You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@airavata.apache.org by sc...@apache.org on 2015/09/05 09:05:53 UTC
[05/16] airavata git commit: changing the default xacml policy role names

changing the default xacml policy role names


Project: http://git-wip-us.apache.org/repos/asf/airavata/repo
Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/99c07d71
Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/99c07d71
Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/99c07d71

Branch: refs/heads/master
Commit: 99c07d718bf89c8e9eca7deffdaa65c66a5b0c8c
Parents: e1356b7
Author: Supun Nakandala <sc...@apache.org>
Authored: Fri Sep 4 15:18:58 2015 +0530
Committer: Supun Nakandala <sc...@apache.org>
Committed: Sat Sep 5 12:24:22 2015 +0530

----------------------------------------------------------------------
 .../src/main/resources/airavata-default-xacml-policy.xml       | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/airavata/blob/99c07d71/modules/configuration/server/src/main/resources/airavata-default-xacml-policy.xml
----------------------------------------------------------------------
diff --git a/modules/configuration/server/src/main/resources/airavata-default-xacml-policy.xml b/modules/configuration/server/src/main/resources/airavata-default-xacml-policy.xml
index 90b1432..0801360 100644
--- a/modules/configuration/server/src/main/resources/airavata-default-xacml-policy.xml
+++ b/modules/configuration/server/src/main/resources/airavata-default-xacml-policy.xml
@@ -29,6 +29,7 @@
                 <AllOf>
                     <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
                         <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">^(?:(?!
+/airavata/getAPIVersion|
 /airavata/addGateway|
 /airavata/deleteteway|
 /airavata/updateGateway|
@@ -75,7 +76,7 @@
         </Target>
         <Condition>
             <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-is-in">
-                <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">admin_read_only</AttributeValue>
+                <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">admin-read-only</AttributeValue>
                 <AttributeDesignator AttributeId="http://wso2.org/claims/role"
                                      Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"
                                      DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"/>
@@ -88,6 +89,7 @@
                 <AllOf>
                     <Match MatchId="urn:oasis:names:tc:xacml:1.0:function:string-regexp-match">
                         <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">^(?:(?!
+/airavata/getAPIVersion|
 /airavata/addGateway|
 /airavata/getExperimentStatistics|
 /airavata/deleteteway|
@@ -155,7 +157,7 @@
         </Target>
         <Condition>
             <Apply FunctionId="urn:oasis:names:tc:xacml:1.0:function:string-is-in">
-                <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">Internal/everyone</AttributeValue>
+                <AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">airavata-user</AttributeValue>
                 <AttributeDesignator AttributeId="http://wso2.org/claims/role"
                                      Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"
                                      DataType="http://www.w3.org/2001/XMLSchema#string" MustBePresent="true"/>