cleanup scribbled+temp-documents
This commit is contained in:
parent
d236a7aca4
commit
ca9a865019
@ -1,3 +1,5 @@
|
||||
(this is just a scribbled idea, that's why it's still in German)
|
||||
|
||||
Ich habe mal wieder vom RBAC-System geträumt 🙈 Ok, im Halbschlaf darüber nachgedacht trifft es wohl besser. Und jetzt frage ich mich, ob wir viel zu kompliziert gedacht haben.
|
||||
|
||||
Bislang gingen wir ja davon aus, dass, wenn komplexe Entitäten (z.B. Partner) erzeugt werden, wir wir über den INSERT-Trigger den Rollen der verknüpften Entitäten (z.B. den Rollen der Personendaten des Partners) auch Rechte an den komplexeren Entitäten und umgekehrt geben müssen.
|
||||
|
@ -1,76 +0,0 @@
|
||||
### all grants to membershipReferrer_canViewButNotUpdateRelatedMembership
|
||||
|
||||
```mermaid
|
||||
%%{init:{'flowchart':{'htmlLabels':false}}}%%
|
||||
|
||||
%% too many grants, graph is cropped
|
||||
flowchart TB
|
||||
|
||||
subgraph hs_office_membership#M-1000113[hs_office_membership#M-1000113]
|
||||
|
||||
perm:SELECT:on:hs_office_membership#M-1000113{{SELECT
|
||||
ref:b1b1192e-f2bf-4b9f-836b-90e98903bedc}}
|
||||
|
||||
role:hs_office_membership#M-1000113.referrer[referrer
|
||||
ref:7c95cd77-a124-40ab-87f3-4cd2f33ad32f]
|
||||
|
||||
end
|
||||
|
||||
subgraph hs_office_partner#P-10001[hs_office_partner#P-10001]
|
||||
|
||||
perm:SELECT:on:hs_office_partner#P-10001{{SELECT
|
||||
ref:74c87064-7e9b-4ead-9344-4f18ba246b80}}
|
||||
|
||||
end
|
||||
|
||||
subgraph hs_office_person#HostsharingeG[hs_office_person#HostsharingeG]
|
||||
|
||||
perm:SELECT:on:hs_office_person#HostsharingeG{{SELECT
|
||||
ref:38e63031-3245-4e57-b59d-b4f08334adec}}
|
||||
|
||||
role:hs_office_person#HostsharingeG.referrer[referrer
|
||||
ref:b31417b9-6c56-4e79-93dd-c6c11a080370]
|
||||
|
||||
end
|
||||
|
||||
subgraph hs_office_person#FirstGmbH[hs_office_person#FirstGmbH]
|
||||
|
||||
perm:SELECT:on:hs_office_person#FirstGmbH{{SELECT
|
||||
ref:5cbe42d4-e8d3-40e9-bddd-5635c151c57a}}
|
||||
|
||||
role:hs_office_person#FirstGmbH.referrer[referrer
|
||||
ref:86a4ece0-087f-46ea-94b4-b1f3294ba356]
|
||||
|
||||
end
|
||||
|
||||
subgraph hs_office_contact#firstcontact[hs_office_contact#firstcontact]
|
||||
|
||||
perm:SELECT:on:hs_office_contact#firstcontact{{SELECT
|
||||
ref:21cc5d9e-d98e-4953-a9e6-d33a5753876f}}
|
||||
|
||||
role:hs_office_contact#firstcontact.referrer[referrer
|
||||
ref:ca3c3e01-fb66-465e-93ee-cbad0e5ee70e]
|
||||
|
||||
end
|
||||
|
||||
subgraph hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH[hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH]
|
||||
|
||||
perm:SELECT:on:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH{{SELECT
|
||||
ref:b52dd840-289a-4c92-98a1-3ee629318608}}
|
||||
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.tenant[tenant
|
||||
ref:d9395077-4c0b-44d6-924e-811041402abe]
|
||||
|
||||
end
|
||||
|
||||
role:hs_office_contact#firstcontact.referrer --> perm:SELECT:on:hs_office_contact#firstcontact
|
||||
role:hs_office_membership#M-1000113.referrer --> perm:SELECT:on:hs_office_membership#M-1000113
|
||||
role:hs_office_membership#M-1000113.referrer --> role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.tenant
|
||||
role:hs_office_person#FirstGmbH.referrer --> perm:SELECT:on:hs_office_person#FirstGmbH
|
||||
role:hs_office_person#HostsharingeG.referrer --> perm:SELECT:on:hs_office_person#HostsharingeG
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.tenant --> perm:SELECT:on:hs_office_partner#P-10001
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.tenant --> perm:SELECT:on:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.tenant --> role:hs_office_contact#firstcontact.referrer
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.tenant --> role:hs_office_person#FirstGmbH.referrer
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.tenant --> role:hs_office_person#HostsharingeG.referrer
|
||||
```
|
@ -1,6 +1,6 @@
|
||||
## *hsadmin-ng*'s Role-Based-Access-Management (RBAC)
|
||||
|
||||
The requirements of *hsadmin-ng* option table-m row- and column-level-security for read and write access to business-objects.
