Skip to main content

Notice: this Wiki will be going read only early in 2024 and edits will no longer be possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.

Jump to: navigation, search

OM2M/AccessRight

< OM2M
Revision as of 18:43, 3 June 2015 by Benalaya.sensinov.com (Talk | contribs) (Update AccessRight)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

AccessRight resource

Access rights are defined as "white lists" or permissions, i.e. each permission defines "allowed" entities (defined in the permissionHolders) for certain access modes (permissionFlags). Sets of permissions are handled such that the resulting permissions for a group of permissions are the sum of the individual permissions. I.e. an action is permitted if it is permitted by some / any permission in the set.


Attribute Name Type Multiplicity Create Update Response
expirationTime DateTime 1 O O M*
searchStrings searchStrings 1 O O M
creationTime DateTime 1 NP NP M
lastModifiedTime DateTime 1 NP NP M
announceTo AnnounceTo 1 O O M*
permissions Permissions 1 O O M
selfPermissions Permissions 1 M M M
id NMTOKEN 1 O NP M*
subscriptionsReference AnyURI 1 NP NP M

AccessRight XSD schema

<?xml version="1.0" encoding="UTF-8"?>
<schema xmlns="http://www.w3.org/2001/XMLSchema" targetNamespace="http://uri.etsi.org/m2m" xmlns:tns="http://uri.etsi.org/m2m">
  <include schemaLocation="common.xsd" />
  <element name="accessRight" type="tns:AccessRight"/>
  <complexType name="AccessRight">
    <all>
      <element ref="tns:expirationTime" minOccurs="0" />
      <element ref="tns:searchStrings" minOccurs="0" />
      <element ref="tns:creationTime" minOccurs="0" />
      <element ref="tns:lastModifiedTime" minOccurs="0" />
      <element ref="tns:announceTo" minOccurs="0" />
      <element ref="tns:permissions" minOccurs="0" />
      <element ref="tns:selfPermissions" />
      <!-- subresources -->
      <element ref="tns:subscriptionsReference" minOccurs="0" />
    </all>
    <attribute ref="tns:id" />
  </complexType>
  <element name="permissions" type="tns:PermissionListType"/>
  <element name="selfPermissions" type="tns:PermissionListType"/>
  <complexType name="PermissionListType">
    <sequence>
      <element ref="tns:permission" minOccurs="0" maxOccurs="unbounded" />
    </sequence>
  </complexType>
  <element name="permission" type="tns:PermissionType"/>
  <complexType name="PermissionType">
    <all>
      <element ref="tns:permissionFlags" minOccurs="1" maxOccurs="1" />
      <element ref="tns:permissionHolders" minOccurs="1" maxOccurs="1" />
    </all>
    <attribute ref="tns:id" />
  </complexType>
  <element name="permissionFlags" type="tns:PermissionFlagListType"/>
  <element name="permissionHolders" type="tns:PermissionHolderType"/>
  <complexType name="PermissionHolderType">
    <all>
      <element ref="tns:holderRefs" minOccurs="0" maxOccurs="1" />
      <element ref="tns:applicationIDs" minOccurs="0" maxOccurs="1" />
      <element ref="tns:sclIDs" minOccurs="0" maxOccurs="1" />
      <element ref="tns:all" minOccurs="0" maxOccurs="1" />
      <element ref="tns:domains" minOccurs="0" maxOccurs="1" />
    </all>
  </complexType>
  <element name="holderRefs" type="tns:HolderRefListType" />
  <element name="domains" type="tns:DomainListType" />
  <complexType name="HolderRefListType">
    <sequence>
      <element ref="tns:holderRef" minOccurs="0" maxOccurs="unbounded" />
    </sequence>
  </complexType>
  <complexType name="DomainListType">
    <sequence>
      <element ref="tns:domain" minOccurs="0" maxOccurs="unbounded" />
    </sequence>
  </complexType>
  <element name="holderRef" type="anyURI"/>
  <element name="all">
    <complexType>
      <complexContent>
        <restriction base="anyType" />
      </complexContent>
    </complexType>
  </element>
  <element name="domain" type="anyURI"/>
  <simpleType name="PermissionFlagType">
    <restriction base="string">
      <enumeration value="READ"/>
      <enumeration value="WRITE"/>
      <enumeration value="DISCOVER"/>
      <enumeration value="DELETE"/>
      <enumeration value="CREATE"/>
    </restriction>
  </simpleType>
  <element name="flag" type="tns:PermissionFlagType"/>
  <complexType name="PermissionFlagListType">
    <sequence>
      <element ref="tns:flag" minOccurs="0" maxOccurs="unbounded" />
    </sequence>
  </complexType>
  <element name="applicationIDs" type="tns:ApplicationIDs" />
  <complexType name="ApplicationIDs">
    <sequence>
      <element ref="tns:applicationID" minOccurs="0" maxOccurs="unbounded" />
    </sequence>
  </complexType>
  <element name="applicationID" type="string" />
  <element name="sclIDs" type="tns:SclIDs" />
  <complexType name="SclIDs">
    <sequence>
      <element ref="tns:sclID" minOccurs="0" maxOccurs="unbounded" />
    </sequence>
  </complexType>
  <element name="sclID" type="string" />
</schema>

