ORE Studio 0.0.4
Loading...
Searching...
No Matches
permission.hpp
1/* -*- mode: c++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*-
2 *
3 * Copyright (C) 2025 Marco Craveiro <marco.craveiro@gmail.com>
4 *
5 * This program is free software; you can redistribute it and/or modify it under
6 * the terms of the GNU General Public License as published by the Free Software
7 * Foundation; either version 3 of the License, or (at your option) any later
8 * version.
9 *
10 * This program is distributed in the hope that it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
12 * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
13 * details.
14 *
15 * You should have received a copy of the GNU General Public License along with
16 * this program; if not, write to the Free Software Foundation, Inc., 51
17 * Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 *
19 */
20#ifndef ORES_IAM_DOMAIN_PERMISSION_HPP
21#define ORES_IAM_DOMAIN_PERMISSION_HPP
22
23#include <string>
24#include <boost/uuid/uuid.hpp>
25#include "ores.utility/uuid/tenant_id.hpp"
26
27namespace ores::iam::domain {
28
45struct permission final {
49 utility::uuid::tenant_id tenant_id = utility::uuid::tenant_id::system();
50
54 boost::uuids::uuid id;
55
62 std::string code;
63
67 std::string description;
68};
69
78namespace permissions {
79 // =========================================================================
80 // IAM Component (iam::)
81 // =========================================================================
82
83 // Account management
84 constexpr auto accounts_create = "iam::accounts:create";
85 constexpr auto accounts_read = "iam::accounts:read";
86 constexpr auto accounts_update = "iam::accounts:update";
87 constexpr auto accounts_delete = "iam::accounts:delete";
88 constexpr auto accounts_lock = "iam::accounts:lock";
89 constexpr auto accounts_unlock = "iam::accounts:unlock";
90 constexpr auto accounts_reset_password = "iam::accounts:reset_password";
91
92 // Roles management
93 constexpr auto roles_create = "iam::roles:create";
94 constexpr auto roles_read = "iam::roles:read";
95 constexpr auto roles_update = "iam::roles:update";
96 constexpr auto roles_delete = "iam::roles:delete";
97 constexpr auto roles_assign = "iam::roles:assign";
98 constexpr auto roles_revoke = "iam::roles:revoke";
99
100 // Login info (read-only audit data)
101 constexpr auto login_info_read = "iam::login_info:read";
102
103 // Tenant management
104 constexpr auto tenants_create = "iam::tenants:create";
105 constexpr auto tenants_read = "iam::tenants:read";
106 constexpr auto tenants_update = "iam::tenants:update";
107 constexpr auto tenants_delete = "iam::tenants:delete";
108 constexpr auto tenants_suspend = "iam::tenants:suspend";
109 constexpr auto tenants_terminate = "iam::tenants:terminate";
110 constexpr auto tenants_impersonate = "iam::tenants:impersonate";
111
112 // IAM component wildcard
113 constexpr auto iam_all = "iam::*";
114
115 // =========================================================================
116 // Reference Data Component (refdata::)
117 // =========================================================================
118
119 // Currency management
120 constexpr auto currencies_create = "refdata::currencies:create";
121 constexpr auto currencies_read = "refdata::currencies:read";
122 constexpr auto currencies_update = "refdata::currencies:update";
123 constexpr auto currencies_delete = "refdata::currencies:delete";
124 constexpr auto currencies_history = "refdata::currencies:history";
125
126 // Refdata component wildcard
127 constexpr auto refdata_all = "refdata::*";
128
129 // =========================================================================
130 // Variability Component (variability::)
131 // =========================================================================
132
133 // Feature flags management
134 constexpr auto flags_create = "variability::flags:create";
135 constexpr auto flags_read = "variability::flags:read";
136 constexpr auto flags_update = "variability::flags:update";
137 constexpr auto flags_delete = "variability::flags:delete";
138
139 // Variability component wildcard
140 constexpr auto variability_all = "variability::*";
141
142 // =========================================================================
143 // Data Quality Component (dq::)
144 // =========================================================================
145
146 // Change reasons
147 constexpr auto change_reasons_read = "dq::change_reasons:read";
148 constexpr auto change_reasons_write = "dq::change_reasons:write";
149 constexpr auto change_reasons_delete = "dq::change_reasons:delete";
150
151 // Change reason categories
152 constexpr auto change_reason_categories_read = "dq::change_reason_categories:read";