|
||||
The requirements of *hsadmin-ng* include table-, row- and column-level-security for read and write access to business-objects.
|
||||
More precisely, any access has to be controlled according to given rules depending on the accessing users, their roles and the accessed business-object.
|
||||
Further, roles and business-objects are hierarchical.
|
||||
|
||||
|
@ -1,105 +0,0 @@
|
||||
### all grants to coop-share-select
|
||||
|
||||
```mermaid
|
||||
%%{init:{'flowchart':{'htmlLabels':false}}}%%
|
||||
|
||||
%% too many grants, graph is cropped
|
||||
flowchart TB
|
||||
|
||||
subgraph hs_office_membership#M-1000101[hs_office_membership#M-1000101]
|
||||
|
||||
role:hs_office_membership#M-1000101.admin[admin
|
||||
ref:6a6eca16-878f-4daf-8814-71bfeef9d531]
|
||||
|
||||
role:hs_office_membership#M-1000101.owner[owner
|
||||
ref:9899101f-f59a-4432-bb5f-85841f94e0b1]
|
||||
|
||||
role:hs_office_membership#M-1000101.referrer[referrer
|
||||
ref:13d84099-cae3-4b9c-9f84-b0c4ca383f64]
|
||||
|
||||
end
|
||||
|
||||
subgraph global#global[global#global]
|
||||
|
||||
role:global#global.admin[admin
|
||||
ref:e36961c1-3250-4429-9c0f-b85d1d625e2f]
|
||||
|
||||
end
|
||||
|
||||
subgraph hs_office_coopsharestransaction#ref1000101-1[hs_office_coopsharestransaction#ref1000101-1]
|
||||
|
||||
perm:SELECT:on:hs_office_coopsharestransaction#ref1000101-1{{SELECT
|
||||
ref:6e847eb3-3fb3-41f5-ab10-6aedbaa298e8}}
|
||||
|
||||
end
|
||||
|
||||
subgraph hs_office_person#FirstGmbH[hs_office_person#FirstGmbH]
|
||||
|
||||
role:hs_office_person#FirstGmbH.admin[admin
|
||||
ref:54293c05-fbc4-45b6-b9f0-aab8705f2cf7]
|
||||
|
||||
role:hs_office_person#FirstGmbH.owner[owner
|
||||
ref:599ae17d-862a-44fc-a7cc-4e0b40c5c785]
|
||||
|
||||
end
|
||||
|
||||
subgraph hs_office_person#HostsharingeG[hs_office_person#HostsharingeG]
|
||||
|
||||
role:hs_office_person#HostsharingeG.admin[admin
|
||||
ref:0e110d55-665d-4994-85ed-986d3e890214]
|
||||
|
||||
role:hs_office_person#HostsharingeG.owner[owner
|
||||
ref:b92395bf-e4f4-46e6-ad29-2289879171a2]
|
||||
|
||||
end
|
||||
|
||||
subgraph hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH[hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH]
|
||||
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.admin[admin
|
||||
ref:e92b7f7f-20d4-4c89-a572-e0b2c59ed265]
|
||||
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.agent[agent
|
||||
ref:f42a648f-4474-47c7-bba8-9d1082cf76d7]
|
||||
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.owner[owner
|
||||
ref:776e5533-4630-4d55-957b-25ca16220324]
|
||||
|
||||
end
|
||||
|
||||
subgraph users[users]
|
||||
|
||||
user:person-FirstGmbH(person-FirstGmbH@example.com
|
||||
ref:661ac654-7ed8-4723-a1c5-41d886cef684)
|
||||
|
||||
user:person-HostsharingeG(person-HostsharingeG@example.com
|
||||
ref:a0c798f6-ea35-4725-857e-0358dfd57b8e)
|
||||
|
||||
user:superuser-alex(superuser-alex@hostsharing.net
|
||||
ref:0849f284-6379-4694-98a6-b777fa80a902)
|
||||
|
||||
user:superuser-fran(superuser-fran@hostsharing.net
|
||||
ref:a780bed7-d970-4c04-8e78-85e33a28af91)
|
||||
|
||||
end
|
||||
|
||||
role:global#global.admin --> role:hs_office_person#FirstGmbH.owner
|
||||
role:global#global.admin --> role:hs_office_person#HostsharingeG.owner
|
||||
role:global#global.admin --> role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.owner
|
||||
role:hs_office_membership#M-1000101.admin --> role:hs_office_membership#M-1000101.referrer
|
||||
role:hs_office_membership#M-1000101.owner --> role:hs_office_membership#M-1000101.admin
|
||||
