// Copyright (c) 2005 DMTF. All rights reserved.
// Add UmlPackagePath
// qualifier values to CIM Schema.
// ==================================================================
// CIM_PrivilegeManagementService
// ==================================================================
[UMLPackagePath ( "CIM::User::PrivilegeManagementService" ),
Version ( "2.8.0" ), Description (
"The PrivilegeManagementService is responsible for creating, "
"deleting, and associating AuthorizedPrivilege instances. "
"References to 'subject' and 'target' define the entities that "
"are associated with an AuthorizedPrivilege instance via the "
"relationships, AuthorizedSubject and AuthorizedTarget, "
"respectively. When created, an AuthorizedPrivilege instance is "
"related to this (PrivilegeManagement)Service via the "
"association, ConcreteDependency.")]
class CIM_PrivilegeManagementService : CIM_AuthorizationService {
[Description (
"When this method is called, a provider updates the "
"specified Subject's rights to the Target according to the "
"parameters of this call. The rights are modeled via an "
"AuthorizedPrivilege instance. If an AuthorizedPrivilege "
"instance is created as a result of this call, it MUST be "
"linked to the Subject and Target via the AuthorizedSubject "
"and AuthorizedTarget associations, respectively. When "
"created, the AuthorizedPrivilege instance is associated to "
"this PrivilegeManagementService via ConcreteDependency. If "
"the execution of this call results in no rights between the "
"Subject and Target, then they MUST NOT be linked to a "
"particular AuthorizedPrivilege instance via "
"AuthorizedSubject and AuthorizedTarget respectively. \n"
"\n"
"Note that regardless of whether specified via parameter, or "
"template, the Activities, ActivityQualifiers and "
"QualifierFormats, are mutually indexed. Also note that "
"Subject and Target references MUST be supplied. \n"
"\n"
"The successful completion of the method SHALL create any "
"necessary AuthorizedSubject, AuthorizedTarget, "
"AuthorizedPrivilege, HostedDependency, and "
"ConcreteDependency instances."),
ValueMap { "0", "1", "2", "3", "4", "5", "6..15999", "16000",
"16001", "16002", "16003", "16004", "16005..31999",
"32000..65535" },
Values { "Success", "Not Supported", "Unspecified Error",
"Timeout", "Failed", "Invalid Parameter", "DMTF Reserved",
"Unsupported Subject", "Unsupported Privilege",
"Unsupported Target", "Authorization Error",
"NULL not supported", "Method Reserved", "Vendor Specific" }]
uint32 AssignAccess (
[Required, IN, Description (
"The Subject parameter is a reference to a ManagedElement "
"instance. This parameter MUST be supplied.")]
CIM_ManagedElement REF Subject,
[IN, Description (
"MUST be NULL unless Privilege is NULL on input. The "
"PrivilegeGranted flag indicates whether the rights "
"defined by the parameters in this call should be granted "
"or denied to the named Subject/Target pair."),
ModelCorrespondence {
"CIM_AuthorizedPrivilege.PrivilegeGranted",
"CIM_PrivilegeManagementService.AssignAccess.Privilege" }]
boolean PrivilegeGranted,
[IN, Description (
"MUST be NULL unless the Privilege is NULL on input. This "
"parameter specifies the activities to be granted or "
"denied."),
ValueMap { "1", "2", "3", "4", "5", "6", "7", "..",
"16000..65535" },
Values { "Other", "Create", "Delete", "Detect", "Read",
"Write", "Execute", "DMTF Reserved", "Vendor Reserved" },
ArrayType ( "Indexed" ),
ModelCorrespondence { "CIM_AuthorizedPrivilege.Activities",
"CIM_PrivilegeManagementService.AssignAccess.Privilege" }]
uint16 Activities[],
[IN, Description (
"MUST be NULL unless Privilege is NULL on input. This "
"parameter defines the activity qualifiers for the "
"Activities to be granted or denied."),
ArrayType ( "Indexed" ),
ModelCorrespondence {
"CIM_AuthorizedPrivilege.ActivityQualifers",
"CIM_PrivilegeManagementService.AssignAccess.Privilege" }]
string ActivityQualifiers[],
[IN, Description (
"MUST be NULL unless Privilege is NULL on input. This "
"parameter defines the qualifier formats for the "
"corresponding ActivityQualifiers."),
ValueMap { "2", "3", "4", "5", "6", "7", "8", "9",
"10..15999", "16000..65535" },
Values { "Class Name", "Property", "Method",
"Object Reference", "Namespace", "URL",
"Directory/File Name", "Command Line Instruction",
"DMTF Reserved", "Vendor Reserved" },
ArrayType ( "Indexed" ),
ModelCorrespondence {
"CIM_AuthorizedPrivilege.QualifierFormats",
"CIM_PrivilegeManagementService.AssignAccess.Privilege" }]
uint16 QualifierFormats[],
[Required, IN, Description (
"The Target parameter is a reference to an instance of "
"ManagedElement. This parameter MUST be supplied.")]
CIM_ManagedElement REF Target,
[IN, OUT, Description (
"On input, this reference MUST be either NULL or refer to "
"an instance of AuthorizedPrivilege that is used as a "
"template. The rights granted by corresponding entries in "
"the Activities, ActivityQualifiers and QualifierFormats "
"array properties are applied incrementally and do not "
"affect unnamed rights. If the property, "
"PrivilegeGranted, is false, then the named rights are "
"removed. If PrivilegeGranted is True, then the named "
"rights are added. (Note that the RemoveAccess method "
"SHOULD be used to completely remove all privileges "
"between a subject and a target. On output, this property "
"references an AuthorizedPrivilege instance that "
"represents the resulting rights between the named "
"Subject and the named Target. AuthorizedPrivilege "
"instances used as a templates in this property SHOULD "
"have a HostedDependency association to the "
"PriviligeManagementService and SHOULD NOT have any "
"AuthorizedTarget or AuthorizedSubject associations to "
"it.")]
CIM_AuthorizedPrivilege REF Privilege );
[Description (
"This method revokes a specific AuthorizedPrivilege or all "
"privileges for a particular target, subject, or "
"subject/target pair. If an AuthorizedPrivilege instance is "
"left with no AuthorizedTarget associations, it SHOULD be "
"deleted. The successful completion of the method SHALL "
"remove the directly or indirectly requested "
"AuthorizedSubject, AuthorizedTarget and AuthorizedPrivilege "
"instances."),
ValueMap { "0", "1", "2", "3", "4", "5", "6..15999", "16000",
"16001", "16002", "16003", "16004..32767", "32768..65535" },
Values { "Success", "Not Supported", "Unspecified Error",
"Timeout", "Failed", "Invalid Parameter", "DMTF Reserved",
"Unsupported Privilege", "Unsupported Target",
"Authorization Error", "Null parameter not supported",
"Method Reserved", "Vendor Specific" }]
uint32 RemoveAccess (
[IN, Description (
"The Subject parameter is a reference to a ManagedElement "
"instance (associated via AuthorizedSubject) for which "
"privileges are to be revoked.")]
CIM_ManagedElement REF Subject,
[IN, Description (
"A reference to the AuthorizedPrivilege to be revoked.")]
CIM_AuthorizedPrivilege REF Privilege,
[IN, Description (
"The Target parameter is a reference to a ManagedElement "
"(associated via AuthorizedTarget) which will no longer "
"be protected via the AuthorizedPrivilege.")]
CIM_ManagedElement REF Target );
};