Looking at vdb-deployer.xsd and the "data-policy" element....

I'm not sure how we inject table/column-specific permissions from Designer?

The "permission" complex type contains CRUD values for a "resource-name" element. Is this element supposed to be used for a named object within a model like the table:  PartsOracle.PARTS.SUPPLIER?

I created a sample xml fragment below. Can you comment?


<data-policy name="HR Model Data Policy">
    <description>Access to HR department to create, read, update and delete personnel records.</description>
    <permission>
        <resource-name>HROracleAllView</resource-name>
        <allow-create>TRUE</allow-create>
        <allow-read>TRUE</allow-read>
        <allow-update>TRUE</allow-update>
        <allow-delete>TRUE</allow-delete>
    </permission>
    <permission>
        <resource-name>HROracleAllView.Management.Payroll</resource-name>
        <allow-create>FALSE</allow-create>
        <allow-read>TRUE</allow-read>
        <allow-update>FALSE</allow-update>
        <allow-delete>FALSE</allow-delete>
    </permission>
        <permission>
        <resource-name>HROracleAllView.Salary.Payroll</resource-name>
        <allow-create>TRUE</allow-create>
        <allow-read>TRUE</allow-read>
        <allow-update>TRUE</allow-update>
        <allow-delete>TRUE</allow-delete>
    </permission>
    <mapped-role-name>Full Personnel Records</mapped-role-name>
</data-policy>


<xs:element name="data-policy" minOccurs="0" maxOccurs="unbounded">
    <xs:complexType>
        <xs:sequence>
            <xs:element name="description" type="xs:string" minOccurs="0"/>
            <xs:element name="permission" minOccurs="1" maxOccurs="unbounded">
                <xs:complexType>
                    <xs:sequence>                           
                        <xs:element name="resource-name" type="xs:string"/>
                        <xs:element name="allow-create" type="xs:boolean" minOccurs="0"/>
                        <xs:element name="allow-read" type="xs:boolean" minOccurs="0"/>
                        <xs:element name="allow-update" type="xs:boolean" minOccurs="0"/>
                        <xs:element name="allow-delete" type="xs:boolean" minOccurs="0"/>
                    </xs:sequence>     
                </xs:complexType>
            </xs:element>                                                                     
            <xs:element name="mapped-role-name" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
        </xs:sequence>
        <xs:attribute name="name" type="xs:string" use="required"/>
    </xs:complexType>
</xs:element>

Barry