From 475da40b0d58acdf4dd1a3590c490ce7b95a1af8 Mon Sep 17 00:00:00 2001
From: Jonathan Gathman <jgonap@stl.gathman.org>
Date: Sat, 25 Apr 2020 14:28:13 -0500
Subject: Add StandAlone Unix Configurations Include scripts, podman starts,
 minor code changes.

Issue-ID: AAF-1137
Signed-off-by: Jonathan Gathman <jgonap@stl.gathman.org>
Change-Id: Ief72d93e607dbe62875f592978ee15084c8310d2
---
 auth/auth-cass/cass_init/minimal.cql | 59 ++++++++++++++++++++++++++++++++++++
 1 file changed, 59 insertions(+)
 create mode 100644 auth/auth-cass/cass_init/minimal.cql

(limited to 'auth/auth-cass/cass_init')

diff --git a/auth/auth-cass/cass_init/minimal.cql b/auth/auth-cass/cass_init/minimal.cql
new file mode 100644
index 00000000..af8f8c60
--- /dev/null
+++ b/auth/auth-cass/cass_init/minimal.cql
@@ -0,0 +1,59 @@
+USE authz;
+
+// Create 'org' root NS
+INSERT INTO ns (name,description,parent,scope,type)
+  VALUES('org','Root Namespace','.',1,1);
+
+INSERT INTO role(ns, name, perms, description)
+  VALUES('org','admin',{'org.access|*|*'},'Org Admins');
+
+INSERT INTO role(ns, name, perms, description)
+  VALUES('org','owner',{'org.access|*|read,approve'},'Org Owners');
+
+INSERT INTO perm(ns, type, instance, action, roles, description) 
+  VALUES ('org','access','*','read,approve',{'org.owner'},'Org Read Access');
+
+INSERT INTO perm(ns, type, instance, action, roles, description) 
+  VALUES ('org','access','*','*',{'org.admin'},'Org Write Access');
+
+
+// Create org.osaaf
+INSERT INTO ns (name,description,parent,scope,type)
+  VALUES('org.osaaf','OSAAF Namespace','org',2,2);
+
+INSERT INTO role(ns, name, perms,description)
+  VALUES('org.osaaf','admin',{'org.osaaf.access|*|*'},'OSAAF Admins');
+
+INSERT INTO perm(ns, type, instance, action, roles,description) 
+  VALUES ('org.osaaf','access','*','*',{'org.osaaf.admin'},'OSAAF Write Access');
+
+INSERT INTO role(ns, name, perms,description)
+  VALUES('org.osaaf','owner',{'org.osaaf.access|*|read,approve'},'OSAAF Owners');
+
+INSERT INTO perm(ns, type, instance, action, roles,description) 
+  VALUES ('org.osaaf','access','*','read,appove',{'org.osaaf.owner'},'OSAAF Read Access');
+
+// Create org.osaaf.aaf
+INSERT INTO ns (name,description,parent,scope,type)
+  VALUES('org.osaaf.aaf','Application Authorization Framework','org.osaaf',3,3);
+
+INSERT INTO role(ns, name, perms, description)
+  VALUES('org.osaaf.aaf','admin',{'org.osaaf.aaf.access|*|*'},'AAF Admins');
+
+INSERT INTO perm(ns, type, instance, action, roles, description) 
+  VALUES ('org.osaaf.aaf','access','*','*',{'org.osaaf.aaf.admin'},'AAF Write Access');
+
+INSERT INTO perm(ns, type, instance, action, roles, description) 
+  VALUES ('org.osaaf.aaf','access','*','read,approve',{'org.osaaf.aaf.owner'},'AAF Read Access');
+
+INSERT INTO role(ns, name, perms, description)
+  VALUES('org.osaaf.aaf','owner',{'org.osaaf.aaf.access|*|read,approve'},'AAF Owners');
+
+// OSAAF Root
+INSERT INTO user_role(user,role,expires,ns,rname)
+  VALUES ('aaf@aaf.osaaf.org','org.admin','2018-10-31','org','admin');
+
+INSERT INTO user_role(user,role,expires,ns,rname)
+  VALUES ('aaf@aaf.osaaf.org','org.osaaf.aaf.admin','2018-10-31','org.osaaf.aaf','admin');
+
+
-- 
cgit 1.2.3-korg