Notice: this Wiki will be going read only early in 2024 and edits will no longer be possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.
Difference between revisions of "OM2M/AccessRight"
< OM2M
(→Update AccessRight) |
|||
(6 intermediate revisions by 2 users not shown) | |||
Line 26: | Line 26: | ||
|} | |} | ||
− | == AccessRight | + | == AccessRight XSD schema == |
<source lang="xml"> | <source lang="xml"> | ||
Line 127: | Line 127: | ||
== Create AccessRight == | == Create AccessRight == | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
'''Example Request''' | '''Example Request''' | ||
Line 158: | Line 149: | ||
<om2m:permissionHolders> | <om2m:permissionHolders> | ||
<om2m:holderRefs> | <om2m:holderRefs> | ||
− | <om2m:holderRef>admin | + | <om2m:holderRef>admin:admin</om2m:holderRef> |
</om2m:holderRefs> | </om2m:holderRefs> | ||
</om2m:permissionHolders> | </om2m:permissionHolders> | ||
Line 174: | Line 165: | ||
<om2m:permissionHolders> | <om2m:permissionHolders> | ||
<om2m:holderRefs> | <om2m:holderRefs> | ||
− | <om2m:holderRef>admin | + | <om2m:holderRef>admin:admin</om2m:holderRef> |
</om2m:holderRefs> | </om2m:holderRefs> | ||
</om2m:permissionHolders> | </om2m:permissionHolders> | ||
Line 208: | Line 199: | ||
<om2m:permissionHolders> | <om2m:permissionHolders> | ||
<om2m:holderRefs> | <om2m:holderRefs> | ||
− | <om2m:holderRef>admin | + | <om2m:holderRef>admin:admin</om2m:holderRef> |
</om2m:holderRefs> | </om2m:holderRefs> | ||
</om2m:permissionHolders> | </om2m:permissionHolders> | ||
Line 224: | Line 215: | ||
<om2m:permissionHolders> | <om2m:permissionHolders> | ||
<om2m:holderRefs> | <om2m:holderRefs> | ||
− | <om2m:holderRef>admin | + | <om2m:holderRef>admin:admin</om2m:holderRef> |
</om2m:holderRefs> | </om2m:holderRefs> | ||
</om2m:permissionHolders> | </om2m:permissionHolders> | ||
</om2m:permission> | </om2m:permission> | ||
</om2m:selfPermissions> | </om2m:selfPermissions> | ||
− | <om2m:subscriptionsReference> | + | <om2m:subscriptionsReference>scl-id/accessRights/AR_ADMIN/subscriptions</om2m:subscriptionsReference> |
</om2m:accessRight> | </om2m:accessRight> | ||
</pre> | </pre> | ||
== Retrieve AccessRight == | == Retrieve AccessRight == | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
'''Example Request''' | '''Example Request''' | ||
Line 278: | Line 260: | ||
<om2m:permissionHolders> | <om2m:permissionHolders> | ||
<om2m:holderRefs> | <om2m:holderRefs> | ||
− | <om2m:holderRef>admin | + | <om2m:holderRef>admin:admin</om2m:holderRef> |
</om2m:holderRefs> | </om2m:holderRefs> | ||
</om2m:permissionHolders> | </om2m:permissionHolders> | ||
Line 294: | Line 276: | ||
<om2m:permissionHolders> | <om2m:permissionHolders> | ||
<om2m:holderRefs> | <om2m:holderRefs> | ||
− | <om2m:holderRef>admin | + | <om2m:holderRef>admin:admin</om2m:holderRef> |
</om2m:holderRefs> | </om2m:holderRefs> | ||
</om2m:permissionHolders> | </om2m:permissionHolders> | ||
</om2m:permission> | </om2m:permission> | ||
</om2m:selfPermissions> | </om2m:selfPermissions> | ||
− | <om2m:subscriptionsReference> | + | <om2m:subscriptionsReference>scl-id/accessRights/AR_ADMIN/subscriptions</om2m:subscriptionsReference> |
