aboutsummaryrefslogtreecommitdiffstats
path: root/moon_orchestrator/conf/policies/policy_root
diff options
context:
space:
mode:
Diffstat (limited to 'moon_orchestrator/conf/policies/policy_root')
-rw-r--r--moon_orchestrator/conf/policies/policy_root/assignment.json39
-rw-r--r--moon_orchestrator/conf/policies/policy_root/metadata.json19
-rw-r--r--moon_orchestrator/conf/policies/policy_root/metarule.json12
-rw-r--r--moon_orchestrator/conf/policies/policy_root/perimeter.json31
-rw-r--r--moon_orchestrator/conf/policies/policy_root/rule.json44
-rw-r--r--moon_orchestrator/conf/policies/policy_root/scope.json39
6 files changed, 0 insertions, 184 deletions
diff --git a/moon_orchestrator/conf/policies/policy_root/assignment.json b/moon_orchestrator/conf/policies/policy_root/assignment.json
deleted file mode 100644
index e849ae13..00000000
--- a/moon_orchestrator/conf/policies/policy_root/assignment.json
+++ /dev/null
@@ -1,39 +0,0 @@
-{
- "subject_assignments": {
- "role": {
- "admin": ["root_role"]
- }
- },
-
- "action_assignments": {
- "action_id": {
- "read": ["read"],
- "write": ["write"]
- }
- },
-
- "object_assignments": {
- "object_id": {
- "templates": ["templates"],
- "sub_meta_rule_algorithms": ["sub_meta_rule_algorithms"],
- "aggregation_algorithms": ["aggregation_algorithms"],
- "tenants": ["tenants"],
- "intra_extensions": ["intra_extensions"],
- "admin.subjects": ["admin.subjects"],
- "admin.objects": ["admin.objects"],
- "admin.actions": ["admin.actions"],
- "admin.subject_categories": ["admin.subject_categories"],
- "admin.object_categories": ["admin.object_categories"],
- "admin.action_categories": ["admin.action_categories"],
- "admin.subject_category_scopes": ["admin.subject_category_scopes"],
- "admin.object_category_scopes": ["admin.object_category_scopes"],
- "admin.action_category_scopes": ["admin.action_category_scopes"],
- "admin.subject_assignments": ["admin.subject_assignments"],
- "admin.object_assignments": ["admin.object_assignments"],
- "admin.action_assignments": ["admin.action_assignments"],
- "admin.aggregation_algorithm": ["admin.aggregation_algorithm"],
- "admin.sub_meta_rules": ["admin.sub_meta_rules"],
- "admin.rules": ["admin.rules"]
- }
- }
-}
diff --git a/moon_orchestrator/conf/policies/policy_root/metadata.json b/moon_orchestrator/conf/policies/policy_root/metadata.json
deleted file mode 100644
index 9dd7a928..00000000
--- a/moon_orchestrator/conf/policies/policy_root/metadata.json
+++ /dev/null
@@ -1,19 +0,0 @@
-{
- "name": "Root Policy",
- "model": "RBAC",
- "genre": "admin",
- "description": "root extension",
- "pdp_pipeline": ["authz:rbac_rule"],
-
- "subject_categories": [
- "role"
- ],
-
- "action_categories": [
- "action_id"
- ],
-
- "object_categories": [
- "object_id"
- ]
-}
diff --git a/moon_orchestrator/conf/policies/policy_root/metarule.json b/moon_orchestrator/conf/policies/policy_root/metarule.json
deleted file mode 100644
index 86dbfad2..00000000
--- a/moon_orchestrator/conf/policies/policy_root/metarule.json
+++ /dev/null
@@ -1,12 +0,0 @@
-{
- "sub_meta_rules": {
- "rbac_rule": {
- "subject_categories": ["role"],
- "action_categories": ["action_id"],
- "object_categories": ["object_id"],
- "algorithm": "inclusion"
- }
- },
- "aggregation": "all_true"
-}
-
diff --git a/moon_orchestrator/conf/policies/policy_root/perimeter.json b/moon_orchestrator/conf/policies/policy_root/perimeter.json
deleted file mode 100644
index 788a27f2..00000000
--- a/moon_orchestrator/conf/policies/policy_root/perimeter.json
+++ /dev/null
@@ -1,31 +0,0 @@
-{
- "subjects": [
- "admin"
- ],
- "actions": [
- "read",
- "write"
- ],
- "objects": [
- "templates",
- "aggregation_algorithms",
- "sub_meta_rule_algorithms",
- "tenants",
