1 files changed, 0 insertions, 190 deletions
diff --git a/upstream/odl-aaa-moon/aaa/aaa-authz/aaa-authz-model/src/main/yang/authorization-schema.yang b/upstream/odl-aaa-moon/aaa/aaa-authz/aaa-authz-model/src/main/yang/authorization-schema.yang
deleted file mode 100644
index 2e0cf9cb..00000000
--- a/upstream/odl-aaa-moon/aaa/aaa-authz/aaa-authz-model/src/main/yang/authorization-schema.yang
+++ /dev/null
@@ -1,190 +0,0 @@
-module authorization-schema {
-  yang-version 1;
-  namespace "urn:aaa:yang:authz:ds";
-  prefix "authz";
-  organization "TBD";
-
-  contact "wdec@cisco.com";
-
-  revision 2014-07-22 {
-    description
-      "Initial revision.";
-  }
-
-  //Main module begins
-
-  //TODO: Refactor service type as URI
-
-  //Define the servicetype; Service is used to identify the requestors' name, which would correspond to an ODL component eg Restconf. Possibly
-  //the naming will derive from the OSGi bundle name of the AuthZ requesting party.
-
-  typedef service-type {
-    type string;
-  }
-
-  //Resource denotes the actual resource that is the subject of the AuthZ request.
-
-  typedef resource-type {
-    type string;
-    default "*";
-
-    //Examples of resources:
-    //Data : /operational/opendaylight-inventory:nodes/node/openflow:1/node-connector/openflow:1:1
-    //Wildcarded data: /operational/opendaylight-inventory:nodes/node/*/node-connector/*
-    //RPC: /operations/example-ops:reboot
-    //Wildcarded RPC: /operations/example-ops:*
-    //Notification: /notifications/example-ops:startup
-  }
-
-  //Role denotes the normalized role that is attributed to the AuthZ requestor, eg "admin"
-
-  typedef role-type {
-    type string;
-  }
-
-  //Domain denotes the customer domain that is the attributed of the AuthZ requestor, eg cisco.com
-
-  typedef domain-type {
-    type string;
-  }
-
-  //Action denotes the requested AuthZ action on the resource
-  //TODO: Refactor as identities to allow for augmentation.
-
-  typedef action-type {
-    type enumeration {
-      enum put;
-      enum commit;
-      enum exists;
-      enum getIdentifier;
-      enum read;
-      enum cancel;
-      enum submit;
-      enum delete;
-      enum merge;
-      enum any;
-    }
-    default "any";
-  }
-
-  typedef authorization-response-type {
-    type enumeration {
-        enum not-authorized { value 0; }
-        enum authorized { value 1; }
-    }
-  }
-
-  typedef authorization-duration-type {
-    type uint32;
-  }
-
-  // Following grouping is the core AuthZ policy permissions data-structure, dual keyed by service and action.
-  // Permissions will be set-up per application. NOTE: Group and role can be equivalent. do we need both?
-
-  grouping authorization-grp {
-    list policies {
-      key "service";
-      leaf service {
-        type service-type;
-      }
-      leaf action {
-        type action-type;
-      }
-      leaf resource {
-        type resource-type;
-        mandatory true;
-      }
-      leaf role {
-        type role-type;
-        mandatory true;
-      }
-      leaf authorization {
-        type authorization-response-type;
-      }
-    }
-  }
-
-  // Following container provides the simple, non-domain specific AuthZ policy data-structure, dual keyed by service and action.
-
-  container simple-authorization {
-    uses authorization-grp;
-  }
-
-  // Following container provides the domain AuthZ policy data-structure. Each Policy is extended with a authz-domain-chain,
-  // which contains a prioritized list of the leafrefs to additional domain policies that also apply to this domain.
-  // The construct allows the chaining of policies like foo.com -> customer.sp.com -> customer.carrier.com.
-
-
-  container domain-authorization {
-    list domains {
-      key "domain-name";
-      leaf domain-name {
-        type domain-type;
-      }
-      uses authorization-grp;
-      list authz-domain-chain {
-        key "priority";
-        leaf priority {
-        type uint32;
-      }
-      leaf domain-name {
-        type leafref  {
-          path "/additional-domain-authz/domains/domain-name";
-        }
-      }
-    }
-  }
-}
-
-container additional-domain-authz {
-  list domains {
-    key "domain-name";
-    leaf domain-name {
-      type domain-type;
-       }
-      uses authorization-grp;
-     }
-  }
-
-
-
-  /* The following is the AuthZ RPC definition */
-
-  rpc req-authorization {
-    description
-      "Check Authorization for a given combination of action and role.
-      A not-authorized  will be returned if unsuccessful.";
-
-    input {
-      leaf domain-name {
-        type domain-type;
-      }
-      leaf service {
-        type service-type;
-      }
-      leaf action {
-        type action-type;
-        mandatory true;
-      }
-
-      leaf resource {
-        type resource-type;
-        mandatory true;
-      }
-      leaf role {
-        type role-type;
-        mandatory true;
-      }
-
-    }
-
-    output {
-
-      leaf authorization-response {
-        type authorization-response-type;
-        mandatory true;
-      }
-
-    }
-  }
-}