role:hs_office_membership#M-1000101.referrer --> perm:SELECT:on:hs_office_coopsharestransaction#ref1000101-1
|
||||
role:hs_office_person#FirstGmbH.admin --> role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.agent
|
||||
role:hs_office_person#FirstGmbH.owner --> role:hs_office_person#FirstGmbH.admin
|
||||
role:hs_office_person#HostsharingeG.admin --> role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.admin
|
||||
role:hs_office_person#HostsharingeG.owner --> role:hs_office_person#HostsharingeG.admin
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.admin --> role:hs_office_membership#M-1000101.owner
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.admin --> role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.agent
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.agent --> role:hs_office_membership#M-1000101.admin
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.owner --> role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.admin
|
||||
user:person-FirstGmbH --> role:hs_office_person#FirstGmbH.owner
|
||||
user:person-HostsharingeG --> role:hs_office_person#HostsharingeG.owner
|
||||
user:superuser-alex --> role:global#global.admin
|
||||
user:superuser-alex --> role:hs_office_membership#M-1000101.owner
|
||||
user:superuser-alex --> role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.owner
|
||||
user:superuser-fran --> role:global#global.admin
|
||||
```
|
@ -1,71 +0,0 @@
|
||||
### all grants to debitorRelationAgent_canNotDeleteTheirRelatedMembership-delete
|
||||
|
||||
```mermaid
|
||||
%%{init:{'flowchart':{'htmlLabels':false}}}%%
|
||||
|
||||
%% too many grants, graph is cropped
|
||||
flowchart TB
|
||||
|
||||
subgraph hs_office_membership#M-1000114[hs_office_membership#M-1000114]
|
||||
|
||||
perm:DELETE:on:hs_office_membership#M-1000114{{DELETE
|
||||
ref:5defb5eb-e9b1-4a1a-8476-a91be89a756f}}
|
||||
|
||||
role:hs_office_membership#M-1000114.owner[owner
|
||||
ref:3da05812-0992-473c-ba8c-0e66ca33f039]
|
||||
|
||||
end
|
||||
|
||||
subgraph global#global[global#global]
|
||||
|
||||
role:global#global.admin[admin
|
||||
ref:eedfafb8-db39-45ac-b4c2-2b30699f4f72]
|
||||
|
||||
end
|
||||
|
||||
subgraph hs_office_person#HostsharingeG[hs_office_person#HostsharingeG]
|
||||
|
||||
role:hs_office_person#HostsharingeG.admin[admin
|
||||
ref:c40db171-9d99-4feb-8d91-d9befb053373]
|
||||
|
||||
role:hs_office_person#HostsharingeG.owner[owner
|
||||
ref:626f0656-d00e-471d-a145-72a96180d0d2]
|
||||
|
||||
end
|
||||
|
||||
subgraph users[users]
|
||||
|
||||
user:person-HostsharingeG(person-HostsharingeG@example.com
|
||||
ref:93e0b9b2-aafd-49fe-b033-10b5e39a0272)
|
||||
|
||||
user:superuser-alex(superuser-alex@hostsharing.net
|
||||
ref:2113a0d5-04c7-4b7f-873c-0a24212bfd4a)
|
||||
|
||||
user:superuser-fran(superuser-fran@hostsharing.net
|
||||
ref:4740f067-13c8-4507-a9b8-c8469c476f5b)
|
||||
|
||||
end
|
||||
|
||||
subgraph hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH[hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH]
|
||||
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.admin[admin
|
||||
ref:12d2ec68-3df4-45ed-9a8d-035f701cf33e]
|
||||
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.owner[owner
|
||||
ref:341d44b9-73f0-4048-a3c2-d8c7c73881ff]
|
||||
|
||||
end
|
||||
|
||||
role:global#global.admin --> role:hs_office_person#HostsharingeG.owner
|
||||
role:global#global.admin --> role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.owner
|
||||
role:hs_office_membership#M-1000114.owner --> perm:DELETE:on:hs_office_membership#M-1000114
|
||||
