1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
|
"""
intra_extensions = {
intra_extension_id1: {
name: xxx,
model: yyy,
description: zzz},
intra_extension_id2: {...},
...
}
tenants = {
tenant_id1: {
name: xxx,
description: yyy,
intra_authz_extension_id: zzz,
intra_admin_extension_id: zzz,
},
tenant_id2: {...},
...
}
--------------- for each intra-extension -----------------
subject_categories = {
subject_category_id1: {
name: xxx,
description: yyy},
subject_category_id2: {...},
...
}
subjects = {
subject_id1: {
name: xxx,
description: yyy,
...},
subject_id2: {...},
...
}
subject_scopes = {
subject_category_id1: {
subject_scope_id1: {
name: xxx,
description: aaa},
subject_scope_id2: {
name: yyy,
description: bbb},
...},
subject_scope_id3: {
...}
subject_category_id2: {...},
...
}
subject_assignments = {
subject_id1: {
subject_category_id1: [subject_scope_id1, subject_scope_id2, ...],
subject_category_id2: [subject_scope_id3, subject_scope_id4, ...],
...
},
subject_id2: {
subject_category_id1: [subject_scope_id1, subject_scope_id2, ...],
subject_category_id2: [subject_scope_id3, subject_scope_id4, ...],
...
},
...
}
aggregation_algorithm = {
aggregation_algorithm_id: {
name: xxx,
description: yyy
}
}
sub_meta_rules = {
sub_meta_rule_id_1: {
"name": xxx,
"algorithm": yyy,
"subject_categories": [subject_category_id1, subject_category_id2,...],
"object_categories": [object_category_id1, object_category_id2,...],
"action_categories": [action_category_id1, action_category_id2,...]
sub_meta_rule_id_2: {...},
...
}
rules = {
sub_meta_rule_id1: {
rule_id1: [subject_scope1, subject_scope2, ..., action_scope1, ..., object_scope1, ... ],
rule_id2: [subject_scope3, subject_scope4, ..., action_scope3, ..., object_scope3, ... ],
rule_id3: [thomas, write, admin.subjects]
...},
sub_meta_rule_id2: { },
...}
"""
|
