...
| Code Block |
|---|
Permission {
uri id
string uuid
string displayName
string description
}
PermissionLookup {
uri id
string uuid
}
PermissionAssignment {
PermissionLookup permissionLookup
String action
Subject subject
}
|
...
- List of Permission Assignments
Availability
Mandatory.
getPermissionsForSubject()
| Code Block |
|---|
PermissionAssignmentList getGroupsForPermission(Subject subject, String action, enum privilege)
|
Input
- subject: Subject object
- action: Action to qualify the assignment (optional)
- privilege: Type of privilege to be checked for (privileges TBD)
Output
- List of Group objects for which subject has privilege
Availability
Mandatory.
assignPermission()
| Code Block |
|---|
boolean assignPermission(PermissionLookup permissionLookup, String action, Subject subject, bool addOnly=false) |
Input
- permissionLookup: PermissionLookup object
- action: qualifies the assignment
- subject: Subject object
- addOnly: If true,
addMember()fails if subject is already a member of groupID.
Output
- true if assignment is successfully added or if addOnly is false and subject is already assigned to permissionID and action, false otherwise.
Availability
Optional. Data store may be read-only.
...
| Code Block |
|---|
boolean unassignPermission(PermissionLookup permissionLookup, String action, Subject subject, bool addOnly=false) |
Input
- permissionLookup: PermissionLookup object
- action: qualifies the assignment
- subject: Subject object
- removeOnly: If true,
unassignPermission()fails if subject is already not assigned to of permissionID for that action.
Output
- true if assignment is successfully removed or if addOnly is false and subject is already assigned to permissionID and action, false otherwise.
Availability
Optional. Data store may be read-only.
...