1 <!-- Used by AAF (ATT inc 2013) -->
3 xmlns:xs="http://www.w3.org/2001/XMLSchema"
4 xmlns:aaf="urn:aaf:v2_0"
5 targetNamespace="urn:aaf:v2_0"
6 elementFormDefault="qualified">
9 June 2, 2017, adding Roles, Perms, etc to NSRequest for Onboarding purposes.
11 Note: jan 22, 2015. Deprecating the "force" element in the "Request" Structure. Do that
18 Note: This Error Structure has been made to conform to the AT&T TSS Policies
20 <xs:element name="error">
24 Unique message identifier of the format ‘ABCnnnn’ where ‘ABC’ is
25 either ‘SVC’ for Service Exceptions or ‘POL’ for Policy Exception.
26 Exception numbers may be in the range of 0001 to 9999 where :
27 * 0001 to 0199 are reserved for common exception messages
28 * 0200 to 0999 are reserved for Parlay Web Services specification use
29 * 1000-9999 are available for exceptions
31 <xs:element name="messageId" type="xs:string" minOccurs="1" maxOccurs="1"/>
34 Message text, with replacement
35 variables marked with %n, where n is
36 an index into the list of <variables>
37 elements, starting at 1
39 <xs:element name="text" type="xs:string" minOccurs="1" maxOccurs="1"/>
42 List of zero or more strings that
43 represent the contents of the variables
44 used by the message text. -->
45 <xs:element name="variables" type="xs:string" minOccurs="0" maxOccurs="unbounded" />
53 <xs:complexType name="Request">
55 <xs:element name="start" type="xs:dateTime" minOccurs="1" maxOccurs="1" />
56 <xs:element name="end" type="xs:dateTime" minOccurs="1" maxOccurs="1"/>
57 <!-- Deprecated. Use Query Command
58 <xs:element name="force" type="xs:string" minOccurs="1" maxOccurs="1" default="false"/>
66 <xs:element name="keys">
69 <xs:element name="key" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
78 <xs:complexType name = "pkey">
80 <xs:element name="type" type="xs:string"/>
81 <xs:element name="instance" type="xs:string"/>
82 <xs:element name="action" type="xs:string"/>
86 <xs:element name="permKey">
89 <xs:extension base="aaf:pkey" />
94 <xs:element name="perm">
97 <xs:extension base="aaf:pkey">
99 <xs:element name="roles" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
100 <!-- Note: feb 23, 2015. Added description field. Verify backward compatibility. JR -->
101 <xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>
102 <!-- This data not filled in unless Requested -->
103 <xs:element name="ns" type="xs:string" minOccurs="0" maxOccurs="1"/>
110 <xs:element name="perms">
113 <xs:element ref="aaf:perm" minOccurs="0" maxOccurs="unbounded"/>
118 <xs:element name="permRequest">
121 <xs:extension base="aaf:Request">
123 <xs:element name="type" type="xs:string"/>
124 <xs:element name="instance" type="xs:string"/>
125 <xs:element name="action" type="xs:string"/>
126 <!-- Note: feb 23, 2015. Added description field. Verify backward compatibility. JR -->
127 <xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>
138 <xs:complexType name="rkey">
140 <xs:element name="name" type="xs:string"/>
144 <xs:element name="roleKey">
147 <xs:extension base="aaf:rkey" />
152 <xs:element name="role">
155 <xs:extension base="aaf:rkey">
157 <xs:element name="perms" type="aaf:pkey" minOccurs="0" maxOccurs="unbounded"/>
158 <!-- Note: feb 23, 2015. Added description field. Verify backward compatibility. JR -->
159 <xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>
160 <!-- This data not filled in unless Requested -->
161 <xs:element name="ns" type="xs:string" minOccurs="0" maxOccurs="1"/>
168 <xs:element name="roles">
171 <xs:element ref="aaf:role" minOccurs="0" maxOccurs="unbounded"/>
176 <xs:element name="roleRequest">
179 <xs:extension base="aaf:Request">
181 <xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1"/>
182 <!-- Note: feb 23, 2015. Added description field. Verify backward compatibility. JR -->
183 <xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>
190 <!-- Added userRole return types jg1555 9/16/2015 -->
191 <xs:element name="userRole">
194 <xs:element name="user" type="xs:string" minOccurs="1" maxOccurs="1"/>
195 <xs:element name="role" type="xs:string" minOccurs="1" maxOccurs="1"/>