role:hs_office_person#HostsharingeG.admin --> role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.admin
|
||||
role:hs_office_person#HostsharingeG.owner --> role:hs_office_person#HostsharingeG.admin
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.admin --> role:hs_office_membership#M-1000114.owner
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.owner --> role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.admin
|
||||
user:person-HostsharingeG --> role:hs_office_person#HostsharingeG.owner
|
||||
user:superuser-alex --> role:global#global.admin
|
||||
user:superuser-alex --> role:hs_office_membership#M-1000114.owner
|
||||
user:superuser-alex --> role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.owner
|
||||
user:superuser-fran --> role:global#global.admin
|
||||
```
|
@ -1,101 +0,0 @@
|
||||
### all grants to debitorRelationAgent_canNotDeleteTheirRelatedMembership-select
|
||||
|
||||
```mermaid
|
||||
%%{init:{'flowchart':{'htmlLabels':false}}}%%
|
||||
|
||||
%% too many grants, graph is cropped
|
||||
flowchart TB
|
||||
|
||||
subgraph hs_office_membership#M-1000114[hs_office_membership#M-1000114]
|
||||
|
||||
perm:SELECT:on:hs_office_membership#M-1000114{{SELECT
|
||||
ref:296e0eae-f64c-43c5-818a-84674d7f9af6}}
|
||||
|
||||
role:hs_office_membership#M-1000114.admin[admin
|
||||
ref:2e6a4161-6244-4414-9bee-0a059ed76e79]
|
||||
|
||||
role:hs_office_membership#M-1000114.owner[owner
|
||||
ref:3da05812-0992-473c-ba8c-0e66ca33f039]
|
||||
|
||||
role:hs_office_membership#M-1000114.referrer[referrer
|
||||
ref:fc27995b-e981-4dfe-9d6b-d9e824b1b5c2]
|
||||
|
||||
end
|
||||
|
||||
subgraph global#global[global#global]
|
||||
|
||||
role:global#global.admin[admin
|
||||
ref:eedfafb8-db39-45ac-b4c2-2b30699f4f72]
|
||||
|
||||
end
|
||||
|
||||
subgraph hs_office_person#FirstGmbH[hs_office_person#FirstGmbH]
|
||||
|
||||
role:hs_office_person#FirstGmbH.admin[admin
|
||||
ref:870be03d-84ff-4a77-bfe8-8aaab81ee923]
|
||||
|
||||
role:hs_office_person#FirstGmbH.owner[owner
|
||||
ref:1ea6bff9-6d8f-4377-8cf9-7c11f00066e1]
|
||||
|
||||
end
|
||||
|
||||
subgraph hs_office_person#HostsharingeG[hs_office_person#HostsharingeG]
|
||||
|
||||
role:hs_office_person#HostsharingeG.admin[admin
|
||||
ref:c40db171-9d99-4feb-8d91-d9befb053373]
|
||||
|
||||
role:hs_office_person#HostsharingeG.owner[owner
|
||||
ref:626f0656-d00e-471d-a145-72a96180d0d2]
|
||||
|
||||
end
|
||||
|
||||
subgraph users[users]
|
||||
|
||||
user:person-FirstGmbH(person-FirstGmbH@example.com
|
||||
ref:375cf977-3c7b-4590-9b5c-ea7a5f6af971)
|
||||
|
||||
user:person-HostsharingeG(person-HostsharingeG@example.com
|
||||
ref:93e0b9b2-aafd-49fe-b033-10b5e39a0272)
|
||||
|
||||
user:superuser-alex(superuser-alex@hostsharing.net
|
||||
ref:2113a0d5-04c7-4b7f-873c-0a24212bfd4a)
|
||||
|
||||
user:superuser-fran(superuser-fran@hostsharing.net
|
||||
ref:4740f067-13c8-4507-a9b8-c8469c476f5b)
|
||||
|
||||
end
|
||||
|
||||
subgraph hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH[hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH]
|
||||
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.admin[admin
|
||||
ref:12d2ec68-3df4-45ed-9a8d-035f701cf33e]
|
||||
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.agent[agent
|
||||
ref:c949357d-2537-4646-9375-8f01c8ff41e4]
|
||||
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.owner[owner
|
||||
ref:341d44b9-73f0-4048-a3c2-d8c7c73881ff]
|
||||
|
||||
end
|
||||
|
||||
role:global#global.admin --> role:hs_office_person#FirstGmbH.owner
|
||||
role:global#global.admin --> role:hs_office_person#HostsharingeG.owner
|
||||
