// Copyright (c) 2008 DMTF. All rights reserved. [Version ( "2.18.0" ), UMLPackagePath ( "CIM::User::Role" ), Description ( "The Role object class is used to represent a position or set " "of responsibilities within an organization, organizational " "unit or other scope, and MAY be filled by a person or persons " "(or non-human entities represented by ManagedSystemElement " "subclasses) - i.e., the \'role occupants\'. The latter MAY be " "explicitly associated to a Role, by associating Identities " "using MemberOfCollection. The \'position or set of " "responsibilities\' of a Role are represented as a set of " "rights defined by instances of the Privilege class, and are " "also associated to the Role via MemberOfCollection. If " "Identities are not explicitly associated, instances of " "AuthorizationRule MUST be associated with a Role using " "AuthorizationRuleAppliesToRole. The rule defines how subject " "entities are authorized for a Role and to which target " "entities the Role applies. \n" "\n" "The Role class is defined so as to incorporate commonly-used " "LDAP attributes to permit implementations to easily derive " "this information from LDAP-accessible directories. This " "class\'s properties are a subset of a related class, " "OtherRoleInformation, which defines all the group properties " "and uses arrays for directory compatibility." )] class CIM_Role : CIM_Collection { [Key, Description ( "CreationClassName indicates the name of the class or the " "subclass used in the creation of an instance. When used " "with the other key properties of this class, this " "property allows all instances of this class and its " "subclasses to be uniquely identified." ), MaxLen ( 256 )] string CreationClassName; [Key, Description ( "The Name property defines the label by which the object " "is known. In the case of an LDAP-derived instance, the " "Name property value may be set to the distinguished name " "of the LDAP-accessed object instance." ), MaxLen ( 1024 )] string Name; [Description ( "This property may be used to describe the kind of " "business activity performed by the members (role " "occupants) in the position or set of responsibilities " "represented by the Role." ), MaxLen ( 128 )] string BusinessCategory; [Required, Description ( "A Common Name is a (possibly ambiguous) name by which " "the role is commonly known in some limited scope (such " "as an organization) and conforms to the naming " "conventions of the country or culture with which it is " "associated." )] string CommonName; [Description ( "RoleCharacteristics provides descriptive information " "about the intended usage of the Role.\n" "When the value 2 \"Static\" is specified, no " "modification to the role shall be allowed. Any requests " "by client to change the privileges or the scope of the " "role by modifying the associated instances of " "CIM_Privilege or referencing associations shall fail.\n" "When the value 2 \"Static\" is not specified, the " "instance of CIM_Role may be modified by a client. The " "modification may include changing the scope of the role " "or rights granted. When the value 3 \"Opaque\" is " "specified, the rights granted by the CIM_Role instance " "shall not be explicitly modeled through aggregation of " "instances of CIM_Privilege.\n" "When the value 3 \"Opaque\" is not specified, the rights " "granted by the instance of CIM_Role shall be explicitly " "modeled through aggregation of instances of " "CIM_Privilege." ), ValueMap { "2", "3", "..", "32000..65535" }, Values { "Static", "Opaque", "DMTF Reserved", "Vendor Specific" }] uint16 RoleCharacteristics[]; };