inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-31 17:39:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
df262927b6876f45c018f7542c3e564a33dbeaa0
alfresco-community-repo/config/alfresco/model/permissionSchema.dtd
David Caruana 575c970565 Merging BRANCHES/DEV/CMIS_10 to HEAD: 
17717: This check-in contains changes in Java and .NET TCK tests related to CMIS-43  and CMIS-44 JIRA tasks. Also some bugs were faced out and fixed in 
   17727: CMIS-69: Alfresco to CMIS ACL mapping: Part 1: API
   17732: Merge HEAD to DEV/CMIS10
   17756: MOB-563: SQL Tests - Lexer
   17764: CMIS-69: Alfresco to CMIS ACL mapping: get ACL support
   17802: More for CMIS-69: Alfresco to CMIS ACL mapping. Implementation for applyAcl.
   17830: Fixes for CMIS lexer and parser tests
   17838: Access fix ups for access by the WS/Rest layers
   17869: 1) remote-api:
   17874: SAIL-146: Alfresco to CMIS ACL mapping: Support to group ACEs by principal id
   17883: Adjust version properties for dev/cmis10 branch.
   17885: Update OASIS CMIS TC status.
   17889: Fix issue where objectid is not rendered correctly for CMIS private working copies.
   17890: SAIL-146: Alfresco to CMIS ACL mapping: Fixes for ACL merging when reporting and ordering of ACEs. Report full permissions and not unique short names.
   17902: Fix issue where CMIS queries via GET used incorrect defaults for paging.
   17909: Fix CMIS link relations for folder tree.
   17912: Fix CMIS type descendants atompub link
   17922: Update AtomPub binding to CMIS 1.0 CD05 XSDs.
   17924: SAIL-146: Alfresco to CMIS ACL mapping: Test set using full permissions (as opposed to short unique names)
   17927: Fix content stream create/update status to comply with CMIS 1.0 CD05.
   17934: Resolve encoding issues in CMIS AtomPub binding.
   17973: SAIL-171: CMIS Renditions REST binding
   17975: SAIL-146: Alfresco to CMIS ACL mapping: Completed AllowedAction and Permissions mapping. Added missing canDeleteTree.
   17990: Update CMIS AtomPub to CD06
   17996: Updates for cmis.alfresco.com for CD06 in prep for public review 2.
   18007: WS-Bindings were updated with CMIS 1.0 cd06 changes.
   18016: CMIS web services: Add missing generated files from WSDL
   18018: CMIS index page updates for cmis.alfresco.com
   18041: Merged HEAD to DEV/CMIS_10
   18059: SAIL-227:
   18067: SAIL-157: Strict vs Non-Strict Query Language: Enforce restrictions on the use of SCORE() and CONTAINS()
   18080: Fix for SAIL-213:Bug: Query engine does not check that select list properties are valid for selectors
   18131: SAIL-156: Query Language Compliance: Fix support for LIKE, including escaping of '%' and '_' with '\'.
   18132: SAIL-156: Query Language Compliance: Fix support for LIKE, including escaping of '%' and '_' with '\': Fix underlying lucene impl for prefix and fuzzy queries to match wildcard/like
   18143: SAIL-156: Query Language Compliance: Fix and check qualifiers in IN_TREE and IN_FOLDER. Improved scoring for CONTAINS()
   18173: SAIL-245: Exclude thumbnails from normal query results
   18179: SAIL 214: Query Language Compliance: Check for valid object ids in IN_FOLDER and IN_TREE
   18210: SAIL-156:  Query Language Compliance: Support for simple column aliases in predicates/function arguments/embedded FTS. Check property/selector binding in embedded FTS.
   18211: SAIL-156:  Query Language Compliance: Support for simple column aliases in predicates/function arguments/embedded FTS. Check property/selector binding in embedded FTS.
   18215: SAIL 156: Query Language Compliance: Fix CMIS type info to reflect the underlying settings of the Alfresco type for includeInSuperTypeQuery
   18244: SAIL 156: Query Language Compliance: includeInSuperTypeQuery -> includedInSuperTypeQuery: First cut of cmis query test model. Fixed modelSchema.xml to validate
   18255: SAIL 156: Query Language Compliance: First set of tests for predicates using properties mapped to CMIS Strings.
   18261: CMIS-49 SAIL-163: Alfresco to CMIS Change Log mapping - New CMIS Audit mapping is implemented. ChangeLogDataExtractor was added.
