[teiid-dev] VDB Data Policy structure

[Barry Lafond]

Looking at vdb-deployer.xsd and the "data-policy" element.... 

I'm not sure how we inject table/column-specific permissions from Designer? 

The "permission" complex type contains CRUD values for a "resource-name" element. Is this element supposed to be used for a named object within a model like the table: PartsOracle.PARTS.SUPPLIER? 

I created a sample xml fragment below. Can you comment? 


<data-policy name="HR Model Data Policy"> 
<description>Access to HR department to create, read, update and delete personnel records.</description> 
<permission> 
<resource-name> HROracleAllView </resource-name> 
<allow-create>TRUE</allow-create> 
<allow-read>TRUE</allow-read> 
<allow-update>TRUE</allow-update> 
<allow-delete>TRUE</allow-delete> 
</permission> 
<permission> 
<resource-name> HROracleAllView.Management.Payrol l </resource-name> 
<allow-create>FALSE</allow-create> 
<allow-read>TRUE</allow-read> 
<allow-update>FALSE</allow-update> 
<allow-delete>FALSE</allow-delete> 
</permission> 
<permission> 
<resource-name> HROracleAllView.Salary.Payroll </resource-name> 
<allow-create>TRUE</allow-create> 
<allow-read>TRUE</allow-read> 
<allow-update>TRUE</allow-update> 
<allow-delete>TRUE</allow-delete> 
</permission> 
<mapped-role-name>Full Personnel Records</mapped-role-name> 
</data-policy> 


<xs:element name="data-policy" minOccurs="0" maxOccurs="unbounded"> 
<xs:complexType> 
<xs:sequence> 
<xs:element name="description" type="xs:string" minOccurs="0"/> 
<xs:element name="permission" minOccurs="1" maxOccurs="unbounded"> 
<xs:complexType> 
<xs:sequence> 
<xs:element name="resource-name" type="xs:string"/> 
<xs:element name="allow-create" type="xs:boolean" minOccurs="0"/> 
<xs:element name="allow-read" type="xs:boolean" minOccurs="0"/> 
<xs:element name="allow-update" type="xs:boolean" minOccurs="0"/> 
<xs:element name="allow-delete" type="xs:boolean" minOccurs="0"/> 
</xs:sequence> 
</xs:complexType> 
</xs:element> 
<xs:element name="mapped-role-name" type="xs:string" minOccurs="0" maxOccurs="unbounded"/> 
</xs:sequence> 
<xs:attribute name="name" type="xs:string" use="required"/> 
</xs:complexType> 
</xs:element> 

Barry 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/teiid-dev/attachments/20100719/9c7a8d3b/attachment.html