Return to
CIM_PrivilegeManagementService.mof
CVS log
Up to [Pegasus] / pegasus / Schemas / CIM231 / DMTF / User
|
Return to
CIM_PrivilegeManagementService.mof
CVS log
|
Up to [Pegasus] / pegasus / Schemas / CIM231 / DMTF / User
|
|
File: [Pegasus] / pegasus / Schemas / CIM231 / DMTF / User / CIM_PrivilegeManagementService.mof
(download)
Revision: 1.1.2.2, Wed Feb 15 17:46:57 2012 UTC (12 years, 4 months ago) by karl Branch: TASK-PEP317_pullop-branch CVS Tags: TASK_PEP317_1JUNE_2013, TASK-PEP317_pullop-merged_out_to_branch, TASK-PEP317_pullop-merged_in_from_branch, PREAUG25UPDATE, POSTAUG25UPDATE Changes since 1.1.2.1: +290 -0 lines BUG#: 99999 TITLE: Task317 Branch -- pull operations. Sync to head of tree DESCRIPTION: Sync the branch back to the head of cvs tree |
// Copyright (c) 2008 DMTF. All rights reserved.
[Version ( "2.20.0" ),
UMLPackagePath ( "CIM::User::PrivilegeManagementService" ),
Description (
"The PrivilegeManagementService is responsible for creating, "
"deleting, and associating AuthorizedPrivilege instances. "
"References to \'subject\' and \'target\' define the entities "
"that are associated with an AuthorizedPrivilege instance via "
"the relationships, AuthorizedSubject and AuthorizedTarget, "
"respectively. When created, an AuthorizedPrivilege instance is "
"related to this (PrivilegeManagement)Service via the "
"association, ConcreteDependency." )]
class CIM_PrivilegeManagementService : CIM_AuthorizationService {
[Description (
"When this method is called, a provider updates the "
"specified Subject\'s rights to the Target according to "
"the parameters of this call. The rights are modeled via "
"an AuthorizedPrivilege instance. If an "
"AuthorizedPrivilege instance is created as a result of "
"this call, it MUST be linked to the Subject and Target "
"via the AuthorizedSubject and AuthorizedTarget "
"associations, respectively. When created, the "
"AuthorizedPrivilege instance is associated to this "
"PrivilegeManagementService via ConcreteDependency. If "
"the execution of this call results in no rights between "
"the Subject and Target, then they MUST NOT be linked to "
"a particular AuthorizedPrivilege instance via "
"AuthorizedSubject and AuthorizedTarget respectively. \n"
"\n"
"Note that regardless of whether specified via parameter, "
"or template, the Activities, ActivityQualifiers and "
"QualifierFormats, are mutually indexed. Also note that "
"Subject and Target references MUST be supplied. \n"
"\n"
"The successful completion of the method SHALL create any "
"necessary AuthorizedSubject, AuthorizedTarget, "
"AuthorizedPrivilege, HostedDependency, and "
"ConcreteDependency instances." ),
ValueMap { "0", "1", "2", "3", "4", "5", "6..15999", "16000",
"16001", "16002", "16003", "16004", "16005..31999",
"32000..65535" },
Values { "Success", "Not Supported", "Unspecified Error",
"Timeout", "Failed", "Invalid Parameter", "DMTF Reserved",
"Unsupported Subject", "Unsupported Privilege",
"Unsupported Target", "Authorization Error",
"NULL not supported", "Method Reserved", "Vendor Specific" }]
uint32 AssignAccess(
[Required, IN, Description (
"The Subject parameter is a reference to a "
"ManagedElement instance. This parameter MUST be "
"supplied." )]
CIM_ManagedElement REF Subject,
[IN, Description (
"MUST be NULL unless Privilege is NULL on input. "
"The PrivilegeGranted flag indicates whether the "
"rights defined by the parameters in this call "
"should be granted or denied to the named "
"Subject/Target pair." ),
ModelCorrespondence {
"CIM_AuthorizedPrivilege.PrivilegeGranted",
"CIM_PrivilegeManagementService.AssignAccess.Privilege" }]
boolean PrivilegeGranted,
[IN, Description (
"MUST be NULL unless the Privilege is NULL on "