   18263: Build Fix
   18285: SAIL 156: Query Language Compliance: Restrictions on predicates that may be used by single-valued and multi-valued properties
   18287: SAIL-186: Changes to make CMIS Rendition REST bindings pass new TCK tests
   18291: Fix Eclipse classpath problems
   18323: CMIS-44 SAIL-187: Change Log tests (WS) – Java and .NET tests for change log were implemented.
   18325: SAIL 156: Query Language Compliance: Fixes and tests for d:mltext mappings
   18329: Updated Chemistry TCK jar including Dave W's rendition tests.
   18333: Fix compile error - spurious imports.
   18334: Fix issue where absurl web script method failed when deployed to root context.
   18339: Update CMIS index page for start of public review 2.
   18387: SAIL-147: CMIS ACL REST bindings + framework fixes
   18392: Fix typo
   18394: SAIL 156: Query Language Compliance: Fixes and tests for d:<numeric>
   18406: SAIL 156: Query Language Compliance: Remaining type/predicate combinations. Restriction of In/Comparisons for ID/Boolean
   18408: CMIS Query language - remove (pointless) multi-valued column from language definition
   18409: Formatting change for CMIS.g
   18410: Formatting change for FTS.g
   18411: CMIS TCK tests were updated to CMIS 1.0 cd06 schemas.
   18412: SAIL 156: Query Language Compliance: Tests and fixes for aliases for all data types in simple predicates (they behave as the direct column reference)
   18417: Update Chemistry TCK which now incorporates Dave W's ACL tests.
   18419: Update CMIS index page to include public review end date.
   18427: SAIL 156: Query Language Compliance: Expose multi-valued properties in queries. Tests for all accessors. Fix content length to be long.
   18435: SAIL 156: Query Language Compliance: Use queryable correctly and fix up model mappings. Add tests for baseTypeId, contentStreamId and path.
   18472: SAIL 156: Query Language Compliance: Tests and fixes for FTS/Contains expressions. Adhere strictly to the spec - no extensions available by default. Improved FTS error reporting (and stop any recovery).
   18477: SAIL-164: CMIS change log REST bindings
   18495: SAIL 156: Query Language Compliance: Tests and fixes for escaping in string literals, LIKE and FTS expressions.
   18537: SAIL 156: Query Language Compliance: Sorting support. Basic sort test for all orderable/indexed CMIS properties.
   18538: SAIL-164: CMIS change log fixes for TCK compliance
   18547: SAIL 156: Query Language Compliance: Ordering tests for all datatypes, including null values. 
   18582: Incorporate latest Chemistry TCK
   18583: Update list of supported CMIS capabilities in index page.
   18606: SAIL-156, SAIL-157, SAIL-158: Query Language Compliance: Respect all query options including locale. Fixes and tests for MLText cross language support.
   18608: SAIL-159: Java / Javascript API access to CMIS Query Language
   18617: SAIL-158: Query Tests: Check policy and relationship types are not queryable.
   18636: SAIL-184: ACL tests (WS) 
   18663: ACL tests were updated in accordance with last requirements by David Caruana.
   18680: Update to CMIS CD07
   18681: Fix CMIS ContentStreamId property when document has no content.
   18700: CMIS: Head merge problem resolution.

Phase 1: Merge up to and including revision 18700, as this the point where both AtomPub and Web Services TCK tests succeed completely on dev branch.

Note: includes CMIS rendition support ready for integration and testing with DM renditions.

git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@18790 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
2010-02-23 17:23:42 +00:00

221 lines
7.3 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!--
The permissions root element
=============================
This contains one or more namespace elements, permissionSets
and global permissions
-->
<!ELEMENT permissions (namespaces+, permissionSet*, globalPermission*)>
<!--
The namespaces element
======================
This contains one or more name space element.
This defines prefixes for uris to be used when identifying types
-->
<!ELEMENT namespaces (namespace+)>
<!--
The namespace element
=====================
uri - the uri for the namespace
prefix - the prefix to use for the uri in type name
-->
<!ELEMENT namespace EMPTY>
<!ATTLIST namespace uri CDATA #REQUIRED>
<!ATTLIST namespace prefix CDATA #REQUIRED>
<!--
The permissionSet element
=========================
This contains permissionGroups, permissions and dynamic authorities
The type attribute identifies to which type or aspect the contained
definitions apply in the prefix:name form
The exposed attribute governs if these permissions are exposed via
getExposedPermissions() on the permission model
all - exposes all permission groups
selected - only the permission groups that say they are
explicitly exposed are exposed
-->
<!ELEMENT permissionSet (permissionGroup*, permission*, dynamicAuthority*)>
<!ATTLIST permissionSet type CDATA #REQUIRED>
<!ATTLIST permissionSet expose (all | selected) "all">
<!--
The permissionGroup element
===========================
A permission group builds a new permisison group
using existing permission groups. These are specified
by the includePermissionGroup element.