</om2m:accessRight> | </om2m:accessRight> | ||
</pre> | </pre> | ||
== Update AccessRight == | == Update AccessRight == | ||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
− | |||
'''Example Request''' | '''Example Request''' | ||
Line 353: | Line 326: | ||
<om2m:permissionHolders> | <om2m:permissionHolders> | ||
<om2m:holderRefs> | <om2m:holderRefs> | ||
− | <om2m:holderRef>admin | + | <om2m:holderRef>admin:admin</om2m:holderRef> |
</om2m:holderRefs> | </om2m:holderRefs> | ||
</om2m:permissionHolders> | </om2m:permissionHolders> | ||
Line 369: | Line 342: | ||
<om2m:permissionHolders> | <om2m:permissionHolders> | ||
<om2m:holderRefs> | <om2m:holderRefs> | ||
− | <om2m:holderRef>admin | + | <om2m:holderRef>admin:admin</om2m:holderRef> |
</om2m:holderRefs> | </om2m:holderRefs> | ||
</om2m:permissionHolders> | </om2m:permissionHolders> | ||
</om2m:permission> | </om2m:permission> | ||
</om2m:selfPermissions> | </om2m:selfPermissions> | ||
− | <om2m:subscriptionsReference> | + | <om2m:subscriptionsReference>scl-id/accessRights/AR_ADMIN/subscriptions</om2m:subscriptionsReference> |
</om2m:accessRight> | </om2m:accessRight> | ||
+ | </pre> | ||
+ | |||
+ | == Delete AccessRight == | ||
+ | |||
+ | '''Example Request''' | ||
+ | |||
+ | <pre> | ||
+ | DELETE /scl-id/accessRights/AR_ADMIN | ||
+ | Host: om2m.laas.fr | ||
+ | Authorization: Basic xxxxxxxxxxxxxxxxxxx | ||
+ | </pre> | ||
+ | |||
+ | '''Example Response''' | ||
+ | |||
+ | <pre> | ||
+ | HTTP/1.1 204 No Content | ||
</pre> | </pre> |
Latest revision as of 18:43, 3 June 2015
Contents
AccessRight resource
Access rights are defined as "white lists" or permissions, i.e. each permission defines "allowed" entities (defined in the permissionHolders) for certain access modes (permissionFlags). Sets of permissions are handled such that the resulting permissions for a group of permissions are the sum of the individual permissions. I.e. an action is permitted if it is permitted by some / any permission in the set.
Attribute Name | Type | Multiplicity | Create | Update | Response |
expirationTime | DateTime | 1 | O | O | M* |
searchStrings | searchStrings | 1 | O | O | M |
creationTime | DateTime | 1 | NP | NP | M |
lastModifiedTime | DateTime | 1 | NP | NP | M |
announceTo | AnnounceTo | 1 | O | O | M* |
permissions | Permissions | 1 | O | O | M |
selfPermissions | Permissions | 1 | M | M | M |
id | NMTOKEN | 1 | O | NP | M* |
subscriptionsReference | AnyURI | 1 | NP | NP | M |
AccessRight XSD schema
<?xml version="1.0" encoding="UTF-8"?> <schema xmlns="http://www.w3.org/2001/XMLSchema" targetNamespace="http://uri.etsi.org/m2m" xmlns:tns="http://uri.etsi.org/m2m"> <include schemaLocation="common.xsd" /> <element name="accessRight" type="tns:AccessRight"/> <complexType name="AccessRight"> <all> <element ref="tns:expirationTime" minOccurs="0" /> <element ref="tns:searchStrings" minOccurs="0" /> <element ref="tns:creationTime" minOccurs="0" /> <element ref="tns:lastModifiedTime" minOccurs="0" /> <element ref="tns:announceTo" minOccurs="0" /> <element ref="tns:permissions" minOccurs="0" /> <element ref="tns:selfPermissions" /> <!