"input. This parameter specifies the activities to "
"be granted or denied." ),
ValueMap { "1", "2", "3", "4", "5", "6", "7", "..",
"16000..65535" },
Values { "Other", "Create", "Delete", "Detect", "Read",
"Write", "Execute", "DMTF Reserved",
"Vendor Reserved" },
ArrayType ( "Indexed" ),
ModelCorrespondence {
"CIM_AuthorizedPrivilege.Activities",
"CIM_PrivilegeManagementService.AssignAccess.Privilege" }]
uint16 Activities[],
[IN, Description (
"MUST be NULL unless Privilege is NULL on input. "
"This parameter defines the activity qualifiers for "
"the Activities to be granted or denied." ),
ArrayType ( "Indexed" ),
ModelCorrespondence {
"CIM_AuthorizedPrivilege.ActivityQualifers",
"CIM_PrivilegeManagementService.AssignAccess.Privilege" }]
string ActivityQualifiers[],
[IN, Description (
"MUST be NULL unless Privilege is NULL on input. "
"This parameter defines the qualifier formats for "
"the corresponding ActivityQualifiers." ),
ValueMap { "2", "3", "4", "5", "6", "7", "8", "9",
"10..15999", "16000..65535" },
Values { "Class Name", "<Class.>Property",
"<Class.>Method", "Object Reference", "Namespace",
"URL", "Directory/File Name",
"Command Line Instruction", "DMTF Reserved",
"Vendor Reserved" },
ArrayType ( "Indexed" ),
ModelCorrespondence {
"CIM_AuthorizedPrivilege.QualifierFormats",
"CIM_PrivilegeManagementService.AssignAccess.Privilege" }]
uint16 QualifierFormats[],
[Required, IN, Description (
"The Target parameter is a reference to an instance "
"of ManagedElement. This parameter MUST be "
"supplied." )]
CIM_ManagedElement REF Target,
[IN, OUT, Description (
"On input, this reference MUST be either NULL or "
"refer to an instance of AuthorizedPrivilege that "
"is used as a template. The rights granted by "
"corresponding entries in the Activities, "
"ActivityQualifiers and QualifierFormats array "
"properties are applied incrementally and do not "
"affect unnamed rights. If the property, "
"PrivilegeGranted, is false, then the named rights "
"are removed. If PrivilegeGranted is True, then the "
"named rights are added. (Note that the "
"RemoveAccess method SHOULD be used to completely "
"remove all privileges between a subject and a "
"target. On output, this property references an "
"AuthorizedPrivilege instance that represents the "
"resulting rights between the named Subject and the "
"named Target. AuthorizedPrivilege instances used "
"as a templates in this property SHOULD have a "
"HostedDependency association to the "
"PriviligeManagementService and SHOULD NOT have any "
"AuthorizedTarget or AuthorizedSubject associations "
"to it." )]
CIM_AuthorizedPrivilege REF Privilege);
[Description (
"This method revokes a specific AuthorizedPrivilege or "
"all privileges for a particular target, subject, or "
"subject/target pair. If an AuthorizedPrivilege instance "
"is left with no AuthorizedTarget associations, it SHOULD "
"be deleted. The successful completion of the method "
"SHALL remove the directly or indirectly requested "
"AuthorizedSubject, AuthorizedTarget and "
"AuthorizedPrivilege instances." ),
ValueMap { "0", "1", "2", "3", "4", "5", "6..15999", "16000",
"16001", "16002", "16003", "16004..32767", "32768..65535" },
Values { "Success", "Not Supported", "Unspecified Error",
"Timeout", "Failed", "Invalid Parameter", "DMTF Reserved",
"Unsupported Privilege", "Unsupported Target",
"Authorization Error", "Null parameter not supported",
"Method Reserved", "Vendor Specific" }]
uint32 RemoveAccess(
[IN, Description (
"The Subject parameter is a reference to a "
"ManagedElement instance (associated via "
"AuthorizedSubject) for which privileges are to be "
"revoked." )]
CIM_ManagedElement REF Subject,
[IN, Description (
"A reference to the AuthorizedPrivilege to be revoked."
