[teiid-dev] VDB Data Policy structure

Ramesh Reddy rareddy at redhat.com
Mon Jul 19 09:39:43 EDT 2010 

Yes. "resource-name" should contain the full name of the table.

Ramesh..

On Mon, 2010-07-19 at 08:23 -0400, Barry Lafond wrote:
> Looking at vdb-deployer.xsd and the "data-policy" element....
> 
> I'm not sure how we inject table/column-specific permissions from
> Designer?
> 
> The "permission" complex type contains CRUD values for a
> "resource-name" element. Is this element supposed to be used for a
> named object within a model like the table:
> PartsOracle.PARTS.SUPPLIER?
> 
> I created a sample xml fragment below. Can you comment?
> 
> 
> <data-policy name="HR Model Data Policy">
>     <description>Access to HR department to create, read, update and
> delete personnel records.</description>
>     <permission>
>         <resource-name>HROracleAllView</resource-name>
>         <allow-create>TRUE</allow-create>
>         <allow-read>TRUE</allow-read>
>         <allow-update>TRUE</allow-update>
>         <allow-delete>TRUE</allow-delete>
>     </permission>
>     <permission>
> 
> <resource-name>HROracleAllView.Management.Payroll</resource-name>
>         <allow-create>FALSE</allow-create>
>         <allow-read>TRUE</allow-read>
>         <allow-update>FALSE</allow-update>
>         <allow-delete>FALSE</allow-delete>
>     </permission>
>         <permission>
>         <resource-name>HROracleAllView.Salary.Payroll</resource-name>
>         <allow-create>TRUE</allow-create>
>         <allow-read>TRUE</allow-read>
>         <allow-update>TRUE</allow-update>
>         <allow-delete>TRUE</allow-delete>
>     </permission>
>     <mapped-role-name>Full Personnel Records</mapped-role-name>
> </data-policy>
> 
> 
> <xs:element name="data-policy" minOccurs="0" maxOccurs="unbounded">
>     <xs:complexType>
>         <xs:sequence>
>             <xs:element name="description" type="xs:string"
> minOccurs="0"/>
>             <xs:element name="permission" minOccurs="1"
> maxOccurs="unbounded">
>                 <xs:complexType>
>                     <xs:sequence>                            
>                         <xs:element name="resource-name"
> type="xs:string"/>
>                         <xs:element name="allow-create"
> type="xs:boolean" minOccurs="0"/>
>                         <xs:element name="allow-read"
> type="xs:boolean" minOccurs="0"/>
>                         <xs:element name="allow-update"
> type="xs:boolean" minOccurs="0"/>
>                         <xs:element name="allow-delete"
> type="xs:boolean" minOccurs="0"/>
>                     </xs:sequence>      
>                 </xs:complexType>
> 
> </xs:element>                                                                      
>             <xs:element name="mapped-role-name" type="xs:string"
> minOccurs="0" maxOccurs="unbounded"/>
>         </xs:sequence>
>         <xs:attribute name="name" type="xs:string" use="required"/>
>     </xs:complexType>
> </xs:element>
> 
> Barry
> 
> _______________________________________________
> teiid-dev mailing list
> teiid-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/teiid-dev

More information about the teiid-dev mailing list