-- subresources --> <element ref="tns:subscriptionsReference" minOccurs="0" /> </all> <attribute ref="tns:id" /> </complexType> <element name="permissions" type="tns:PermissionListType"/> <element name="selfPermissions" type="tns:PermissionListType"/> <complexType name="PermissionListType"> <sequence> <element ref="tns:permission" minOccurs="0" maxOccurs="unbounded" /> </sequence> </complexType> <element name="permission" type="tns:PermissionType"/> <complexType name="PermissionType"> <all> <element ref="tns:permissionFlags" minOccurs="1" maxOccurs="1" /> <element ref="tns:permissionHolders" minOccurs="1" maxOccurs="1" /> </all> <attribute ref="tns:id" /> </complexType> <element name="permissionFlags" type="tns:PermissionFlagListType"/> <element name="permissionHolders" type="tns:PermissionHolderType"/> <complexType name="PermissionHolderType"> <all> <element ref="tns:holderRefs" minOccurs="0" maxOccurs="1" /> <element ref="tns:applicationIDs" minOccurs="0" maxOccurs="1" /> <element ref="tns:sclIDs" minOccurs="0" maxOccurs="1" /> <element ref="tns:all" minOccurs="0" maxOccurs="1" /> <element ref="tns:domains" minOccurs="0" maxOccurs="1" /> </all> </complexType> <element name="holderRefs" type="tns:HolderRefListType" /> <element name="domains" type="tns:DomainListType" /> <complexType name="HolderRefListType"> <sequence> <element ref="tns:holderRef" minOccurs="0" maxOccurs="unbounded" /> </sequence> </complexType> <complexType name="DomainListType"> <sequence> <element ref="tns:domain" minOccurs="0" maxOccurs="unbounded" /> </sequence> </complexType> <element name="holderRef" type="anyURI"/> <element name="all"> <complexType> <complexContent> <restriction base="anyType" /> </complexContent> </complexType> </element> <element name="domain" type="anyURI"/> <simpleType name="PermissionFlagType"> <restriction base="string"> <enumeration value="READ"/> <enumeration value="WRITE"/> <enumeration value="DISCOVER"/> <enumeration value="DELETE"/> <enumeration value="CREATE"/> </restriction> </simpleType> <element name="flag" type="tns:PermissionFlagType"/> <complexType name="PermissionFlagListType"> <sequence> <element ref="tns:flag" minOccurs="0" maxOccurs="unbounded" /> </sequence> </complexType> <element name="applicationIDs" type="tns:ApplicationIDs" /> <complexType name="ApplicationIDs"> <sequence> <element ref="tns:applicationID" minOccurs="0" maxOccurs="unbounded" /> </sequence> </complexType> <element name="applicationID" type="string" /> <element name="sclIDs" type="tns:SclIDs" /> <complexType name="SclIDs"> <sequence> <element ref="tns:sclID" minOccurs="0" maxOccurs="unbounded" /> </sequence> </complexType> <element name="sclID" type="string" /> </schema>
Create AccessRight
Example Request
