1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
|
{
"$id": "http://redfish.dmtf.org/schemas/v1/PrivilegeRegistry.v1_1_4.json",
"$ref": "#/definitions/PrivilegeRegistry",
"$schema": "http://redfish.dmtf.org/schemas/v1/redfish-schema-v1.json",
"copyright": "Copyright 2014-2019 DMTF. For the full DMTF copyright policy, see http://www.dmtf.org/about/policies/copyright",
"definitions": {
"Actions": {
"additionalProperties": false,
"description": "The available actions for this Resource.",
"longDescription": "This type shall contain the available actions for this Resource.",
"patternProperties": {
"^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": {
"description": "This property shall specify a valid odata or Redfish property.",
"type": [
"array",
"boolean",
"integer",
"number",
"null",
"object",
"string"
]
}
},
"properties": {
"Oem": {
"$ref": "#/definitions/OemActions",
"description": "The available OEM-specific actions for this Resource.",
"longDescription": "This property shall contain the available OEM-specific actions for this Resource.",
"versionAdded": "v1_1_0"
}
},
"type": "object"
},
"Mapping": {
"additionalProperties": false,
"description": "The mapping between a Resource type and the relevant privileges that accesses the Resource.",
"longDescription": "This type shall describe a mapping between a Resource type and the relevant privileges that accesses the Resource.",
"patternProperties": {
"^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": {
"description": "This property shall specify a valid odata or Redfish property.",
"type": [
"array",
"boolean",
"integer",
"number",
"null",
"object",
"string"
]
}
},
"properties": {
"Entity": {
"description": "The Resource name, such as `Manager`.",
"longDescription": "This property shall contain the Resource name, such as `Manager`.",
"readonly": true,
"type": "string"
},
"OperationMap": {
"$ref": "#/definitions/OperationMap",
"description": "List mapping between HTTP methods and privilege required for the Resource.",
"longDescription": "This property shall list the mapping between HTTP methods and the privilege required for the Resource."
},
"PropertyOverrides": {
"description": "The privilege overrides of properties within a Resource.",
"items": {
"$ref": "#/definitions/Target_PrivilegeMap"
},
"longDescription": "This property shall contain the privilege overrides of properties, such as the `Password` property in the `ManagerAccount` Resource.",
"type": "array"
},
"ResourceURIOverrides": {
"description": "The privilege overrides of Resource URIs.",
"items": {
"$ref": "#/definitions/Target_PrivilegeMap"
},
"longDescription": "This property shall contain the privilege overrides of Resource URIs. The target lists the Resource URI and the new privileges.",
"type": "array"
},
"SubordinateOverrides": {
"description": "The privilege overrides of the subordinate Resource.",
"items": {
"$ref": "#/definitions/Target_PrivilegeMap"
},
"longDescription": "This property shall contain the privilege overrides of the subordinate Resource. The target lists are identified by Resource type.",
"type": "array"
}
},
"type": "object"
},
"OemActions": {
"additionalProperties": true,
"description": "The available OEM-specific actions for this Resource.",
"longDescription": "This type shall contain the available OEM-specific actions for this Resource.",
"patternProperties": {
"^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": {
"description": "This property shall specify a valid odata or Redfish property.",
"type": [
"array",
"boolean",
"integer",
"number",
"null",
"object",
"string"
]
}
},
"properties": {},
"type": "object"
},
"OperationMap": {
"additionalProperties": false,
"description": "The specific privileges required to complete a set of HTTP operations.",
"longDescription": "This type shall describe the specific privileges required to complete a set of HTTP operations.",
"patternProperties": {
"^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": {
"description": "This property shall specify a valid odata or Redfish property.",
"type": [
"array",
"boolean",
"integer",
"number",
"null",
"object",
"string"
]
}
},
"properties": {
"DELETE": {
"description": "The privilege required to complete an HTTP DELETE operation.",
"items": {
"$ref": "#/definitions/OperationPrivilege"
},
"longDescription": "This property shall contain the privilege required to complete an HTTP DELETE operation.",
"type": "array"
},
"GET": {
"description": "The privilege required to complete an HTTP GET operation.",
"items": {
"$ref": "#/definitions/OperationPrivilege"
},
"longDescription": "This property shall contain the privilege required to complete an HTTP GET operation.",
"type": "array"
},
"HEAD": {
"description": "The privilege required to complete an HTTP HEAD operation.",
"items": {
"$ref": "#/definitions/OperationPrivilege"
},
"longDescription": "This property shall contain the privilege required to complete an HTTP HEAD operation.",
"type": "array"
},
"PATCH": {
"description": "The privilege required to complete an HTTP PATCH operation.",
"items": {
"$ref": "#/definitions/OperationPrivilege"
},
"longDescription": "This property shall contain the privilege required to complete an HTTP PATCH operation.",
"type": "array"
},
"POST": {
"description": "The privilege required to complete an HTTP POST operation.",
