xref: /openbmc/bmcweb/redfish-core/schema/dmtf/json-schema/PrivilegeRegistry.v1_2_0.json (revision 5ecf7b4e1bb6988dd3403fa80b723afbe2be30ae)
1{
2    "$id": "http://redfish.dmtf.org/schemas/v1/PrivilegeRegistry.v1_2_0.json",
3    "$ref": "#/definitions/PrivilegeRegistry",
4    "$schema": "http://redfish.dmtf.org/schemas/v1/redfish-schema-v1.json",
5    "copyright": "Copyright 2014-2025 DMTF. For the full DMTF copyright policy, see http://www.dmtf.org/about/policies/copyright",
6    "definitions": {
7        "Actions": {
8            "additionalProperties": false,
9            "description": "The available actions for this resource.",
10            "longDescription": "This type shall contain the available actions for this resource.",
11            "patternProperties": {
12                "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": {
13                    "description": "This property shall specify a valid odata or Redfish property.",
14                    "type": [
15                        "array",
16                        "boolean",
17                        "integer",
18                        "number",
19                        "null",
20                        "object",
21                        "string"
22                    ]
23                }
24            },
25            "properties": {
26                "Oem": {
27                    "$ref": "#/definitions/OemActions",
28                    "description": "The available OEM-specific actions for this resource.",
29                    "longDescription": "This property shall contain the available OEM-specific actions for this resource.",
30                    "versionAdded": "v1_1_0"
31                }
32            },
33            "type": "object"
34        },
35        "Mapping": {
36            "additionalProperties": false,
37            "description": "The mapping between a resource type and the relevant privileges that accesses the resource.",
38            "longDescription": "This type shall describe a mapping between a resource type and the relevant privileges that accesses the resource.",
39            "patternProperties": {
40                "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": {
41                    "description": "This property shall specify a valid odata or Redfish property.",
42                    "type": [
43                        "array",
44                        "boolean",
45                        "integer",
46                        "number",
47                        "null",
48                        "object",
49                        "string"
50                    ]
51                }
52            },
53            "properties": {
54                "Entity": {
55                    "description": "The resource name, such as `Manager`.",
56                    "longDescription": "This property shall contain the resource name, such as `Manager`.",
57                    "readonly": true,
58                    "type": "string"
59                },
60                "OperationMap": {
61                    "$ref": "#/definitions/OperationMap",
62                    "description": "List mapping between HTTP methods and privilege required for the resource.",
63                    "longDescription": "This property shall list the mapping between HTTP methods and the privilege required for the resource."
64                },
65                "PropertyOverrides": {
66                    "description": "The privilege overrides of properties within a resource.",
67                    "items": {
68                        "$ref": "#/definitions/Target_PrivilegeMap"
69                    },
70                    "longDescription": "This property shall contain the privilege overrides of properties, such as the `Password` property in the `ManagerAccount` resource.",
71                    "type": "array"
72                },
73                "ResourceURIOverrides": {
74                    "description": "The privilege overrides of resource URIs.",
75                    "items": {
76                        "$ref": "#/definitions/Target_PrivilegeMap"
77                    },
78                    "longDescription": "This property shall contain the privilege overrides of resource URIs.  The target lists the resource URI and the new privileges.",
79                    "type": "array"
80                },
81                "SubordinateOverrides": {
82                    "description": "The privilege overrides of the subordinate resource.",
83                    "items": {
84                        "$ref": "#/definitions/Target_PrivilegeMap"
85                    },
86                    "longDescription": "This property shall contain the privilege overrides of the subordinate resource.  The target lists are identified by resource type.",
87                    "type": "array"
88                }
89            },
90            "type": "object"
91        },
92        "OemActions": {
93            "additionalProperties": true,
94            "description": "The available OEM-specific actions for this resource.",
95            "longDescription": "This type shall contain the available OEM-specific actions for this resource.",
96            "patternProperties": {
97                "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": {
98                    "description": "This property shall specify a valid odata or Redfish property.",
99                    "type": [
100                        "array",
101                        "boolean",
102                        "integer",
103                        "number",
104                        "null",
105                        "object",
106                        "string"
107                    ]
108                }
109            },
110            "properties": {},
111            "type": "object"
112        },
113        "OperationMap": {
114            "additionalProperties": false,
115            "description": "The specific privileges required to complete a set of HTTP operations.",
116            "longDescription": "This type shall describe the specific privileges required to complete a set of HTTP operations.",