role:global#global.admin --> role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.owner
|
||||
role:hs_office_membership#M-1000114.admin --> role:hs_office_membership#M-1000114.referrer
|
||||
role:hs_office_membership#M-1000114.owner --> role:hs_office_membership#M-1000114.admin
|
||||
role:hs_office_membership#M-1000114.referrer --> perm:SELECT:on:hs_office_membership#M-1000114
|
||||
role:hs_office_person#FirstGmbH.admin --> role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.agent
|
||||
role:hs_office_person#FirstGmbH.owner --> role:hs_office_person#FirstGmbH.admin
|
||||
role:hs_office_person#HostsharingeG.admin --> role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.admin
|
||||
role:hs_office_person#HostsharingeG.owner --> role:hs_office_person#HostsharingeG.admin
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.admin --> role:hs_office_membership#M-1000114.owner
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.admin --> role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.agent
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.agent --> role:hs_office_membership#M-1000114.admin
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.owner --> role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.admin
|
||||
user:person-FirstGmbH --> role:hs_office_person#FirstGmbH.owner
|
||||
user:person-HostsharingeG --> role:hs_office_person#HostsharingeG.owner
|
||||
user:superuser-alex --> role:global#global.admin
|
||||
user:superuser-alex --> role:hs_office_membership#M-1000114.owner
|
||||
user:superuser-alex --> role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.owner
|
||||
user:superuser-fran --> role:global#global.admin
|
||||
```
|
@ -1,79 +0,0 @@
|
||||
### all grants to debitorRelationAgent_canNotDeleteTheirRelatedMembership
|
||||
|
||||
```mermaid
|
||||
%%{init:{'flowchart':{'htmlLabels':false}}}%%
|
||||
|
||||
%% too many grants, graph is cropped
|
||||
flowchart TB
|
||||
|
||||
subgraph hs_office_membership#M-1000114[hs_office_membership#M-1000114]
|
||||
|
||||
perm:SELECT:on:hs_office_membership#M-1000114{{SELECT
|
||||
ref:9c63ac3a-6868-4295-9aa7-5050458660d0}}
|
||||
|
||||
role:hs_office_membership#M-1000114.admin[admin
|
||||
ref:50d4ac22-73e0-4099-8d22-dfb8fbbc09c8]
|
||||
|
||||
role:hs_office_membership#M-1000114.owner[owner
|
||||
ref:9d1cf21e-6fd3-4d63-9ad4-235aceae23ea]
|
||||
|
||||
role:hs_office_membership#M-1000114.referrer[referrer
|
||||
ref:d27f9a49-9247-4439-a45a-ca220a86cf8f]
|
||||
|
||||
end
|
||||
|
||||
subgraph global#global[global#global]
|
||||
|
||||
role:global#global.admin[admin
|
||||
ref:ee4b7242-17ac-4116-b0ee-7047b3d8b5d9]
|
||||
|
||||
end
|
||||
|
||||
subgraph hs_office_person#HostsharingeG[hs_office_person#HostsharingeG]
|
||||
|
||||
role:hs_office_person#HostsharingeG.admin[admin
|
||||
ref:47c7a3fd-4ccd-4502-b78e-35244041edba]
|
||||
|
||||
role:hs_office_person#HostsharingeG.owner[owner
|
||||
ref:ed265996-7729-46f9-b179-e87a33505930]
|
||||
|
||||
end
|
||||
|
||||
subgraph hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH[hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH]
|
||||
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.admin[admin
|
||||
ref:dd17fffe-15df-4df1-9457-363ffce49ee8]
|
||||
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.owner[owner
|
||||
ref:f6acdf0e-8a5b-4962-aeb8-880096717aee]
|
||||
|
||||
end
|
||||
|
||||
subgraph users[users]
|
||||
|
||||
user:person-HostsharingeG(person-HostsharingeG@example.com
|
||||
ref:5d19b678-9ba8-4f63-be72-5720faf32b96)
|
||||
|
||||