196 <xs:element name="expires" type="xs:date" minOccurs="1" maxOccurs="1" />
201 <!-- Added userRoles return types jg1555 9/16/2015 -->
202 <xs:element name="userRoles">
205 <xs:element ref="aaf:userRole" minOccurs="0" maxOccurs="unbounded"/>
210 <xs:element name="userRoleRequest">
213 <xs:extension base="aaf:Request">
215 <xs:element name="user" type="xs:string" minOccurs="1" maxOccurs="1"/>
216 <xs:element name="role" type="xs:string" minOccurs="1" maxOccurs="1"/>
223 <xs:element name="rolePermRequest">
226 <xs:extension base="aaf:Request">
228 <xs:element name="perm" type="aaf:pkey" minOccurs="1" maxOccurs="1"/>
229 <xs:element name="role" type="xs:string" minOccurs="1" maxOccurs="1"/>
236 <xs:element name="nsRequest">
239 <xs:extension base="aaf:Request">
241 <xs:element name="name" type="xs:string" minOccurs="1" maxOccurs="1"/>
242 <xs:element name="admin" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
243 <xs:element name="responsible" type="xs:string" minOccurs="1" maxOccurs="unbounded"/>
244 <!-- Note: feb 23, 2015. Added description field. Verify backward compatibility. JR -->
245 <xs:element name="description" type="xs:string" minOccurs="0" maxOccurs="1"/>
246 <!-- Note: dec 11, 2015. Request-able NS Type JG -->
247 <xs:element name="type" type="xs:string" minOccurs="0" maxOccurs="1"/>
249 <!-- "scope" is deprecated and unused as of AAF 2.0.11. It will be removed in future versions
250 <xs:element name="scope" type="xs:int" minOccurs="0" maxOccurs="1"/>
253 <xs:element ref="aaf:roleRequest" minOccurs="0" maxOccurs="unbounded"/>
254 <xs:element ref="aaf:permRequest" minOccurs="0" maxOccurs="unbounded"/>
255 <xs:element name="aaf_id" type="xs:string" minOccurs="0" maxOccurs="1"/>
256 <xs:element ref="aaf:userRoleRequest" minOccurs="0" maxOccurs="unbounded"/>
257 <xs:element name = "attrib" minOccurs="0" maxOccurs="unbounded">
260 <xs:element name = "key" type="xs:string" minOccurs="1" maxOccurs="1"/>
261 <xs:element name = "value" type="xs:string" minOccurs="0" maxOccurs="1"/>
274 <xs:element name="nsAttribRequest">
277 <xs:extension base="aaf:Request">
279 <xs:element name="ns" type="xs:string" minOccurs="1" maxOccurs="1"/>
280 <xs:element name = "attrib" minOccurs="0" maxOccurs="unbounded">
283 <xs:element name = "key" type="xs:string" minOccurs="1" maxOccurs="1"/>
284 <xs:element name = "value" type="xs:string" minOccurs="0" maxOccurs="1"/>
294 <xs:element name = "nss">
297 <xs:element name = "ns" minOccurs="0" maxOccurs="unbounded">
300 <xs:element name = "name" type = "xs:string" minOccurs="1" maxOccurs="1"/>
301 <xs:element name = "responsible" type = "xs:string" minOccurs="0" maxOccurs="unbounded"/>
302 <xs:element name = "admin" type = "xs:string" minOccurs="0" maxOccurs="unbounded"/>
303 <!-- Note: feb 23, 2015. Added description field. Verify backward compatibility. JR -->
304 <xs:element name = "description" type = "xs:string" minOccurs="0" maxOccurs="1"/>
305 <!-- Note: Dec 16, 2015. Added description field. Verify backward compatibility. JG -->
306 <xs:element name = "attrib" minOccurs="0" maxOccurs="unbounded">
309 <xs:element name = "key" type="xs:string" minOccurs="1" maxOccurs="1"/>
310 <xs:element name = "value" type="xs:string" minOccurs="0" maxOccurs="1"/>
324 <xs:element name="users">
327 <xs:element name="user" minOccurs="0" maxOccurs="unbounded">
330 <xs:element name="id" type="xs:string" minOccurs="1" maxOccurs="1" />
331 <!-- Changed type to dateTime, because of importance of Certs -->
332 <xs:element name="expires" type="xs:dateTime" minOccurs="1" maxOccurs="1" />
333 <!-- need to differentiate User Cred Types, jg1555 5/20/2015
334 This Return Object is shared by multiple functions:
335 Type is not returned for "UserRole", but only "Cred"
337 <xs:element name="type" type="xs:int" minOccurs="0" maxOccurs="1" />
347 Added jg1555 5/20/2015 to support identifying Certificate based Services
349 <xs:element name="certs">
352 <xs:element name="cert" minOccurs="0" maxOccurs="unbounded">
355 <xs:element name="id" type="xs:string" minOccurs="1" maxOccurs="1" />
