187 lines
7.3 KiB
XML
187 lines
7.3 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<Roles>
|
|
|
|
<Role name="User">
|
|
|
|
<Privilege name="li.strolch.service.api.Service" policy="DefaultPrivilege">
|
|
<Allow>li.strolch.bookshop.service.CreateBookService</Allow>
|
|
<Allow>li.strolch.bookshop.service.UpdateBookService</Allow>
|
|
<Allow>li.strolch.bookshop.service.RemoveBookService</Allow>
|
|
</Privilege>
|
|
|
|
<Privilege name="li.strolch.search.StrolchSearch" policy="DefaultPrivilege">
|
|
<Allow>internal</Allow>
|
|
<Allow>li.strolch.bookshop.search.BookSearch</Allow>
|
|
</Privilege>
|
|
|
|
<Privilege name="GetResource" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="GetOrder" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="GetActivity" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="AddResource" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="AddOrder" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="AddActivity" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="UpdateResource" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="UpdateOrder" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="UpdateActivity" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="RemoveResource" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="RemoveOrder" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="RemoveActivity" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
</Role>
|
|
|
|
<Role name="UserPrivileges">
|
|
<Privilege name="PrivilegeSetUserLocale" policy="UserAccessPrivilege"/>
|
|
<Privilege name="PrivilegeSetUserPassword" policy="UserAccessPrivilege"/>
|
|
</Role>
|
|
|
|
<!--
|
|
Internal
|
|
-->
|
|
<Role name="StrolchAdmin">
|
|
<Privilege name="li.strolch.service.api.Service" policy="DefaultPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
|
|
<Privilege name="li.strolch.search.StrolchSearch" policy="DefaultPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
|
|
<Privilege name="GetResource" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="GetOrder" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="GetActivity" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="AddResource" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="AddOrder" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="AddActivity" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="UpdateResource" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="UpdateOrder" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="UpdateActivity" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="RemoveResource" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="RemoveOrder" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="RemoveActivity" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
|
|
<Privilege name="PrivilegeAddUser" policy="UserAccessPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="PrivilegeSetUserPassword" policy="UserAccessPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
</Role>
|
|
|
|
<Role name="agent">
|
|
<Privilege name="li.strolch.privilege.handler.SystemAction" policy="DefaultPrivilege">
|
|
<Allow>li.strolch.runtime.privilege.StrolchSystemAction</Allow>
|
|
<Allow>li.strolch.runtime.privilege.StrolchSystemActionWithResult</Allow>
|
|
<Allow>li.strolch.persistence.postgresql.PostgreSqlSchemaInitializer</Allow>
|
|
</Privilege>
|
|
<Privilege name="li.strolch.service.api.Service" policy="DefaultPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
|
|
<Privilege name="GetResource" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="GetOrder" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="GetActivity" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="AddResource" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="AddOrder" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="AddActivity" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="UpdateResource" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="UpdateOrder" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="UpdateActivity" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="RemoveResource" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="RemoveOrder" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="RemoveActivity" policy="ModelPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
|
|
<Privilege name="li.strolch.model.query.StrolchQuery" policy="DefaultPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="li.strolch.search.StrolchSearch" policy="DefaultPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="PrivilegeAction" policy="DefaultPrivilege">
|
|
<Allow>Persist</Allow>
|
|
<Allow>PersistSessions</Allow>
|
|
<Allow>GetCertificates</Allow>
|
|
</Privilege>
|
|
<Privilege name="PrivilegeAddUser" policy="UserAccessPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="PrivilegeModifyUser" policy="UserAccessPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
<Privilege name="PrivilegeGetUser" policy="UserAccessPrivilege">
|
|
<AllAllowed>true</AllAllowed>
|
|
</Privilege>
|
|
</Role>
|
|
|
|
</Roles>
|