name - The simple name of the permission. The full name includes
the type uri from the outer permissionSet
type - If the permission group extends another then this attribute can be used
to specify the type it extends. Normally it would assume this follows
the data dictionary type hierarchy.
extends - does this permission group extend one that already exists?
expose - if the the containing permission set does not expose all permission groups
specify if this particular permission group is exposed or not.
allowFullControl - if true, this permission group effectively grants all permissions
requiresType - does this permissionGroup require the type (as specified on the containing permission set)
to be present. This is useful for permission groups tied to aspects. If false, the permission
group applies to all types - as they could have the aspect. If true, the permission group
only makes sense if the aspect has been applied
-->
<!ELEMENT permissionGroup (includePermissionGroup* )>
<!ATTLIST permissionGroup name CDATA #REQUIRED>
<!ATTLIST permissionGroup type CDATA #IMPLIED>
<!ATTLIST permissionGroup extends (true | false) "false">
<!ATTLIST permissionGroup expose (true | false) "false">
<!ATTLIST permissionGroup allowFullControl (true | false) "false" >
<!ATTLIST permissionGroup requiresType (true | false) "true">
<!--
The includePermissionGroup element
==================================
type - the type on which to find the permission group to include
permissionGroup - the name of the permission group to include as defined on the type
-->
<!ELEMENT includePermissionGroup EMPTY>
<!ATTLIST includePermissionGroup type CDATA #IMPLIED>
<!ATTLIST includePermissionGroup permissionGroup CDATA #REQUIRED>
<!--
The permission element
======================
Define a base permission. The permission groups to which this permission
applies are defined in the grantedToGroup element. Other permissions
which are required or implied by this permission can be defined using
requiredPermission elements.
name - as permissionGroup
expose - as permissionGroup
requiresType - as permissionGroup
-->
<!ELEMENT permission (grantedToGroup*, requiredPermission* )>
<!ATTLIST permission name CDATA #REQUIRED>
<!ATTLIST permission expose (true | false) "false">
<!ATTLIST permission requiresType (true | false) "true">
<!--
The dynamicAuthorities element
==============================
Dynamic authorities are defined in the context of a type but this
information is currently unused.
evaluator - the class path for an implementation of DynamicAuthority
-->
<!ELEMENT dynamicAuthority EMPTY>
<!ATTLIST dynamicAuthority evaluator CDATA #REQUIRED>
<!--
The requiredPermission element
==============================
name - the name of the required permission or permission group
type - the type of the required permission or permission group
on - if required permission must be present on the node, its primary parent, or its children
implies - false - the permission wil be checked
- true - the permission is effectively granted along with this one.
This will normally be false. For example, to require read permission on the
parent to be able to read the node. This requirement would be recursive,
as read on any node woudl require read on the parent of that node.
If true this is the case where this permission allows the user to
take another action as it is required to carry out the first. Normally
you would protect the method call to require both permissions. This
does really grant the other permission. If a permission A is defined that
requires another permission B, with implies true, then granting someone
permission A will also grant permission B. If implies is false, then granting
A will not allow A until permission B is also available.
-->
<!ELEMENT requiredPermission EMPTY>
<!ATTLIST requiredPermission name CDATA #REQUIRED>
<!ATTLIST requiredPermission type CDATA #IMPLIED>
<!ATTLIST requiredPermission on (node | parent | children) #REQUIRED>
<!ATTLIST requiredPermission implies (true | false) "false">
<!--
The grantedToGroup element
==========================
This identifies to a permissionGroup to which a permission is granted
type - the type on which the permissionGroup is defined
permissionGroup - the name of the permission group
-->
<!ELEMENT grantedToGroup EMPTY >
<!ATTLIST grantedToGroup type CDATA #IMPLIED>
<!ATTLIST grantedToGroup permissionGroup CDATA #REQUIRED>
<!--
The globalPermissions element
=============================
A global permission assignment.
authority - the string representation of the authority
permission - the permission that is granted (this can be the simple name if it is unique
or the fully qualified version if not.)
-->
<!ELEMENT globalPermission EMPTY >
<!ATTLIST globalPermission authority CDATA #IMPLIED>
<!ATTLIST globalPermission permission CDATA #REQUIRED>
Reference in New Issue View Git Blame Copy Permalink