projects / osm / SO.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
update from RIFT as of 696b75d2fe9fb046261b08c616f1bcf6c0b54a9b second try
[osm/SO.git] / models / plugins / yang / nsr.role.xml
diff --git a/models/plugins/yang/nsr.role.xml b/models/plugins/yang/nsr.role.xml
new file mode 100644 (file)
index 0000000..eb14063
--- /dev/null
+++ b/models/plugins/yang/nsr.role.xml
@@ -0,0 +1,74 @@
+<?xml version="1.0" ?>
+<config xmlns="http://riftio.com/ns/riftware-1.0/rw-rbac-role-def">
+  <key-definition>
+    <role>rw-project-mano:nsr-role</role>
+    <key-set>
+      <name>project-name</name>
+      <path>/rw-project:project/rw-project:name</path>
+      <path>/nsr:exec-scale-out/nsr:project-name</path>
+      <path>/nsr:exec-scale-in/nsr:project-name</path>
+      <path>/nsr:exec-ns-service-primitive/nsr:project-name</path>
+      <path>/nsr:get-ns-service-primitive-values/nsr:project-name</path>
+      <path>/nsr:start-network-service/nsr:project-name</path>
+    </key-set>
+  </key-definition>
+
+  <role-definition>
+    <role>rw-project-mano:lcm-oper</role>
+    <keys-role>rw-project-mano:nsr-role</keys-role>
+    <priority>
+      <lower-than>
+        <role>rw-project:project-admin</role>
+      </lower-than>
+    </priority>
+    <authorize>
+      <permissions>read execute</permissions>
+      <path>/rw-project:project/nsr:ns-instance-config</path>
+      <path>/rw-project:project/nsr:ns-instance-opdata</path>
+      <path>/rw-project:project/nsr:key-pair</path>
+    </authorize>
+  </role-definition>
+
+  <role-definition>
+    <role>rw-project-mano:lcm-admin</role>
+    <keys-role>rw-project-mano:nsr-role</keys-role>
+    <priority>
+      <higher-than>
+        <role>rw-project-mano:lcm-oper</role>
+      </higher-than>
+      <higher-than>
+        <role>rw-project-mano:account-oper</role>
+      </higher-than>
+      <higher-than>
+        <role>rw-project-mano:catalog-oper</role>
+      </higher-than>
+      <higher-than>
+        <role>rw-project:project-oper</role>
+      </higher-than>
+
+    </priority>
+
+    <authorize>
+      <permissions>create read update delete execute</permissions>
+      <path>/rw-project:project/nsr:ns-instance-config</path>
+      <path>/rw-project:project/nsr:ns-instance-opdata</path>
+      <path>/rw-project:project/nsr:key-pair</path>
+      <path>/nsr:exec-scale-out</path>
+      <path>/nsr:exec-scale-in</path>
+      <path>/nsr:exec-ns-service-primitive</path>
+      <path>/nsr:get-ns-service-primitive-values</path>
+    </authorize>
+  </role-definition>
+
+  <role-definition>
+    <role>rw-project:project-admin</role>
+    <keys-role>rw-project-mano:nsr-role</keys-role>
+    <authorize>
+      <permissions>create read update delete execute</permissions>
+      <path>/nsr:exec-scale-out</path>
+      <path>/nsr:exec-scale-in</path>
+      <path>/nsr:exec-ns-service-primitive</path>
+      <path>/nsr:get-ns-service-primitive-values</path>
+    </authorize>
+  </role-definition>
+</config>