356 <xs:element name="x500" type="xs:string" minOccurs="1" maxOccurs="1" />
357 <xs:element name="expires" type="xs:dateTime" minOccurs="1" maxOccurs="1" />
358 <xs:element name="fingerprint" type="xs:hexBinary" minOccurs="1" maxOccurs="1" />
369 <xs:element name="credRequest">
372 <xs:extension base="aaf:Request">
374 <xs:element name="id" type="xs:string"/>
375 <xs:element name="type" type="xs:int" minOccurs="0" maxOccurs="1"/>
377 <xs:element name="password" type="xs:string" />
378 <xs:element name="entry" type="xs:string" />
390 <xs:element name="multiRequest">
393 <xs:extension base="aaf:Request">
395 <xs:element ref="aaf:nsRequest" minOccurs="0" maxOccurs="1"/>
396 <xs:element ref="aaf:nsAttribRequest" minOccurs="0" maxOccurs="unbounded"/>
397 <xs:element ref="aaf:roleRequest" minOccurs="0" maxOccurs="unbounded"/>
398 <xs:element ref="aaf:permRequest" minOccurs="0" maxOccurs="unbounded"/>
399 <xs:element ref="aaf:credRequest" minOccurs="0" maxOccurs="unbounded"/>
400 <xs:element ref="aaf:userRoleRequest" minOccurs="0" maxOccurs="unbounded"/>
401 <xs:element ref="aaf:rolePermRequest" minOccurs="0" maxOccurs="unbounded"/>
411 <xs:element name="history">
414 <xs:element name="item" minOccurs="0" maxOccurs="unbounded">
417 <xs:element name="YYYYMM" type="xs:string" minOccurs="1" maxOccurs="1"/>
418 <xs:element name="timestamp" type="xs:dateTime" minOccurs="1" maxOccurs="1"/>
419 <xs:element name="subject" type="xs:string" minOccurs="1" maxOccurs="1"/>
420 <xs:element name="target" type = "xs:string" minOccurs="1" maxOccurs="1"/>
421 <xs:element name="action" type="xs:string" minOccurs="1" maxOccurs="1"/>
422 <xs:element name="memo" type="xs:string" minOccurs="1" maxOccurs="1"/>
423 <xs:element name="user" type="xs:string" minOccurs="1" maxOccurs="1"/>
434 <xs:complexType name="approval">
436 <!-- Note, id is set by system -->
437 <xs:element name="id" type="xs:string" minOccurs="0" maxOccurs="1"/>
438 <xs:element name="ticket" type="xs:string"/>
439 <xs:element name="user" type="xs:string"/>
440 <xs:element name="approver" type="xs:string"/>
441 <xs:element name="type" type="xs:string"/>
442 <xs:element name="memo" type="xs:string"/>
443 <xs:element name="updated" type="xs:dateTime"/>
444 <xs:element name="status">
446 <xs:restriction base="xs:string">
447 <xs:enumeration value="approve"/>
448 <xs:enumeration value="reject"/>
449 <xs:enumeration value="pending"/>
453 <xs:element name="operation">
455 <xs:restriction base="xs:string">
456 <xs:enumeration value="C"/>
457 <xs:enumeration value="U"/>
458 <xs:enumeration value="D"/>
459 <xs:enumeration value="G"/>
460 <xs:enumeration value="UG"/>
466 <xs:element name="approvals">
469 <xs:element name="approvals" type="aaf:approval" minOccurs="1" maxOccurs="unbounded"/>
477 <xs:complexType name="delg">
479 <xs:element name="user" type="xs:string"/>
480 <xs:element name="delegate" type="xs:string"/>
481 <xs:element name="expires" type="xs:date"/>
485 <xs:element name="delgRequest">
488 <xs:extension base="aaf:Request">
490 <xs:element name="user" type="xs:string" minOccurs="1" maxOccurs="1"/>
491 <xs:element name="delegate" type="xs:string" minOccurs="1" maxOccurs="1"/>
498 <xs:element name="delgs">
501 <xs:element name="delgs" type="aaf:delg" minOccurs="0" maxOccurs="unbounded"/>
506 <!-- jg 3/11/2015 New for 2.0.8 -->
507 <xs:element name="api">
510 <xs:element name="route" minOccurs="0" maxOccurs="unbounded">
513 <xs:element name="meth" type="xs:string" minOccurs="1" maxOccurs="1"/>
514 <xs:element name="path" type="xs:string" minOccurs="1" maxOccurs="1"/>
515 <xs:element name="param" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
516 <xs:element name="desc" type="xs:string" minOccurs="1" maxOccurs="1"/>
517 <xs:element name="comments" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
518 <xs:element name="contentType" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
519 <xs:element name="expected" type="xs:int" minOccurs="1" maxOccurs="1"/>
520 <xs:element name="explicitErr" type="xs:int" minOccurs="0" maxOccurs="unbounded"/>
Code Review / aaf / authz.git / blob