2 // Copyright (c) 2016 AT&T Intellectual Property. All rights reserved.
4 // For Developer Machine single instance
7 WITH REPLICATION = {'class' : 'SimpleStrategy','replication_factor':1};
12 // CORE Table function
15 // Namespace - establish hierarchical authority to modify
16 // Permissions and Roles
17 // "scope" is flag to determine Policy. Typical important scope
21 scope int, // deprecated 2.0.11
27 CREATE INDEX ns_parent on ns(parent);
30 CREATE TABLE ns_attrib (
36 create index ns_attrib_key on ns_attrib(key);
42 perms set<varchar>, // Use "Key" of "name|type|action"
46 CREATE INDEX role_name ON role(name);
54 roles set<varchar>, // Need to find Roles given Permissions
56 PRIMARY KEY (ns,type,instance,action)
59 // This table is user for Authorization
60 CREATE TABLE user_role (
62 role varchar, // deprecated: change to ns/rname after 2.0.11
66 PRIMARY KEY(user,role)
68 CREATE INDEX user_role_ns ON user_role(ns);
69 CREATE INDEX user_role_role ON user_role(role);
71 // This table is only for the case where return User Credential (MechID) Authentication
81 PRIMARY KEY (id,type,expires)
83 CREATE INDEX cred_ns ON cred(ns);
85 // Certificate Cross Table
86 // coordinated with CRED type 2
92 PRIMARY KEY (fingerprint)
94 CREATE INDEX cert_id ON cert(id);
95 CREATE INDEX cert_x500 ON cert(x500);
102 PRIMARY KEY (user,type)
111 PRIMARY KEY (ca,serial)
115 CREATE INDEX x509_id ON x509 (id);
116 CREATE INDEX x509_x500 ON x509 (x500);
119 // Deployment Artifact (for Certman)
121 CREATE TABLE artifact (
133 PRIMARY KEY (mechid,machine)
135 CREATE INDEX artifact_machine ON artifact(machine);
138 // Non-Critical Table functions
140 // Table Info - for Caching
143 seg int, // cache Segment
145 PRIMARY KEY(name,seg)
148 CREATE TABLE history (
153 target varchar, // user, user_role,
154 subject varchar, // field for searching main portion of target key
155 memo varchar, //description of the action
156 reconstruct blob, //serialized form of the target
157 // detail Map<varchar, varchar>, // additional information
160 CREATE INDEX history_yr_mon ON history(yr_mon);
161 CREATE INDEX history_user ON history(user);
162 CREATE INDEX history_subject ON history(subject);
165 // A place to hold objects to be created at a future time.
167 CREATE TABLE future (
169 target varchar, // Target Table
170 memo varchar, // Description
171 start timestamp, // When it should take effect
172 expires timestamp, // When not longer valid
173 construct blob, // How to construct this object (like History)
176 CREATE INDEX future_idx ON future(target);
177 CREATE INDEX future_start_idx ON future(start);
180 CREATE TABLE approval (
181 id timeuuid, // unique Key
182 ticket uuid, // Link to Future Record
183 user varchar, // the user who needs to be approved
184 approver varchar, // user approving
185 type varchar, // approver types i.e. Supervisor, Owner
186 status varchar, // approval status. pending, approved, denied
187 memo varchar, // Text for Approval to know what's going on
188 operation varchar, // List operation to perform
191 CREATE INDEX appr_approver_idx ON approval(approver);
192 CREATE INDEX appr_user_idx ON approval(user);
193 CREATE INDEX appr_ticket_idx ON approval(ticket);
194 CREATE INDEX appr_status_idx ON approval(status);
196 CREATE TABLE delegate (
202 CREATE INDEX delg_delg_idx ON delegate(delegate);
205 // Used by authz-batch processes to ensure only 1 runs at a time
207 CREATE TABLE run_lock (
211 PRIMARY KEY ((class))