user:superuser-alex(superuser-alex@hostsharing.net
|
||||
ref:4576db49-1670-43ec-aaf1-6439dc1e9b01)
|
||||
|
||||
user:superuser-fran(superuser-fran@hostsharing.net
|
||||
ref:291e0d76-f70d-4cef-ba45-6fd630f1ae8d)
|
||||
|
||||
end
|
||||
|
||||
role:global#global.admin --> role:hs_office_person#HostsharingeG.owner
|
||||
role:global#global.admin --> role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.owner
|
||||
role:hs_office_membership#M-1000114.admin --> role:hs_office_membership#M-1000114.referrer
|
||||
role:hs_office_membership#M-1000114.owner --> role:hs_office_membership#M-1000114.admin
|
||||
role:hs_office_membership#M-1000114.referrer --> perm:SELECT:on:hs_office_membership#M-1000114
|
||||
role:hs_office_person#HostsharingeG.admin --> role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.admin
|
||||
role:hs_office_person#HostsharingeG.owner --> role:hs_office_person#HostsharingeG.admin
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.admin --> role:hs_office_membership#M-1000114.owner
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.owner --> role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.admin
|
||||
user:person-HostsharingeG --> role:hs_office_person#HostsharingeG.owner
|
||||
user:superuser-alex --> role:global#global.admin
|
||||
user:superuser-alex --> role:hs_office_membership#M-1000114.owner
|
||||
user:superuser-alex --> role:hs_office_relation#HostsharingeG-with-PARTNER-FirstGmbH.owner
|
||||
user:superuser-fran --> role:global#global.admin
|
||||
```
|
@ -1,101 +0,0 @@
|
||||
### all grants to membership-select
|
||||
|
||||
```mermaid
|
||||
%%{init:{'flowchart':{'htmlLabels':false}}}%%
|
||||
|
||||
%% too many grants, graph is cropped
|
||||
flowchart TB
|
||||
|
||||
subgraph global#global[global#global]
|
||||
|
||||
role:global#global.admin[admin
|
||||
ref:d1900267-5848-4bed-851b-70bde78ea586]
|
||||
|
||||
end
|
||||
|
||||
subgraph hs_office_person#HostsharingeG[hs_office_person#HostsharingeG]
|
||||
|
||||
role:hs_office_person#HostsharingeG.admin[admin
|
||||
ref:a4be908f-202f-412a-b25d-8bf42082ef86]
|
||||
|
||||
role:hs_office_person#HostsharingeG.owner[owner
|
||||
ref:2032c07b-0227-4eb2-bcbf-8c417ef673c1]
|
||||
|
||||
end
|
||||
|
||||
subgraph hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG[hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG]
|
||||
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.admin[admin
|
||||
ref:aa6dc584-7e50-4f9e-85ff-23792683802f]
|
||||
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.agent[agent
|
||||
ref:a8688860-53c3-45ff-92ce-9442d28d9196]
|
||||
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.owner[owner
|
||||
ref:d0fb0a29-f7f0-48f9-82be-151c4ea3f4ec]
|
||||
|
||||
end
|
||||
|
||||
subgraph hs_office_person#ThirdOHG[hs_office_person#ThirdOHG]
|
||||
|
||||
role:hs_office_person#ThirdOHG.admin[admin
|
||||
ref:c8b186f5-17d0-460e-aa39-cca1f5f8404d]
|
||||
|
||||
role:hs_office_person#ThirdOHG.owner[owner
|
||||
ref:a0ed218b-a0cf-417d-8f82-73eae57e67f8]
|
||||
|
||||
end
|
||||
|
||||
subgraph users[users]
|
||||
|
||||
user:person-HostsharingeG(person-HostsharingeG@example.com
|
||||
ref:cc50ddc1-a722-47d7-984f-3094877e4496)
|
||||
|
||||
user:person-ThirdOHG(person-ThirdOHG@example.com
|
||||
ref:494c39a5-b410-4578-8d69-d026493c6731)
|
||||
|
||||
user:superuser-alex(superuser-alex@hostsharing.net
|
||||
ref:a580e215-2243-4c7e-a9e3-169b237b86b4)
|
||||
|
||||
user:superuser-fran(superuser-fran@hostsharing.net
|
||||
ref:ce6958ec-5e7a-4209-95b2-346c2eaaa22c)
|
||||
|
||||
end
|
||||
|
||||
subgraph hs_office_membership#M-1000303[hs_office_membership#M-1000303]
