summaryrefslogtreecommitdiffstats
path: root/auth/auth-cass/src/main/cql/osaaf.cql
diff options
context:
space:
mode:
authorInstrumental <jcgmisc@stl.gathman.org>2018-03-26 13:51:48 -0700
committerInstrumental <jcgmisc@stl.gathman.org>2018-03-26 13:52:07 -0700
commit71037c39a37d3549dcfe31926832a657744fbe05 (patch)
tree78911b2b5e86e4e44228f7a27b3a8cd954b7f3e2 /auth/auth-cass/src/main/cql/osaaf.cql
parenta20accc73189d8e5454cd26049c0e6fae75da16f (diff)
AT&T 2.0.19 Code drop, stage 3
Issue-ID: AAF-197 Change-Id: I8b02cb073ccba318ccaf6ea0276446bdce88fb82 Signed-off-by: Instrumental <jcgmisc@stl.gathman.org>
Diffstat (limited to 'auth/auth-cass/src/main/cql/osaaf.cql')
-rw-r--r--auth/auth-cass/src/main/cql/osaaf.cql61
1 files changed, 61 insertions, 0 deletions
diff --git a/auth/auth-cass/src/main/cql/osaaf.cql b/auth/auth-cass/src/main/cql/osaaf.cql
new file mode 100644
index 00000000..83c7fdf0
--- /dev/null
+++ b/auth/auth-cass/src/main/cql/osaaf.cql
@@ -0,0 +1,61 @@
+USE authz;
+
+// Create 'org' root NS
+INSERT INTO ns (name,description,parent,scope,type)
+ VALUES('org','Root Namespace','.',1,1);
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org','admin',{'org.access|*|*'},'Org Admins');
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org','owner',{'org.access|*|read,approve'},'Org Owners');
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org','access','*','read,approve',{'org.owner'},'Org Read Access');
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org','access','*','*',{'org.admin'},'Org Write Access');
+
+// Create Root pass
+INSERT INTO cred (id,ns,type,cred,expires)
+ VALUES ('initial@osaaf.org','org.osaaf',1,0x008c5926ca861023c1d2a36653fd88e2,'2099-12-31') using TTL 14400;
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('initial@osaaf.org','org.admin','2099-12-31','org','admin') using TTL 14400;
+
+
+// Create org.osaaf
+INSERT INTO ns (name,description,parent,scope,type)
+ VALUES('org.osaaf','OSAAF Namespace','org',2,2);
+
+INSERT INTO role(ns, name, perms,description)
+ VALUES('org.osaaf','admin',{'org.osaaf.access|*|*'},'OSAAF Admins');
+
+INSERT INTO perm(ns, type, instance, action, roles,description)
+ VALUES ('org.osaaf','access','*','*',{'org.osaaf.admin'},'OSAAF Write Access');
+
+INSERT INTO role(ns, name, perms,description)
+ VALUES('org.osaaf','owner',{'org.osaaf.access|*|read,approve'},'OSAAF Owners');
+
+INSERT INTO perm(ns, type, instance, action, roles,description)
+ VALUES ('org.osaaf','access','*','read,appove',{'org.osaaf.owner'},'OSAAF Read Access');
+
+// Create org.osaaf.aaf
+INSERT INTO ns (name,description,parent,scope,type)
+ VALUES('org.osaaf.aaf','Application Authorization Framework','org.osaaf',3,3);
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.osaaf.aaf','admin',{'org.osaaf.aaf.access|*|*'},'AAF Admins');
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org.osaaf.aaf','access','*','*',{'org.osaaf.aaf.admin'},'AAF Write Access');
+
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org.osaaf.aaf','access','*','read,approve',{'org.osaaf.aaf.owner'},'AAF Read Access');
+
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.osaaf.aaf','owner',{'org.osaaf.aaf.access|*|read,approve'},'AAF Owners');
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('initial@osaaf.org','org.osaaf.aaf.admin','2099-12-31','org.osaaf.aaf','admin') using TTL 14400;
+