117            "patternProperties": {
118                "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": {
119                    "description": "This property shall specify a valid odata or Redfish property.",
120                    "type": [
121                        "array",
122                        "boolean",
123                        "integer",
124                        "number",
125                        "null",
126                        "object",
127                        "string"
128                    ]
129                }
130            },
131            "properties": {
132                "DELETE": {
133                    "description": "The privilege required to complete an HTTP `DELETE` operation.",
134                    "items": {
135                        "$ref": "#/definitions/OperationPrivilege"
136                    },
137                    "longDescription": "This property shall contain the privilege required to complete an HTTP `DELETE` operation.",
138                    "type": "array"
139                },
140                "GET": {
141                    "description": "The privilege required to complete an HTTP `GET` operation.",
142                    "items": {
143                        "$ref": "#/definitions/OperationPrivilege"
144                    },
145                    "longDescription": "This property shall contain the privilege required to complete an HTTP `GET` operation.",
146                    "type": "array"
147                },
148                "HEAD": {
149                    "description": "The privilege required to complete an HTTP `HEAD` operation.",
150                    "items": {
151                        "$ref": "#/definitions/OperationPrivilege"
152                    },
153                    "longDescription": "This property shall contain the privilege required to complete an HTTP `HEAD` operation.",
154                    "type": "array"
155                },
156                "PATCH": {
157                    "description": "The privilege required to complete an HTTP `PATCH` operation.",
158                    "items": {
159                        "$ref": "#/definitions/OperationPrivilege"
160                    },
161                    "longDescription": "This property shall contain the privilege required to complete an HTTP `PATCH` operation.",
162                    "type": "array"
163                },
164                "POST": {
165                    "description": "The privilege required to complete an HTTP `POST` operation.",
166                    "items": {
167                        "$ref": "#/definitions/OperationPrivilege"
168                    },
169                    "longDescription": "This property shall contain the privilege required to complete an HTTP `POST` operation.",
170                    "type": "array"
171                },
172                "PUT": {
173                    "description": "The privilege required to complete an HTTP `PUT` operation.",
174                    "items": {
175                        "$ref": "#/definitions/OperationPrivilege"
176                    },
177                    "longDescription": "This property shall contain the privilege required to complete an HTTP `PUT` operation.",
178                    "type": "array"
179                }
180            },
181            "type": "object"
182        },
183        "OperationPrivilege": {
184            "additionalProperties": false,
185            "description": "The privileges for a specific HTTP operation.",
186            "longDescription": "This type shall describe the privileges required to complete a specific HTTP operation.",
187            "patternProperties": {
188                "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": {
189                    "description": "This property shall specify a valid odata or Redfish property.",
190                    "type": [
191                        "array",
192                        "boolean",
193                        "integer",
194                        "number",
195                        "null",
196                        "object",
197                        "string"
198                    ]
199                }
200            },
201            "properties": {
202                "Privilege": {
203                    "description": "An array of privileges that are required to complete a specific HTTP operation on a resource.",
204                    "items": {
205                        "type": "string"
206                    },
207                    "longDescription": "This array shall contain an array of privileges that are required to complete a specific HTTP operation on a resource.  This set of strings match zero or more strings in the `PrivilegesUsed` and `OEMPrivilegesUsed` properties.",
208                    "readonly": true,
209                    "type": "array"
210                }
211            },
212            "type": "object"
213        },
214        "PrivilegeRegistry": {
215            "additionalProperties": false,
216            "description": "The `PrivilegeRegistry` schema describes the operation-to-privilege mappings.",
217            "longDescription": "This resource shall contain operation-to-privilege mappings.",
218            "patternProperties": {
219                "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": {
220                    "description": "This property shall specify a valid odata or Redfish property.",
221                    "type": [
222                        "array",
223                        "boolean",
224                        "integer",
225                        "number",
226                        "null",
227                        "object",
228                        "string"
229                    ]
230                }
231            },
232            "properties": {
233                "@odata.type": {
234                    "$ref": "http://redfish.dmtf.org/schemas/v1/odata-v4.json#/definitions/type"
235                },
236                "Actions": {
237                    "$ref": "#/definitions/Actions",