)]
CIM_AuthorizedPrivilege REF Privilege,
[IN, Description (
"The Target parameter is a reference to a "
"ManagedElement (associated via AuthorizedTarget) "
"which will no longer be protected via the "
"AuthorizedPrivilege." )]
CIM_ManagedElement REF Target);
[Description (
"ShowAccess reports the Privileges (i.e., rights) granted "
"to a particular Subject and/or Target pair. Either a "
"Subject, a Target or both MUST be specified. In the case "
"where only one is specified, the method will return all "
"rights to all Targets for the specified Subject, or all "
"rights for all subjects which apply to the specified "
"Target. \n"
"\n"
"ShowAccess returns the cumulative rights granted between "
"the OutSubjects and OutTargets at the same array index "
"(filtered to return the information that the requestor "
"is authorized to view). If a specific array entry is "
"NULL, then there exist NO rights that the requestor is "
"authorized to view between the Subject/Target pair. \n"
"\n"
"Note that the Privileges returned by this method MAY NOT "
"correspond to what is actually instantiated in the "
"model, and MAY be optimized for ease of reporting. "
"Hence, the data is passed \'by value\', as embedded "
"objects. Also, note that multiple Privileges MAY be "
"defined for a given Subject/Target pair. \n"
"\n"
"Other mechanisms MAY also be used to retrieve this "
"information. CIM Operations\' EnumerateInstances MAY be "
"used to return all Privileges currently instantiated "
"within a namespace. Also, if the AuthorizedPrivilege "
"subclass is instantiated, the CIM Operation Associators "
"MAY be used to navigate from the Privilege to "
"AuthorizedSubjects and AuthorizedTargets. These CIM "
"Operations will not generally provide the functionality "
"or optimizations available with ShowAccess." ),
ValueMap { "0", "1", "2", "3", "4", "5", "..", "16000",
"16002", "16003", "16004", "16005..31999", "32000..65535" },
Values { "Success", "Not Supported", "Unknown", "Timeout",
"Failed", "Invalid Parameter", "DMTF Reserved",
"Unsupported Subject", "Unsupported Target",
"Authorization Error", "NULL not supported",
"Method Reserved", "Vendor Specific" }]
uint32 ShowAccess(
[IN, Description (
"The Subject parameter references an instance of "
"ManagedElement. The result of this operation is "
"that the cumulative rights of the Subject to "
"access or define authorization rights for the "
"Target will be reported. If no Subject is "
"specified, then a Target MUST be supplied and ALL "
"Subjects that have rights to access or define "
"authorizations for the Target will be reported. "
"(It should be noted that the information reported "
"MUST be filtered by the rights of the requestor to "
"view that data.) If the Subject element is a "
"Collection, then the operation will specifically "
"report the Privileges for all elements associated "
"to the Collection via MemberOfCollection. These "
"elements will be reported individually in the "
"returned OutSubjects array." ),
ModelCorrespondence {
"CIM_PrivilegeManagementService.ShowAccess.Target" }]
CIM_ManagedElement REF Subject,
[IN, Description (
"The Target parameter references an instance of "
"ManagedElement. The result of this operation is "
"that the cumulative rights of the Subject to "
"access or define authorization rights for the "
"Target will be reported. If no Target is "
"specified, then a Subject MUST be supplied and ALL "
"Targets for which that the Subject has rights to "
"access or define authorization will be reported. "
"(It should be noted that the information reported "
"MUST be filtered by the rights of the requestor to "
"view that data.) If the Target element is a "
"Collection, then the operation will be applied to "
"all elements associated to the Collection via "
"MemberOfCollection. These elements will be "
"reported individually in the returned OutTargets "
"array." ),
ModelCorrespondence {
"CIM_PrivilegeManagementService.ShowAccess.Subject" }]
CIM_ManagedElement REF Target,
[IN ( false ), OUT, Description (
"The array of Subject REFs corresponding to the "
"individual Privileges and OutTargets arrays. The "
"resulting OutSubjects, Privileges and OutTargets "
"arrays define the cumulative rights granted "
"between the Subject/Target at the corresponding "
"index (filtered to return the information that the "
"requestor is authorized to view)." ),
ArrayType ( "Indexed" ),
ModelCorrespondence {
"CIM_PrivilegeManagementService.ShowAccess.Subject",
"CIM_PrivilegeManagementService.ShowAccess.Privileges",
"CIM_PrivilegeManagementService.ShowAccess.OutTargets" }]
CIM_ManagedElement REF OutSubjects[],
[IN ( false ), OUT, Description (
"The array of Target REFs corresponding to the "
"individual Privileges and OutSubjects arrays. The "
"resulting OutSubjects, Privileges and OutTargets "
"arrays define the cumulative rights granted "
"between the Subject/Target at the corresponding "
"index (filtered to return the information that the "
"requestor is authorized to view)." ),
ArrayType ( "Indexed" ),
ModelCorrespondence {
"CIM_PrivilegeManagementService.ShowAccess.Target",
"CIM_PrivilegeManagementService.ShowAccess.Privileges",
"CIM_PrivilegeManagementService.ShowAccess.OutSubjects" }]
CIM_ManagedElement REF OutTargets[],
[IN ( false ), OUT, Description (
"The returned Privilege objects represent the "
"cumulative rights granted between the OutSubjects "
"and OutTargets at the same array index (filtered "
"to return the information that the requestor is "
"authorized to view). If a specific array entry is "
"NULL, then there exist NO rights that the "
"requestor is authorized to view between the "
"Subject/Target pair." ),
EmbeddedObject, ArrayType ( "Indexed" ),
ModelCorrespondence {
"CIM_PrivilegeManagementService.ShowAccess.OutTargets",
"CIM_PrivilegeManagementService.ShowAccess.OutSubjects" }]
string Privileges[]);
};
| No CVS admin address has been configured |
Powered by ViewCVS 0.9.2 |