered User</name>
- <permanent>true</permanent>
- <assignable>true</assignable>
- <permissions>
- <permission>
- <id>edit-user-by-username</id>
- <name>Edit User Data by Username</name>
- <operation>user-management-user-edit</operation>
- <resource>username</resource>
- <permanent>true</permanent>
- </permission>
- </permissions>
- </role>
- <role>
- <id>guest</id>
- <name>Guest</name>
- <permanent>true</permanent>
- <assignable>true</assignable>
- <permissions>
- <permission>
- <id>guest-permission</id>
- <name>Guest Permission</name>
- <operation>guest-access</operation>
- <resource>global</resource>
- <permanent>true</permanent>
- </permission>
- </permissions>
- </role>
- </roles>
- </application>
- </applications>
+ <modelVersion>1.0.0</modelVersion>
+ <applications>
+ <application>
+ <id>Redback XWork Integration Security Core</id>
+ <version>1.0</version>
+ <resources>
+ <resource>
+ <id>global</id>
+ <name>*</name>
+ <permanent>true</permanent>
+ <description>
+ global resource implies full access for authorization
+ </description>
+ </resource>
+ <resource>
+ <id>username</id>
+ <name>${username}</name>
+ <permanent>true</permanent>
+ <description>
+ replaced with the username of the principal at authorization
+ check time
+ </description>
+ </resource>
+ </resources>
+ <operations>
+ <operation>
+ <id>configuration-edit</id>
+ <name>configuration-edit</name>
+ <description>edit configuration</description>
+ <permanent>true</permanent>
+ </operation>
+ <operation>
+ <id>user-management-user-create</id>
+ <name>user-management-user-create</name>
+ <description>create user</description>
+ <permanent>true</permanent>
+ </operation>
+ <operation>
+ <id>user-management-user-edit</id>
+ <name>user-management-user-edit</name>
+ <description>edit user</description>
+ <permanent>true</permanent>
+ </operation>
+ <operation>
+ <id>user-management-user-role</id>
+ <name>user-management-user-role</name>
+ <description>user roles</description>
+ <permanent>true</permanent>
+ </operation>
+ <operation>
+ <id>user-management-user-delete</id>
+ <name>user-management-user-delete</name>
+ <description>delete user</description>
+ <permanent>true</permanent>
+ </operation>
+ <operation>
+ <id>user-management-user-list</id>
+ <name>user-management-user-list</name>
+ <description>list users</description>
+ <permanent>true</permanent>
+ </operation>
+ <operation>
+ <id>user-management-role-grant</id>
+ <name>user-management-role-grant</name>
+ <description>grant role</description>
+ <permanent>true</permanent>
+ </operation>
+ <operation>
+ <id>user-management-role-drop</id>
+ <name>user-management-role-drop</name>
+ <description>drop role</description>
+ <permanent>true</permanent>
+ </operation>
+ <operation>
+ <id>user-management-rbac-admin</id>
+ <name>user-management-rbac-admin</name>
+ <description>administer rbac</description>
+ <permanent>true</permanent>
+ </operation>
+ <operation>
+ <id>guest-access</id>
+ <name>guest-access</name>
+ <description>access guest</description>
+ <permanent>true</permanent>
+ </operation>
+ </operations>
+ <roles>
+ <role>
+ <id>system-administrator</id>
+ <name>System Administrator</name>
+ <permanent>true</permanent>
+ <assignable>true</assignable>
+ <permissions>
+ <permission>
+ <id>edit-redback-configuration</id>
+ <name>Edit Redback Configuration</name>
+ <operation>configuration-edit</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ <permission>
+ <id>manage-rbac-setup</id>
+ <name>User RBAC Management</name>
+ <operation>user-management-rbac-admin</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ </permissions>
+ <childRoles>
+ <childRole>user-administrator</childRole>
+ </childRoles>
+ </role>
+ <role>
+ <id>user-administrator</id>
+ <name>User Administrator</name>
+ <permanent>true</permanent>
+ <assignable>true</assignable>
+ <permissions>
+ <permission>
+ <id>drop-roles-for-anyone</id>
+ <name>Drop Roles for Anyone</name>
+ <operation>user-management-role-drop</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ <permission>
+ <id>grant-roles-for-anyone</id>
+ <name>Grant Roles for Anyone</name>
+ <operation>user-management-role-grant</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ <permission>
+ <id>user-create</id>
+ <name>Create Users</name>
+ <operation>user-management-user-create</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ <permission>
+ <id>user-delete</id>
+ <name>Delete Users</name>
+ <operation>user-management-user-delete</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ <permission>
+ <id>user-edit</id>
+ <name>Edit Users</name>
+ <operation>user-management-user-edit</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ <permission>
+ <id>access-users-roles</id>
+ <name>Access Users Roles</name>
+ <operation>user-management-user-role</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ <permission>
+ <id>access-user-list</id>
+ <name>Access User List</name>
+ <operation>user-management-user-list</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ </permissions>
+ </role>
+ <role>
+ <id>registered-user</id>
+ <name>Registered User</name>
+ <permanent>true</permanent>
+ <assignable>true</assignable>
+ <permissions>
+ <permission>
+ <id>edit-user-by-username</id>
+ <name>Edit User Data by Username</name>
+ <operation>user-management-user-edit</operation>
+ <resource>username</resource>
+ <permanent>true</permanent>
+ </permission>
+ </permissions>
+ </role>
+ <role>
+ <id>guest</id>
+ <name>Guest</name>
+ <permanent>true</permanent>
+ <assignable>true</assignable>
+ <permissions>
+ <permission>
+ <id>guest-permission</id>
+ <name>Guest Permission</name>
+ <operation>guest-access</operation>
+ <resource>global</resource>
+ <permanent>true</permanent>
+ </permission>
+ </permissions>
+ </role>
+ </roles>
+ </application>
+ </applications>
</redback-role-model>
\ No newline at end of file
projects / archiva.git / commitdiff