238                    "description": "The available actions for this resource.",
239                    "longDescription": "This property shall contain the available actions for this resource.",
240                    "versionAdded": "v1_1_0"
241                },
242                "Description": {
243                    "anyOf": [
244                        {
245                            "$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Description"
246                        },
247                        {
248                            "type": "null"
249                        }
250                    ],
251                    "readonly": true
252                },
253                "Id": {
254                    "$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Id",
255                    "readonly": true
256                },
257                "Mappings": {
258                    "description": "The mappings between entities and the relevant privileges that access those entities.",
259                    "items": {
260                        "$ref": "#/definitions/Mapping"
261                    },
262                    "longDescription": "This property shall describe the mappings between entities and the relevant privileges that access those entities.",
263                    "type": "array"
264                },
265                "Name": {
266                    "$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Name",
267                    "readonly": true
268                },
269                "OEMPrivilegeDescriptions": {
270                    "description": "The descriptions of the OEM privileges used in this mapping.",
271                    "items": {
272                        "type": "string"
273                    },
274                    "longDescription": "This property shall contain an array of the descriptions of the values of the `OEMPrivilegesUsed` property.  The order of this array shall match the order of the `OEMPrivilegesUsed` property.",
275                    "readonly": true,
276                    "type": "array",
277                    "versionAdded": "v1_2_0"
278                },
279                "OEMPrivilegesUsed": {
280                    "description": "The set of OEM privileges used in this mapping.",
281                    "items": {
282                        "type": "string"
283                    },
284                    "longDescription": "This property shall contain an array of OEM privileges used in this mapping.",
285                    "readonly": true,
286                    "type": "array"
287                },
288                "Oem": {
289                    "$ref": "http://redfish.dmtf.org/schemas/v1/Resource.json#/definitions/Oem",
290                    "description": "The OEM extension property.",
291                    "longDescription": "This property shall contain the OEM extensions.  All values for properties that this object contains shall conform to the Redfish Specification-described requirements."
292                },
293                "PrivilegesUsed": {
294                    "description": "The set of Redfish standard privileges used in this mapping.",
295                    "items": {
296                        "$ref": "http://redfish.dmtf.org/schemas/v1/Privileges.json#/definitions/PrivilegeType"
297                    },
298                    "longDescription": "This property shall contain an array of Redfish standard privileges used in this mapping.",
299                    "readonly": true,
300                    "type": "array"
301                }
302            },
303            "required": [
304                "@odata.type",
305                "Id",
306                "Name"
307            ],
308            "type": "object"
309        },
310        "Target_PrivilegeMap": {
311            "additionalProperties": false,
312            "description": "This type describes a mapping between one or more targets and the HTTP operations associated with them.",
313            "longDescription": "This type shall describe a mapping between one or more targets and the HTTP operations associated with them.",
314            "patternProperties": {
315                "^([a-zA-Z_][a-zA-Z0-9_]*)?@(odata|Redfish|Message)\\.[a-zA-Z_][a-zA-Z0-9_]*$": {
316                    "description": "This property shall specify a valid odata or Redfish property.",
317                    "type": [
318                        "array",
319                        "boolean",
320                        "integer",
321                        "number",
322                        "null",
323                        "object",
324                        "string"
325                    ]
326                }
327            },
328            "properties": {
329                "OperationMap": {
330                    "$ref": "#/definitions/OperationMap",
331                    "description": "The mapping between the HTTP operation and the privilege required to complete the operation.",
332                    "longDescription": "This property shall contain the mapping between the HTTP operation and the privilege required to complete the operation."
333                },
334                "Targets": {
335                    "description": "The set of URIs, resource types, or properties.",
336                    "items": {
337                        "type": [
338                            "string",
339                            "null"
340                        ]
341                    },
342                    "longDescription": "This property shall contain the array of URIs, resource types, or properties.  For example, `/redfish/v1/Systems/1`, `Manager`, or `Password`.  When the `Targets` property is not present, no override is specified.",
343                    "readonly": true,
344                    "type": "array"
345                }
346            },
347            "type": "object"
348        }
349    },
350    "language": "en",
351    "owningEntity": "DMTF",
352    "release": "2025.3",
353    "title": "#PrivilegeRegistry.v1_2_0.PrivilegeRegistry"
354}