Permissions Data Structures
Permission objects
Permission {
uri id
string uuid
string displayName
}
PermissionLookup { uri id
string uuid
}
PermissionAssignment { PermissionLookup permissionLookup
String action
Subject subject
}
- id: Globally unique ID in URI format (Namespace TBD). Recommended to be constructed from a local prefix concatenated to the GMS permission name. Should not change, but if it does subject to renaming considerations, described below. Permitted characters as per RFC 2141. Max length 1024.
- uuid: Globally unique ID in UUID format (regex is ^[a-f0-9]{32}$). Max length 32.
- displayName: Human readable name. Should be unique within a GMS, but not required. May change. May include folder structure. Max length 1024. Permitted characters TBD.
- description: Human readable description. Free form. Max length 1024. Permitted characters TBD.
Availability
Mandatory.
Renaming Considerations
When a permission is renamed, future retrievals of the old name (id) may result in an indication that the permission has moved and the id of the new name. To access a new group at the old name, the request must be qualified.
Permission Operations
hasPermission()
boolean hasPermission(PermissionLookup permissionLookup, Subject subject, String action, enum immediacy=any)
Input
- permissionLookup: PermissionLookup object
- subject: Subject object
- permissionLookup: PermissionLookup object
- immediacy: Constraint on search for subject as an immediate, nonimmediate, or any member of group
Output
- true if subject is an immediate or nonimmediate member (as specified) of group, false otherwise
Availability
Mandatory.
getMembers()
SubjectList getMembers(PermissionLookup permission, String action, enum immediacy=any)
Input
- permissionLookup: PermissionLookup object
- action: Action qualifier
- immediacy: Constraint on search for subject as an immediate, nonimmediate, or any member of group
Output
- List of Subject objects
Availability
Mandatory.
getPermissionsForMember()
PermissionAssignmentList getPermissionsForMember(Subject subject, String action, enum immediacy=any)
Input
- subject: Subject object
- action: (optional) qualifies the permission
- immediacy: Constraint on search for subject as an immediate, nonimmediate, or any member of the relevant groups
Output
- List of Group objects
Availability
Mandatory.
getPermissionsForSubject()
PermissionAssignmentList getGroupsForPermission(Subject subject, String action, enum privilege)
Input
- subject: Subject object
- action: Action to qualify the assignment (optional)
- privilege: Type of privilege to be checked for (privileges TBD)
Output
- List of Group objects for which subject has privilege
Availability
Mandatory.
addMember()
boolean addMember(GroupLookup group, Subject subject, bool addOnly=false)
Input
- group: GroupLookup object
- subject: Subject object
- addOnly: If true,
addMember()fails if subject is already a member of groupID.
Output
- true if subject is successfully added or if addOnly is false and subject is already a member of groupID, false otherwise.
Availability
Optional. Data store may be read-only.
addPrivilege()
boolean addPrivilege(GroupLookup group, Subject subject, enum privilege, bool addOnly=false)
Input
- group: GroupLookup object
- subject: Subject object
- privilege: Type of privilege to be added (privileges TBD)
- addOnly: If true,
addPrivilege()fails if subject alreody has privilege for groupID.
Output
- true if privilege is successfully added or if addOnly is false and subject alreody has privilege for groupID, false otherwise.
Availability
Optional. Data store may be read-only.
removeMember()
boolean removeMember(GroupLookup group, Subject subject, boolean removeOnly=false)
Input
- group: GroupLookup object
- subject: Subject object
- removeOnly: If true,
removeMember()fails if subject is not a member of groupID.
Output
- true if subject is successfully removed or if removeOnly is false and subject is not a member of groupID, false otherwise.
Availability
Optional. Data store may be read-only.
removePrivilege()
boolean removePrivilege(GroupLookup group, Subject subject, enum privilege, boolean removeOnly=false)
Input
- group: GroupLookup object
- subject: Subject object
- privilege: Type of privilege to be added (privileges TBD)
- removeOnly: If true,
removePrivilege()fails if subject does not have privilege for groupID.
Output
- true if privilege is successfully removed or if removeOnly is false and subject does not have privilege for groupID, false otherwise.
Availability
Optional. Data store may be read-only.
saveGroup()
Group saveGroup(Group group)
Input
- group: Group object. If group:id and group:uuid are blank, a new group is being requested.
Output
- Group object holding group id/uuid (possibly newly assigned).
Availability
Optional. Data store may be read-only.
deleteGroup()
urn deleteGroup(GroupLookup group, boolean deleteOnly=false)
Input
- group: GroupLookup object
- deleteOnly: If true,
deleteGroup()fails if group does not exist.
Output
- true if group is successfully deleted or if deleteOnly is false and group does not exist, false otherwise.
Availability
Optional. Data store may be read-only.
findGroups()
List<Group> findGroups(List<GroupLookup> groupLookups, urn folder, enum folderDepth=one|sub,
List<enum> fieldNames=urn|displayName|description, String fieldSearchString,
String wildcard, boolean splitStringOnWhitespace, boolean caseSensitive)
Input
- groupLookups: list of group lookups to find. max 100.
- folder: (optional): if results should be constrained in a certain folder
- folderDepth: (required if folder set): "one" for results directly in the folder, "sub" for results in the folder or subfolders
- fieldNames: (optional): if searching by a substring of a field, can be urn|displayName|description. Note, if multiple are set, then the search string could be in any of the fields.
- fieldSearchString: (required if fieldName set): this is the search string to find groups. Can contain caller-specified wildcards.
- wildcard: (optional, can only be set if fieldName is set): if not set, there is no wildcard in the search. If set, can be one or more chars, and this found in the fieldSearchString will be treated as a wildcard. Note there is no way to escape this wildcard, so client should pick something not otherwise being searched
- splitStringOnWhitespace: (required if fieldName set): if true, then any whitespace in the fieldSearchString will cause the search to be split on whitespace, and and'ed together.
- caseSensitive: (required if fieldName set): if true then the search string should be checked as is, if false then should be case-sensitive
Note, either or multiple of the groupLookups or folder or fieldNames needs to be set
For example, if the folder URN is: urn:group:school/apps/confluence
and the folderDepth is: sub
and the search string is: *english* *dept*
and the wildcard is: *
and the fieldNames are: urn and displayName
and caseSensitive is: false
and splitStringOnWhitespace is: true
Then the query run will get all groups the caller is allowed to see in the school/apps/confluence folder or subfolders, that have "english" and "dept" somewhere in the urn or displayName case insensitive.
Output
- List of Group objects
Availability
Mandatory
Questions
TODO
- Folder object and operations: find, save, delete
- Person object and operations: find
- Identifier mapping: uuid, eppn, eptid, uid/username, openid
- Standard attributes from eduperson
- Need to reconcile how application ID's fit with "person's"
- Common group permissions: Admin the group (add/remove members), public (self-subscribe), readable (eg by a portal but not by the public)
- Example config file for client
- Publish for review
- Datatypes and example calls
- Do we need system id, system name, and display name for a group?
- Lengths on all fields
- Clarify how to represent the namespace
- Note that separator cannot appear in group names or needs to be escaped
- Do we need a permissions object?
- ActAs?