- "intra_extensions",
- "admin.subjects",
- "admin.objects",
- "admin.actions",
- "admin.subject_categories",
- "admin.object_categories",
- "admin.action_categories",
- "admin.subject_category_scopes",
- "admin.object_category_scopes",
- "admin.action_category_scopes",
- "admin.subject_assignments",
- "admin.object_assignments",
- "admin.action_assignments",
- "admin.aggregation_algorithm",
- "admin.sub_meta_rules",
- "admin.rules"
- ]
-}
diff --git a/moon_orchestrator/conf/policies/policy_root/rule.json b/moon_orchestrator/conf/policies/policy_root/rule.json
deleted file mode 100644
index 9bbd5e4c..00000000
--- a/moon_orchestrator/conf/policies/policy_root/rule.json
+++ /dev/null
@@ -1,44 +0,0 @@
-{
- "rbac_rule":[
- ["root_role" , "read", "templates"],
- ["root_role" , "read", "aggregation_algorithms"],
- ["root_role" , "read", "sub_meta_rule_algorithms"],
- ["root_role" , "read", "tenants"],
- ["root_role" , "read", "intra_extensions"],
- ["root_role" , "write", "templates"],
- ["root_role" , "write", "aggregation_algorithms"],
- ["root_role" , "write", "sub_meta_rule_algorithms"],
- ["root_role" , "write", "tenants"],
- ["root_role" , "write", "intra_extensions"],
- ["root_role" , "read", "admin.subjects"],
- ["root_role" , "read", "admin.objects"],
- ["root_role" , "read", "admin.actions"],
- ["root_role" , "read", "admin.subject_categories"],
- ["root_role" , "read", "admin.object_categories"],
- ["root_role" , "read", "admin.action_categories"],
- ["root_role" , "read", "admin.subject_category_scopes"],
- ["root_role" , "read", "admin.object_category_scopes"],
- ["root_role" , "read", "admin.action_category_scopes"],
- ["root_role" , "read", "admin.subject_assignments"],
- ["root_role" , "read", "admin.object_assignments"],
- ["root_role" , "read", "admin.action_assignments"],
- ["root_role" , "read", "admin.aggregation_algorithm"],
- ["root_role" , "read", "admin.sub_meta_rules"],
- ["root_role" , "read", "admin.rules"],
- ["root_role" , "write", "admin.subjects"],
- ["root_role" , "write", "admin.objects"],
- ["root_role" , "write", "admin.actions"],
- ["root_role" , "write", "admin.subject_categories"],
- ["root_role" , "write", "admin.object_categories"],
- ["root_role" , "write", "admin.action_categories"],
- ["root_role" , "write", "admin.subject_category_scopes"],
- ["root_role" , "write", "admin.object_category_scopes"],
- ["root_role" , "write", "admin.action_category_scopes"],
- ["root_role" , "write", "admin.subject_assignments"],
- ["root_role" , "write", "admin.object_assignments"],
- ["root_role" , "write", "admin.action_assignments"],
- ["root_role" , "write", "admin.aggregation_algorithm"],
- ["root_role" , "write", "admin.sub_meta_rules"],
- ["root_role" , "write", "admin.rules"]
- ]
-}
diff --git a/moon_orchestrator/conf/policies/policy_root/scope.json b/moon_orchestrator/conf/policies/policy_root/scope.json
deleted file mode 100644
index 43f9ced8..00000000
--- a/moon_orchestrator/conf/policies/policy_root/scope.json
+++ /dev/null
@@ -1,39 +0,0 @@
-{
- "subject_scopes": {
- "role": [
- "root_role"
- ]
- },
-
- "action_scopes": {
- "action_id": [
- "read",
- "write"
- ]
- },
-
- "object_scopes": {
- "object_id": [
- "templates",
- "aggregation_algorithms",
- "sub_meta_rule_algorithms",
- "tenants",
- "intra_extensions",
- "admin.subjects",
- "admin.objects",
- "admin.actions",
- "admin.subject_categories",
- "admin.object_categories",
- "admin.action_categories",
- "admin.subject_category_scopes",
- "admin.object_category_scopes",
- "admin.action_category_scopes",
- "admin.subject_assignments",
- "admin.object_assignments",
- "admin.action_assignments",
- "admin.aggregation_algorithm",
- "admin.sub_meta_rules",
- "admin.rules"
- ]
- }
-}