Create AccessRight

Example Request 

POST /scl-id/accessRights
Host: om2m.laas.fr
Authorization: Basic xxxxxxxxxxxxxxxxxxx
Body:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<om2m:accessRight xmlns:om2m="http://uri.etsi.org/m2m" xmlns:xmime="http://www.w3.org/2005/05/xmlmime" om2m:id="AR_ADMIN">
    <om2m:permissions>
        <om2m:permission om2m:id="Admin_Permission">
            <om2m:permissionFlags>
                <om2m:flag>CREATE</om2m:flag>
                <om2m:flag>WRITE</om2m:flag>
                <om2m:flag>READ</om2m:flag>
                <om2m:flag>DELETE</om2m:flag>
                <om2m:flag>DISCOVER</om2m:flag>
            </om2m:permissionFlags>
            <om2m:permissionHolders>
                <om2m:holderRefs>
                    <om2m:holderRef>admin:admin</om2m:holderRef>
                </om2m:holderRefs>
            </om2m:permissionHolders>
        </om2m:permission>
    </om2m:permissions>
    <om2m:selfPermissions>
        <om2m:permission om2m:id="Self_Permission">
            <om2m:permissionFlags>
                <om2m:flag>CREATE</om2m:flag>
                <om2m:flag>WRITE</om2m:flag>
                <om2m:flag>READ</om2m:flag>
                <om2m:flag>DELETE</om2m:flag>
                <om2m:flag>DISCOVER</om2m:flag>
            </om2m:permissionFlags>
            <om2m:permissionHolders>
                <om2m:holderRefs>
                    <om2m:holderRef>admin:admin</om2m:holderRef>
                </om2m:holderRefs>
            </om2m:permissionHolders>
        </om2m:permission>
    </om2m:selfPermissions>
</om2m:accessRight>

Example Response 

HTTP/1.1 201 Created
Content-Type: text/xml

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<om2m:accessRight xmlns:om2m="http://uri.etsi.org/m2m" xmlns:xmime="http://www.w3.org/2005/05/xmlmime" om2m:id="AR_ADMIN">
    <om2m:expirationTime>2034-04-17T16:14:33.110+02:00</om2m:expirationTime>
    <om2m:searchStrings>
        <om2m:searchString>ResourceType/AccessRight</om2m:searchString>
        <om2m:searchString>ResourceID/AR_ADMIN</om2m:searchString>
    </om2m:searchStrings>
    <om2m:creationTime>2014-04-17T16:14:33.110+02:00</om2m:creationTime>
    <om2m:lastModifiedTime>2014-04-17T16:14:33.110+02:00</om2m:lastModifiedTime>
    <om2m:permissions>
        <om2m:permission om2m:id="Admin_Permission">
            <om2m:permissionFlags>
                <om2m:flag>CREATE</om2m:flag>
                <om2m:flag>WRITE</om2m:flag>
                <om2m:flag>READ</om2m:flag>
                <om2m:flag>DELETE</om2m:flag>
                <om2m:flag>DISCOVER</om2m:flag>
            </om2m:permissionFlags>
            <om2m:permissionHolders>
                <om2m:holderRefs>
                    <om2m:holderRef>admin:admin</om2m:holderRef>
                </om2m:holderRefs>
            </om2m:permissionHolders>
        </om2m:permission>
    </om2m:permissions>
    <om2m:selfPermissions>
        <om2m:permission om2m:id="Self_Permission">
            <om2m:permissionFlags>
                <om2m:flag>CREATE</om2m:flag>
                <om2m:flag>WRITE</om2m:flag>
                <om2m:flag>READ</om2m:flag>
                <om2m:flag>DELETE</om2m:flag>
                <om2m:flag>DISCOVER</om2m:flag>
            </om2m:permissionFlags>
            <om2m:permissionHolders>
                <om2m:holderRefs>
                    <om2m:holderRef>admin:admin</om2m:holderRef>
                </om2m:holderRefs>
            </om2m:permissionHolders>
        </om2m:permission>
    </om2m:selfPermissions>
    <om2m:subscriptionsReference>scl-id/accessRights/AR_ADMIN/subscriptions</om2m:subscriptionsReference>
</om2m:accessRight>

Retrieve AccessRight

Example Request 

GET /scl-id/accessRights/AR_ADMIN
Host: om2m.laas.fr
Authorization: Basic xxxxxxxxxxxxxxxxxxx