"items": {
"$ref": "#/definitions/OperationPrivilege"
},
"longDescription": "This property shall contain the privilege required to complete an HTTP POST operation.",
"type": "array"
},
"PUT": {
"description": "The privilege required to complete an HTTP PUT operation.",
"items": {
"$ref": "#/definitions/OperationPrivilege"
},
"longDescription": "This property shall contain the privilege required to complete an HTTP PUT operation.",
"type": "array"
}
},
"type": "object"
},
"OperationPrivilege": {
"additionalProperties": false,
"description": "The privileges for a specific HTTP operation.",
"longDescription": "This type shall describe the privileges required to complete a specific HTTP operation.",
"patternProperties": {
"^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": {
"description": "This property shall specify a valid odata or Redfish property.",
"type": [
"array",
"boolean",
"integer",
"number",
"null",
"object",
"string"
]
}
},
"properties": {
"Privilege": {
"description": "An array of privileges that are required to complete a specific HTTP operation on a Resource.",
"items": {
"type": "string"
},
"longDescription": "This array shall contain an array of privileges that are required to complete a specific HTTP operation on a Resource. This set of strings match zero or more strings in the PrivilegesUsed and OEMPrivilegesUsed properties.",
"readonly": true,
"type": "array"
}
},
"type": "object"
},
"PrivilegeRegistry": {
"additionalProperties": false,
"description": "The PrivilegeRegistry schema describes the operation-to-privilege mappings.",
"longDescription": "This Resource contains operation-to-privilege mappings.",
"patternProperties": {
"^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": {
"description": "This property shall specify a valid odata or Redfish property.",
"type": [
"array",
"boolean",
"integer",
"number",
"null",
"object",
"string"
]
}
},
"properties": {
"@odata.type": {
"$ref": "http://redfish.dmtf.org/schemas/v1/odata-v4.json#/definitions/type"
},
"Actions": {
"$ref": "#/definitions/Actions",
"description": "The available actions for this Resource.",
"longDescription": "This property shall contain the available actions for this Resource.",
"versionAdded": "v1_1_0"
},
"Description": {
"anyOf": [
{
"$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Description"
},
{
"type": "null"
}
],
"readonly": true
},
"Id": {
"$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Id",
"readonly": true
},
"Mappings": {
"description": "The mappings between entities and the relevant privileges that access those entities.",
"items": {
"$ref": "#/definitions/Mapping"
},
"longDescription": "This property shall describe the mappings between entities and the relevant privileges that access those entities.",
"type": "array"
},
"Name": {
"$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Name",
"readonly": true
},
"OEMPrivilegesUsed": {
"description": "The set of OEM privileges used in this mapping.",
"items": {
"type": "string"
},
"longDescription": "This property shall contain an array of OEM privileges used in this mapping.",
"readonly": true,
"type": "array"
},
"Oem": {
"$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Oem",
"description": "The OEM extension property.",
"longDescription": "This property shall contain the OEM extensions. All values for properties that this object contains shall conform to the Redfish Specification-described requirements."
},
"PrivilegesUsed": {
"description": "The set of Redfish standard privileges used in this mapping.",
"items": {
"$ref": "http://redfish.dmtf.org/schemas/v1/Privileges.json#/definitions/PrivilegeType"
},
"longDescription": "This property shall contain an array of Redfish standard privileges used in this mapping.",
"readonly": true,
"type": "array"
}
},
"required": [
"@odata.type",
"Id",
"Name"
],
"type": "object"
},
"Target_PrivilegeMap": {
"additionalProperties": false,
"description": "This type describes a mapping between one or more targets and the HTTP operations associated with them.",
"longDescription": "This type shall describe a mapping between one or more targets and the HTTP operations associated with them.",
"patternProperties": {
"^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": {
"description": "This property shall specify a valid odata or Redfish property.",
"type": [
"array",
"boolean",
"integer",
"number",
"null",
"object",
"string"
]
}
},
"properties": {
"OperationMap": {
"$ref": "#/definitions/OperationMap",
"description": "The mapping between the HTTP operation and the privilege required to complete the operation.",
"longDescription": "This property shall contain the mapping between the HTTP operation and the privilege required to complete the operation."
},
"Targets": {
"description": "The set of URIs, Resource types, or properties.",
"items": {
"type": [
"string",
"null"
]
},
"longDescription": "This property shall contain the array of URIs, Resource types, or properties. For example, `/redfish/v1/Systems/1`, `Manager`, or `Password`. When the Targets property is not present, no override is specified.",
"readonly": true,
"type": "array"
}
},
"type": "object"
}
},
"owningEntity": "DMTF",
"release": "2017.1",
"title": "#PrivilegeRegistry.v1_1_4.PrivilegeRegistry"
}
|