POST /scl-id/accessRights Host: om2m.laas.fr Authorization: Basic xxxxxxxxxxxxxxxxxxx Body: <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <om2m:accessRight xmlns:om2m="http://uri.etsi.org/m2m" xmlns:xmime="http://www.w3.org/2005/05/xmlmime" om2m:id="AR_ADMIN"> <om2m:permissions> <om2m:permission om2m:id="Admin_Permission"> <om2m:permissionFlags> <om2m:flag>CREATE</om2m:flag> <om2m:flag>WRITE</om2m:flag> <om2m:flag>READ</om2m:flag> <om2m:flag>DELETE</om2m:flag> <om2m:flag>DISCOVER</om2m:flag> </om2m:permissionFlags> <om2m:permissionHolders> <om2m:holderRefs> <om2m:holderRef>admin:admin</om2m:holderRef> </om2m:holderRefs> </om2m:permissionHolders> </om2m:permission> </om2m:permissions> <om2m:selfPermissions> <om2m:permission om2m:id="Self_Permission"> <om2m:permissionFlags> <om2m:flag>CREATE</om2m:flag> <om2m:flag>WRITE</om2m:flag> <om2m:flag>READ</om2m:flag> <om2m:flag>DELETE</om2m:flag> <om2m:flag>DISCOVER</om2m:flag> </om2m:permissionFlags> <om2m:permissionHolders> <om2m:holderRefs> <om2m:holderRef>admin:admin</om2m:holderRef> </om2m:holderRefs> </om2m:permissionHolders> </om2m:permission> </om2m:selfPermissions> </om2m:accessRight>
Example Response
HTTP/1.1 201 Created Content-Type: text/xml <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <om2m:accessRight xmlns:om2m="http://uri.etsi.org/m2m" xmlns:xmime="http://www.w3.org/2005/05/xmlmime" om2m:id="AR_ADMIN"> <om2m:expirationTime>2034-04-17T16:14:33.110+02:00</om2m:expirationTime> <om2m:searchStrings> <om2m:searchString>ResourceType/AccessRight</om2m:searchString> <om2m:searchString>ResourceID/AR_ADMIN</om2m:searchString> </om2m:searchStrings> <om2m:creationTime>2014-04-17T16:14:33.110+02:00</om2m:creationTime> <om2m:lastModifiedTime>2014-04-17T16:14:33.110+02:00</om2m:lastModifiedTime> <om2m:permissions> <om2m:permission om2m:id="Admin_Permission"> <om2m:permissionFlags> <om2m:flag>CREATE</om2m:flag> <om2m:flag>WRITE</om2m:flag> <om2m:flag>READ</om2m:flag> <om2m:flag>DELETE</om2m:flag> <om2m:flag>DISCOVER</om2m:flag> </om2m:permissionFlags> <om2m:permissionHolders> <om2m:holderRefs> <om2m:holderRef>admin:admin</om2m:holderRef> </om2m:holderRefs> </om2m:permissionHolders> </om2m:permission> </om2m:permissions> <om2m:selfPermissions> <om2m:permission om2m:id="Self_Permission"> <om2m:permissionFlags> <om2m:flag>CREATE</om2m:flag> <om2m:flag>WRITE</om2m:flag> <om2m:flag>READ</om2m:flag> <om2m:flag>DELETE</om2m:flag> <om2m:flag>DISCOVER</om2m:flag> </om2m:permissionFlags> <om2m:permissionHolders> <om2m:holderRefs> <om2m:holderRef>admin:admin</om2m:holderRef> </om2m:holderRefs> </om2m:permissionHolders> </om2m:permission> </om2m:selfPermissions> <om2m:subscriptionsReference>scl-id/accessRights/AR_ADMIN/subscriptions</om2m:subscriptionsReference> </om2m:accessRight>
Retrieve AccessRight
Example Request
GET /scl-id/accessRights/AR_ADMIN Host: om2m.laas.fr Authorization: Basic xxxxxxxxxxxxxxxxxxx
Example Response
HTTP/1.1 200 OK Content-Type: text/xml <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <om2m:accessRight xmlns:om2m="http://uri.etsi.org/m2m" xmlns:xmime="http://www.w3.org/2005/05/xmlmime" om2m:id="AR_ADMIN"> <om2m:expirationTime>2034-04-17T16:14:33.110+02:00</om2m:expirationTime> <om2m:searchStrings> <om2m:searchString>ResourceType/AccessRight</om2m:searchString> <om2m:searchString>ResourceID/AR_ADMIN</om2m:searchString> </om2m:searchStrings> <om2m:creationTime>2014-04-17T16:14:33.110+02:00</om2m:creationTime> <om2m:lastModifiedTime>2014-04-17T16:14:33.110+02:00</om2m:lastModifiedTime> <om2m:permissions> <om2m:permission