153 constexpr auto change_reason_categories_write = "dq::change_reason_categories:write";
154 constexpr auto change_reason_categories_delete = "dq::change_reason_categories:delete";
155
156 // Catalogs
157 constexpr auto catalogs_read = "dq::catalogs:read";
158 constexpr auto catalogs_write = "dq::catalogs:write";
159 constexpr auto catalogs_delete = "dq::catalogs:delete";
160
161 // Data domains
162 constexpr auto data_domains_read = "dq::data_domains:read";
163 constexpr auto data_domains_write = "dq::data_domains:write";
164 constexpr auto data_domains_delete = "dq::data_domains:delete";
165
166 // Subject areas
167 constexpr auto subject_areas_read = "dq::subject_areas:read";
168 constexpr auto subject_areas_write = "dq::subject_areas:write";
169 constexpr auto subject_areas_delete = "dq::subject_areas:delete";
170
171 // Datasets
172 constexpr auto datasets_read = "dq::datasets:read";
173 constexpr auto datasets_write = "dq::datasets:write";
174 constexpr auto datasets_delete = "dq::datasets:delete";
175
176 // Methodologies
177 constexpr auto methodologies_read = "dq::methodologies:read";
178 constexpr auto methodologies_write = "dq::methodologies:write";
179 constexpr auto methodologies_delete = "dq::methodologies:delete";
180
181 // Coding schemes
182 constexpr auto coding_schemes_read = "dq::coding_schemes:read";
183 constexpr auto coding_schemes_write = "dq::coding_schemes:write";
184 constexpr auto coding_schemes_delete = "dq::coding_schemes:delete";
185
186 // Coding scheme authority types
187 constexpr auto coding_scheme_authority_types_read = "dq::coding_scheme_authority_types:read";
188 constexpr auto coding_scheme_authority_types_write = "dq::coding_scheme_authority_types:write";
189 constexpr auto coding_scheme_authority_types_delete = "dq::coding_scheme_authority_types:delete";
190
191 // Nature dimensions
192 constexpr auto nature_dimensions_read = "dq::nature_dimensions:read";
193 constexpr auto nature_dimensions_write = "dq::nature_dimensions:write";
194 constexpr auto nature_dimensions_delete = "dq::nature_dimensions:delete";
195
196 // Origin dimensions
197 constexpr auto origin_dimensions_read = "dq::origin_dimensions:read";
198 constexpr auto origin_dimensions_write = "dq::origin_dimensions:write";
199 constexpr auto origin_dimensions_delete = "dq::origin_dimensions:delete";
200
201 // Treatment dimensions
202 constexpr auto treatment_dimensions_read = "dq::treatment_dimensions:read";
203 constexpr auto treatment_dimensions_write = "dq::treatment_dimensions:write";
204 constexpr auto treatment_dimensions_delete = "dq::treatment_dimensions:delete";
205
206 // Dataset bundles
207 constexpr auto dataset_bundles_read = "dq::dataset_bundles:read";
208 constexpr auto dataset_bundles_write = "dq::dataset_bundles:write";
209 constexpr auto dataset_bundles_delete = "dq::dataset_bundles:delete";
210
211 // Dataset bundle members
212 constexpr auto dataset_bundle_members_read = "dq::dataset_bundle_members:read";
213 constexpr auto dataset_bundle_members_write = "dq::dataset_bundle_members:write";
214 constexpr auto dataset_bundle_members_delete = "dq::dataset_bundle_members:delete";
215
216 // Data Quality component wildcard
217 constexpr auto dq_all = "dq::*";
218
219 // =========================================================================
220 // Global Wildcard
221 // =========================================================================
222
223 // Wildcard - grants all permissions
224 constexpr auto all = "*";
225}
226
227}
228
229#endif
ores::iam::domain
Domain types for identity and access management.
Definition account.hpp:29
ores::iam::domain::permissions
Well-known permission codes used throughout the system.
Definition permission.hpp:78
ores::iam::domain::permission
Represents an atomic permission that can be granted to roles.
Definition permission.hpp:45
ores::iam::domain::permission::description
std::string description
Human-readable description of what this permission allows.
Definition permission.hpp:67
ores::iam::domain::permission::code
std::string code
Permission code following the format "component::resource:action".
Definition permission.hpp:62
ores::iam::domain::permission::id
boost::uuids::uuid id
Unique identifier for the permission.
Definition permission.hpp:54
ores::iam::domain::permission::tenant_id
utility::uuid::tenant_id tenant_id
Tenant identifier for multi-tenancy isolation.
Definition permission.hpp:49
ores::utility::uuid::tenant_id
A strongly-typed wrapper around a UUID representing a tenant identifier.
Definition tenant_id.hpp:66
ores::utility::uuid::tenant_id::system
static tenant_id system()
Creates a tenant_id representing the system tenant.
Definition tenant_id.cpp:41
Generated by doxygen 1.9.8