|
||||
|
||||
perm:SELECT:on:hs_office_membership#M-1000303{{SELECT
|
||||
ref:a1eb00eb-3f0f-471c-bf97-ce415e6991ab}}
|
||||
|
||||
role:hs_office_membership#M-1000303.admin[admin
|
||||
ref:a7eece29-79d1-4d41-beb8-2900b899e087]
|
||||
|
||||
role:hs_office_membership#M-1000303.owner[owner
|
||||
ref:8eee38e9-7bb2-4ad7-b427-3999e1c66fd1]
|
||||
|
||||
role:hs_office_membership#M-1000303.referrer[referrer
|
||||
ref:49506b45-aa23-495e-8938-e54b635691ae]
|
||||
|
||||
end
|
||||
|
||||
role:global#global.admin --> role:hs_office_person#HostsharingeG.owner
|
||||
role:global#global.admin --> role:hs_office_person#ThirdOHG.owner
|
||||
role:global#global.admin --> role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.owner
|
||||
role:hs_office_membership#M-1000303.admin --> role:hs_office_membership#M-1000303.referrer
|
||||
role:hs_office_membership#M-1000303.owner --> role:hs_office_membership#M-1000303.admin
|
||||
role:hs_office_membership#M-1000303.referrer --> perm:SELECT:on:hs_office_membership#M-1000303
|
||||
role:hs_office_person#HostsharingeG.admin --> role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.admin
|
||||
role:hs_office_person#HostsharingeG.owner --> role:hs_office_person#HostsharingeG.admin
|
||||
role:hs_office_person#ThirdOHG.admin --> role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.agent
|
||||
role:hs_office_person#ThirdOHG.owner --> role:hs_office_person#ThirdOHG.admin
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.admin --> role:hs_office_membership#M-1000303.owner
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.admin --> role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.agent
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.agent --> role:hs_office_membership#M-1000303.admin
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.owner --> role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.admin
|
||||
user:person-HostsharingeG --> role:hs_office_person#HostsharingeG.owner
|
||||
user:person-ThirdOHG --> role:hs_office_person#ThirdOHG.owner
|
||||
user:superuser-alex --> role:global#global.admin
|
||||
user:superuser-alex --> role:hs_office_membership#M-1000303.owner
|
||||
user:superuser-alex --> role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.owner
|
||||
user:superuser-fran --> role:global#global.admin
|
||||
```
|
@ -1,108 +0,0 @@
|
||||
### all grants to partner-updated
|
||||
|
||||
```mermaid
|
||||
%%{init:{'flowchart':{'htmlLabels':false}}}%%
|
||||
|
||||
flowchart TB
|
||||
|
||||
subgraph global#global[global#global]
|
||||
|
||||
role:global#global.admin[admin
|
||||
ref:b7a0455f-4704-41f5-8ddc-70692bc46c01]
|
||||
|
||||
end
|
||||
|
||||
subgraph hs_office_partner#P-20036[hs_office_partner#P-20036]
|
||||
|
||||
perm:SELECT:on:hs_office_partner#P-20036{{SELECT
|
||||
ref:da2165d9-fb71-46ed-87bc-fed19e5de092}}
|
||||
|
||||
end
|
||||
|
||||
subgraph hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG[hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG]
|
||||
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.admin[admin
|
||||
ref:dbefd579-063d-4e06-a9c4-e7ab27288dea]
|
||||
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.agent[agent
|
||||
ref:3cd435a3-9f4f-4acc-a035-f781329db167]
|
||||
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.owner[owner
|
||||
ref:4438ef8f-1fad-4a46-b562-3bdac51b7932]
|
||||
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.tenant[tenant
|
||||
ref:14d138a2-1142-4ae8-b089-a8659654dcc5]
|
||||
|
||||
end
|
||||
|
||||
