authz.json - OpenGrok cross reference for /openbmc/qemu/qapi/authz.json

Deleted Added

sdiffudifftextold (92566947..)new (a937b6aa..)

authz.json (92566947b3ac5ca75f91a34acb188219c455fc71)	authz.json (a937b6aa739f65f2cae2ad9a7eb65a309ad2a359)
1# -- Mode: Python -- 2# vim: filetype=python 3 4## 5# = User authorization 6## 7 8## 9# @QAuthZListPolicy: 10# 11# The authorization policy result 12# 13# @deny: deny access	1# -- Mode: Python -- 2# vim: filetype=python 3 4## 5# = User authorization 6## 7 8## 9# @QAuthZListPolicy: 10# 11# The authorization policy result 12# 13# @deny: deny access
	14#
14# @allow: allow access 15# 16# Since: 4.0 17## 18{ 'enum': 'QAuthZListPolicy', 19 'prefix': 'QAUTHZ_LIST_POLICY', 20 'data': ['deny', 'allow']} 21 22## 23# @QAuthZListFormat: 24# 25# The authorization policy match format 26# 27# @exact: an exact string match	15# @allow: allow access 16# 17# Since: 4.0 18## 19{ 'enum': 'QAuthZListPolicy', 20 'prefix': 'QAUTHZ_LIST_POLICY', 21 'data': ['deny', 'allow']} 22 23## 24# @QAuthZListFormat: 25# 26# The authorization policy match format 27# 28# @exact: an exact string match
	29#
28# @glob: string with ? and * shell wildcard support 29# 30# Since: 4.0 31## 32{ 'enum': 'QAuthZListFormat', 33 'prefix': 'QAUTHZ_LIST_FORMAT', 34 'data': ['exact', 'glob']} 35 36## 37# @QAuthZListRule: 38# 39# A single authorization rule. 40# 41# @match: a string or glob to match against a user identity	30# @glob: string with ? and * shell wildcard support 31# 32# Since: 4.0 33## 34{ 'enum': 'QAuthZListFormat', 35 'prefix': 'QAUTHZ_LIST_FORMAT', 36 'data': ['exact', 'glob']} 37 38## 39# @QAuthZListRule: 40# 41# A single authorization rule. 42# 43# @match: a string or glob to match against a user identity
	44#
42# @policy: the result to return if @match evaluates to true	45# @policy: the result to return if @match evaluates to true
	46#
43# @format: the format of the @match rule (default 'exact') 44# 45# Since: 4.0 46## 47{ 'struct': 'QAuthZListRule', 48 'data': {'match': 'str', 49 'policy': 'QAuthZListPolicy', 50 '*format': 'QAuthZListFormat'}} 51 52## 53# @AuthZListProperties: 54# 55# Properties for authz-list objects. 56#	47# @format: the format of the @match rule (default 'exact') 48# 49# Since: 4.0 50## 51{ 'struct': 'QAuthZListRule', 52 'data': {'match': 'str', 53 'policy': 'QAuthZListPolicy', 54 '*format': 'QAuthZListFormat'}} 55 56## 57# @AuthZListProperties: 58# 59# Properties for authz-list objects. 60#
57# @policy: Default policy to apply when no rule matches (default: deny)	61# @policy: Default policy to apply when no rule matches (default: 62# deny)
58# 59# @rules: Authorization rules based on matching user 60# 61# Since: 4.0 62## 63{ 'struct': 'AuthZListProperties', 64 'data': { 'policy': 'QAuthZListPolicy', 65 'rules': ['QAuthZListRule'] } } 66 67## 68# @AuthZListFileProperties: 69# 70# Properties for authz-listfile objects. 71#	63# 64# @rules: Authorization rules based on matching user 65# 66# Since: 4.0 67## 68{ 'struct': 'AuthZListProperties', 69 'data': { 'policy': 'QAuthZListPolicy', 70 'rules': ['QAuthZListRule'] } } 71 72## 73# @AuthZListFileProperties: 74# 75# Properties for authz-listfile objects. 76#
72# @filename: File name to load the configuration from. The file must 73# contain valid JSON for AuthZListProperties.	77# @filename: File name to load the configuration from. The file must 78# contain valid JSON for AuthZListProperties.
74#	79#
75# @refresh: If true, inotify is used to monitor the file, automatically 76# reloading changes. If an error occurs during reloading, all 77# authorizations will fail until the file is next successfully 78# loaded. (default: true if the binary was built with 79# CONFIG_INOTIFY1, false otherwise)	80# @refresh: If true, inotify is used to monitor the file, 81# automatically reloading changes. If an error occurs during 82# reloading, all authorizations will fail until the file is next 83# successfully loaded. (default: true if the binary was built 84# with CONFIG_INOTIFY1, false otherwise)
80# 81# Since: 4.0 82## 83{ 'struct': 'AuthZListFileProperties', 84 'data': { 'filename': 'str', 85 'refresh': 'bool' } } 86 87## --- 8 unchanged lines hidden* (view full) --- 96{ 'struct': 'AuthZPAMProperties', 97 'data': { 'service': 'str' } } 98 99## 100# @AuthZSimpleProperties: 101# 102# Properties for authz-simple objects. 103#	85# 86# Since: 4.0 87## 88{ 'struct': 'AuthZListFileProperties', 89 'data': { 'filename': 'str', 90 'refresh': 'bool' } } 91 92## --- 8 unchanged lines hidden* (view full) --- 101{ 'struct': 'AuthZPAMProperties', 102 'data': { 'service': 'str' } } 103 104## 105# @AuthZSimpleProperties: 106# 107# Properties for authz-simple objects. 108#
104# @identity: Identifies the allowed user. Its format depends on the network 105# service that authorization object is associated with. For 106# authorizing based on TLS x509 certificates, the identity must be 107# the x509 distinguished name.	109# @identity: Identifies the allowed user. Its format depends on the 110# network service that authorization object is associated with. 111# For authorizing based on TLS x509 certificates, the identity 112# must be the x509 distinguished name.
108# 109# Since: 4.0 110## 111{ 'struct': 'AuthZSimpleProperties', 112 'data': { 'identity': 'str' } }	113# 114# Since: 4.0 115## 116{ 'struct': 'AuthZSimpleProperties', 117 'data': { 'identity': 'str' } }