om2m:id="Admin_Permission"> <om2m:permissionFlags> <om2m:flag>CREATE</om2m:flag> <om2m:flag>WRITE</om2m:flag> <om2m:flag>READ</om2m:flag> <om2m:flag>DELETE</om2m:flag> <om2m:flag>DISCOVER</om2m:flag> </om2m:permissionFlags> <om2m:permissionHolders> <om2m:holderRefs> <om2m:holderRef>admin:admin</om2m:holderRef> </om2m:holderRefs> </om2m:permissionHolders> </om2m:permission> </om2m:permissions> <om2m:selfPermissions> <om2m:permission om2m:id="Self_Permission"> <om2m:permissionFlags> <om2m:flag>CREATE</om2m:flag> <om2m:flag>WRITE</om2m:flag> <om2m:flag>READ</om2m:flag> <om2m:flag>DELETE</om2m:flag> <om2m:flag>DISCOVER</om2m:flag> </om2m:permissionFlags> <om2m:permissionHolders> <om2m:holderRefs> <om2m:holderRef>admin:admin</om2m:holderRef> </om2m:holderRefs> </om2m:permissionHolders> </om2m:permission> </om2m:selfPermissions> <om2m:subscriptionsReference>scl-id/accessRights/AR_ADMIN/subscriptions</om2m:subscriptionsReference> </om2m:accessRight>
Update AccessRight
Example Request
PUT /scl-id/accessRights/AR_ADMIN Host: om2m.laas.fr Authorization: Basic xxxxxxxxxxxxxxxxxxx Body: <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <om2m:accessRight xmlns:om2m="http://uri.etsi.org/m2m" xmlns:xmime="http://www.w3.org/2005/05/xmlmime"> <om2m:expirationTime>2015-04-20T16:25:48.125+02:00</om2m:expirationTime> </om2m:accessRight>
Example Response
HTTP/1.1 200 OK Content-Type: text/xml <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <om2m:accessRight xmlns:om2m="http://uri.etsi.org/m2m" xmlns:xmime="http://www.w3.org/2005/05/xmlmime" om2m:id="AR_ADMIN"> <om2m:expirationTime>2015-04-20T16:25:48.125+02:00</om2m:expirationTime> <om2m:searchStrings> <om2m:searchString>ResourceType/AccessRight</om2m:searchString> <om2m:searchString>ResourceID/AR_ADMIN</om2m:searchString> </om2m:searchStrings> <om2m:creationTime>2014-04-17T16:14:33.110+02:00</om2m:creationTime> <om2m:lastModifiedTime>2014-04-17T16:20:23.321+02:00</om2m:lastModifiedTime> <om2m:permissions> <om2m:permission om2m:id="Admin_Permission"> <om2m:permissionFlags> <om2m:flag>CREATE</om2m:flag> <om2m:flag>WRITE</om2m:flag> <om2m:flag>READ</om2m:flag> <om2m:flag>DELETE</om2m:flag> <om2m:flag>DISCOVER</om2m:flag> </om2m:permissionFlags> <om2m:permissionHolders> <om2m:holderRefs> <om2m:holderRef>admin:admin</om2m:holderRef> </om2m:holderRefs> </om2m:permissionHolders> </om2m:permission> </om2m:permissions> <om2m:selfPermissions> <om2m:permission om2m:id="Self_Permission"> <om2m:permissionFlags> <om2m:flag>CREATE</om2m:flag> <om2m:flag>WRITE</om2m:flag> <om2m:flag>READ</om2m:flag> <om2m:flag>DELETE</om2m:flag> <om2m:flag>DISCOVER</om2m:flag> </om2m:permissionFlags> <om2m:permissionHolders> <om2m:holderRefs> <om2m:holderRef>admin:admin</om2m:holderRef> </om2m:holderRefs> </om2m:permissionHolders> </om2m:permission> </om2m:selfPermissions> <om2m:subscriptionsReference>scl-id/accessRights/AR_ADMIN/subscriptions</om2m:subscriptionsReference> </om2m:accessRight>
Delete AccessRight
Example Request
DELETE /scl-id/accessRights/AR_ADMIN Host: om2m.laas.fr Authorization: Basic xxxxxxxxxxxxxxxxxxx
Example Response
HTTP/1.1 204 No Content