subgraph hs_office_person#HostsharingeG[hs_office_person#HostsharingeG]
|
||||
|
||||
role:hs_office_person#HostsharingeG.admin[admin
|
||||
ref:fb52b042-8204-4f96-86c7-ebf7e215aba4]
|
||||
|
||||
role:hs_office_person#HostsharingeG.owner[owner
|
||||
ref:1483555f-72af-40fc-bfed-5c9d13304d94]
|
||||
|
||||
end
|
||||
|
||||
subgraph hs_office_contact#sixthcontact[hs_office_contact#sixthcontact]
|
||||
|
||||
role:hs_office_contact#sixthcontact.admin[admin
|
||||
ref:3bb16898-f7f4-4dc3-9a45-8756462cc246]
|
||||
|
||||
role:hs_office_contact#sixthcontact.owner[owner
|
||||
ref:625707ee-ef28-4e38-8be5-e0126158f86f]
|
||||
|
||||
end
|
||||
|
||||
subgraph hs_office_person#ThirdOHG[hs_office_person#ThirdOHG]
|
||||
|
||||
role:hs_office_person#ThirdOHG.admin[admin
|
||||
ref:eccc1981-a813-4d6b-95cd-33ea310b1e8f]
|
||||
|
||||
role:hs_office_person#ThirdOHG.owner[owner
|
||||
ref:bffe1bc4-5a28-4bb5-8008-1d9189eed0dd]
|
||||
|
||||
end
|
||||
|
||||
subgraph users[users]
|
||||
|
||||
user:contact-admin(contact-admin@sixthcontact.example.com
|
||||
ref:4781a32f-7e5b-436f-8fa0-724cc1b8d74a)
|
||||
|
||||
user:person-HostsharingeG(person-HostsharingeG@example.com
|
||||
ref:e5f21c56-448f-4e69-8421-ad92439ea2db)
|
||||
|
||||
user:person-ThirdOHG(person-ThirdOHG@example.com
|
||||
ref:92c46960-abce-4763-9b10-d6682abed8ff)
|
||||
|
||||
user:superuser-alex(superuser-alex@hostsharing.net
|
||||
ref:bd7ba8ed-57cb-40e0-ab8a-c897f107bddc)
|
||||
|
||||
user:superuser-fran(superuser-fran@hostsharing.net
|
||||
ref:5800fee5-7919-4ef8-9ff8-353f1159925a)
|
||||
|
||||
end
|
||||
|
||||
role:global#global.admin --> role:hs_office_contact#sixthcontact.owner
|
||||
role:global#global.admin --> role:hs_office_person#HostsharingeG.owner
|
||||
role:global#global.admin --> role:hs_office_person#ThirdOHG.owner
|
||||
role:global#global.admin --> role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.owner
|
||||
role:hs_office_contact#sixthcontact.admin --> role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.tenant
|
||||
role:hs_office_contact#sixthcontact.owner --> role:hs_office_contact#sixthcontact.admin
|
||||
role:hs_office_person#HostsharingeG.admin --> role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.admin
|
||||
role:hs_office_person#HostsharingeG.owner --> role:hs_office_person#HostsharingeG.admin
|
||||
role:hs_office_person#ThirdOHG.admin --> role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.agent
|
||||
role:hs_office_person#ThirdOHG.admin --> role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.tenant
|
||||
role:hs_office_person#ThirdOHG.owner --> role:hs_office_person#ThirdOHG.admin
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.admin --> role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.agent
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.agent --> role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.tenant
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.owner --> role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.admin
|
||||
role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.tenant --> perm:SELECT:on:hs_office_partner#P-20036
|
||||
user:contact-admin --> role:hs_office_contact#sixthcontact.owner
|
||||
user:person-HostsharingeG --> role:hs_office_person#HostsharingeG.owner
|
||||
user:person-ThirdOHG --> role:hs_office_person#ThirdOHG.owner
|
||||
user:superuser-alex --> role:global#global.admin
|
||||
user:superuser-alex --> role:hs_office_relation#HostsharingeG-with-PARTNER-ThirdOHG.owner
|
||||
user:superuser-fran --> role:global#global.admin
|
||||
```
|
Loading…
Reference in New Issue
Block a user