Example Response 

HTTP/1.1 200 OK
Content-Type: text/xml

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<om2m:accessRight xmlns:om2m="http://uri.etsi.org/m2m" xmlns:xmime="http://www.w3.org/2005/05/xmlmime" om2m:id="AR_ADMIN">
    <om2m:expirationTime>2034-04-17T16:14:33.110+02:00</om2m:expirationTime>
    <om2m:searchStrings>
        <om2m:searchString>ResourceType/AccessRight</om2m:searchString>
        <om2m:searchString>ResourceID/AR_ADMIN</om2m:searchString>
    </om2m:searchStrings>
    <om2m:creationTime>2014-04-17T16:14:33.110+02:00</om2m:creationTime>
    <om2m:lastModifiedTime>2014-04-17T16:14:33.110+02:00</om2m:lastModifiedTime>
    <om2m:permissions>
        <om2m:permission om2m:id="Admin_Permission">
            <om2m:permissionFlags>
                <om2m:flag>CREATE</om2m:flag>
                <om2m:flag>WRITE</om2m:flag>
                <om2m:flag>READ</om2m:flag>
                <om2m:flag>DELETE</om2m:flag>
                <om2m:flag>DISCOVER</om2m:flag>
            </om2m:permissionFlags>
            <om2m:permissionHolders>
                <om2m:holderRefs>
                    <om2m:holderRef>admin:admin</om2m:holderRef>
                </om2m:holderRefs>
            </om2m:permissionHolders>
        </om2m:permission>
    </om2m:permissions>
    <om2m:selfPermissions>
        <om2m:permission om2m:id="Self_Permission">
            <om2m:permissionFlags>
                <om2m:flag>CREATE</om2m:flag>
                <om2m:flag>WRITE</om2m:flag>
                <om2m:flag>READ</om2m:flag>
                <om2m:flag>DELETE</om2m:flag>
                <om2m:flag>DISCOVER</om2m:flag>
            </om2m:permissionFlags>
            <om2m:permissionHolders>
                <om2m:holderRefs>
                    <om2m:holderRef>admin:admin</om2m:holderRef>
                </om2m:holderRefs>
            </om2m:permissionHolders>
        </om2m:permission>
    </om2m:selfPermissions>
    <om2m:subscriptionsReference>scl-id/accessRights/AR_ADMIN/subscriptions</om2m:subscriptionsReference>
</om2m:accessRight>

Update AccessRight

Example Request 

PUT /scl-id/accessRights/AR_ADMIN
Host: om2m.laas.fr
Authorization: Basic xxxxxxxxxxxxxxxxxxx
Body:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<om2m:accessRight xmlns:om2m="http://uri.etsi.org/m2m" xmlns:xmime="http://www.w3.org/2005/05/xmlmime">
    <om2m:expirationTime>2015-04-20T16:25:48.125+02:00</om2m:expirationTime>
</om2m:accessRight>

Example Response 

HTTP/1.1 200 OK
Content-Type: text/xml

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<om2m:accessRight xmlns:om2m="http://uri.etsi.org/m2m" xmlns:xmime="http://www.w3.org/2005/05/xmlmime" om2m:id="AR_ADMIN">
    <om2m:expirationTime>2015-04-20T16:25:48.125+02:00</om2m:expirationTime>
    <om2m:searchStrings>
        <om2m:searchString>ResourceType/AccessRight</om2m:searchString>
        <om2m:searchString>ResourceID/AR_ADMIN</om2m:searchString>
    </om2m:searchStrings>
    <om2m:creationTime>2014-04-17T16:14:33.110+02:00</om2m:creationTime>
    <om2m:lastModifiedTime>2014-04-17T16:20:23.321+02:00</om2m:lastModifiedTime>
    <om2m:permissions>
        <om2m:permission om2m:id="Admin_Permission">
            <om2m:permissionFlags>
                <om2m:flag>CREATE</om2m:flag>
                <om2m:flag>WRITE</om2m:flag>
                <om2m:flag>READ</om2m:flag>
                <om2m:flag>DELETE</om2m:flag>
                <om2m:flag>DISCOVER</om2m:flag>
            </om2m:permissionFlags>
            <om2m:permissionHolders>
                <om2m:holderRefs>
                    <om2m:holderRef>admin:admin</om2m:holderRef>
                </om2m:holderRefs>
            </om2m:permissionHolders>
        </om2m:permission>
    </om2m:permissions>
    <om2m:selfPermissions>
        <om2m:permission om2m:id="Self_Permission">
            <om2m:permissionFlags>
                <om2m:flag>CREATE</om2m:flag>
                <om2m:flag>WRITE</om2m:flag>
                <om2m:flag>READ</om2m:flag>
                <om2m:flag>DELETE</om2m:flag>
                <om2m:flag>DISCOVER</om2m:flag>
            </om2m:permissionFlags>
            <om2m:permissionHolders>
                <om2m:holderRefs>
                    <om2m:holderRef>admin:admin</om2m:holderRef>
                </om2m:holderRefs>
            </om2m:permissionHolders>
        </om2m:permission>
    </om2m:selfPermissions>
    <om2m:subscriptionsReference>scl-id/accessRights/AR_ADMIN/subscriptions</om2m:subscriptionsReference>
</om2m:accessRight>

Delete AccessRight

Example Request 

DELETE /scl-id/accessRights/AR_ADMIN
Host: om2m.laas.fr
Authorization: Basic xxxxxxxxxxxxxxxxxxx

Example Response 

HTTP/1.1 204 No Content
Retrieved from "https://wiki.eclipse.org/index.php?title=OM2M/AccessRight&oldid=385920"

This page was last modified 18:43, 3 June 2015 by Mahdi Ben Alaya. Based on work by Yassine Banouar.

Back to the top