//----------------------------------------------------------------------------
//
// Copyright (c) Intel Corporation, 2003 - 2012 All Rights Reserved.
//
// File: CIM_Privilege.cs
//
// Contents: Privilege is the base class for all types of activities which are granted or denied by a Role or an Identity. Whether an individual Privilege is granted or denied is defined using the PrivilegeGranted boolean. Any Privileges not specifically granted are assumed to be denied. An explicit deny (Privilege Granted = FALSE) takes precedence over any granted Privileges.
//
// The association of subjects (Roles and Identities) to Privileges is accomplished using policy or explicitly via the associations on a subclass. The entities that are protected (targets) can be similarly defined.
//
// Note that Privileges may be inherited through hierarchical Roles, or may overlap. For example, a Privilege denying any instance Writes in a particular CIM Server Namespace would overlap with a Privilege defining specific access rights at an instance level within that Namespace. In this example, the AuthorizedSubjects are either Identities or Roles, and the AuthorizedTargets are a Namespace in the former case, and a particular instance in the latter.
// This file was automatically generated from CIM_Privilege.mof
//
//----------------------------------------------------------------------------
using System;
using System.Collections.Generic;
using System.Collections.ObjectModel;
using System.Text;
using System.Globalization;
using System.Xml.Serialization;
using System.IO;
using Intel.Manageability.WSManagement;
using Intel.Manageability.Cim.Untyped;
namespace Intel.Manageability.Cim.Typed
{
///
///Privilege is the base class for all types of activities which are granted or denied by a Role or an Identity. Whether an individual Privilege is granted or denied is defined using the PrivilegeGranted boolean. Any Privileges not specifically granted are assumed to be denied. An explicit deny (Privilege Granted = FALSE) takes precedence over any granted Privileges.
///The association of subjects (Roles and Identities) to Privileges is accomplished using policy or explicitly via the associations on a subclass. The entities that are protected (targets) can be similarly defined.
///Note that Privileges may be inherited through hierarchical Roles, or may overlap. For example, a Privilege denying any instance Writes in a particular CIM Server Namespace would overlap with a Privilege defining specific access rights at an instance level within that Namespace. In this example, the AuthorizedSubjects are either Identities or Roles, and the AuthorizedTargets are a Namespace in the former case, and a particular instance in the latter.
///
[System.SerializableAttribute()]
[System.Xml.Serialization.XmlTypeAttribute(Namespace="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_Privilege")]
[System.Xml.Serialization.XmlRootAttribute("CIM_Privilege", Namespace="http://schemas.dmtf.org/wbem/wscim/1/cim-schema/2/CIM_Privilege", IsNullable=false)]
public class CIM_Privilege : CIM_ManagedElement
{
///
/// Default constructor.
///
public CIM_Privilege() :base()
{
}
///
/// Constructor that recieves an xml string for deserialization.
///
/// xml string to deserialize
public CIM_Privilege(string xml): base((IWSManClient)null)
{
this.Deserialize(xml);
}
///
/// Constructor which recieves a Ws-Management client object.
///
/// Ws-Management client
public CIM_Privilege(IWSManClient client): base(client)
{
}
///
/// Remove Activities field.
/// Note: This method will succeed only if this field is optional in the concrete object.
///
public virtual void RemoveActivities()
{
RemoveField("Activities");
}
///
/// Is true if the field Activities exists in the current object,
/// otherwise is false.
///
public virtual bool ActivitiesExist
{
get
{
return ContainsField("Activities");
}
}
///
/// Optional, An enumeration indicating the activities that are granted or denied. These activities apply to all entities specified in the ActivityQualifiers array. The values in the enumeration are straightforward except for one, 4="Detect". This value indicates that the existence or presence of an entity may be determined, but not necessarily specific data (which requires the Read privilege to be true). This activity is exemplified by 'hidden files'- if you list the contents of a directory, you will not see hidden files. However, if you know a specific file name, or know how to expose hidden files, then they can be 'detected'. Another example is the ability to define search privileges in directory implementations.
///
[CimField(false, false)]
public virtual ushort[] Activities
{
get
{
return CimTypesUtils.StringArrayToArray(this["Activities"]);
}
set
{
string[] arr = CimTypesUtils.ArrayToStringArray(value);
this.SetOrAddField("Activities", arr);
}
}
///
/// Remove ActivityQualifiers field.
/// Note: This method will succeed only if this field is optional in the concrete object.
///
public virtual void RemoveActivityQualifiers()
{
RemoveField("ActivityQualifiers");
}
///
/// Is true if the field ActivityQualifiers exists in the current object,
/// otherwise is false.
///
public virtual bool ActivityQualifiersExist
{
get
{
return ContainsField("ActivityQualifiers");
}
}
///
/// Optional, The ActivityQualifiers property is an array of string values used to further qualify and specify the privileges granted or denied. For example, it is used to specify a set of files for which 'Read'/'Write' access is permitted or denied. Or, it defines a class' methods that may be 'Executed'. Details on the semantics of the individual entries in ActivityQualifiers are provided by corresponding entries in the QualifierFormats array.
///
[CimField(false, false)]
public virtual string[] ActivityQualifiers
{
get
{
return CimTypesUtils.StringArrayToArray(this["ActivityQualifiers"]);
}
set
{
string[] arr = CimTypesUtils.ArrayToStringArray(value);
this.SetOrAddField("ActivityQualifiers", arr);
}
}
///
/// Key, Required, Within the scope of the instantiating Namespace, InstanceID opaquely and uniquely identifies an instance of this class. In order to ensure uniqueness within the NameSpace, the value of InstanceID SHOULD be constructed using the following 'preferred' algorithm:
/// <OrgID>:<LocalID>
/// Where <OrgID> and <LocalID> are separated by a colon ':', and where <OrgID> MUST include a copyrighted, trademarked or otherwise unique name that is owned by the business entity creating/defining the InstanceID, or is a registered ID that is assigned to the business entity by a recognized global authority. (This is similar to the <Schema Name>_<Class Name> structure of Schema class names.) In addition, to ensure uniqueness <OrgID> MUST NOT contain a colon (':'). When using this algorithm, the first colon to appear in InstanceID MUST appear between <OrgID> and <LocalID>.
/// <LocalID> is chosen by the business entity and SHOULD not be re-used to identify different underlying (real-world) elements. If the above 'preferred' algorithm is not used, the defining entity MUST assure that the resultant InstanceID is not re-used across any InstanceIDs produced by this or other providers for this instance's NameSpace. For DMTF defined instances, the 'preferred' algorithm MUST be used with the <OrgID> set to 'CIM'.
///
[CimField(true, true)]
public override string InstanceID
{
get
{
return this.GetField("InstanceID")[0];
}
set
{
this.SetOrAddField("InstanceID",value);
}
}
///
/// Remove PrivilegeGranted field.
/// Note: This method will succeed only if this field is optional in the concrete object.
///
public virtual void RemovePrivilegeGranted()
{
RemoveField("PrivilegeGranted");
}
///
/// Is true if the field PrivilegeGranted exists in the current object,
/// otherwise is false.
///
public virtual bool PrivilegeGrantedExist
{
get
{
return ContainsField("PrivilegeGranted");
}
}
///
/// Optional, Boolean indicating whether the Privilege is granted (TRUE) or denied (FALSE). The default is to grant permission.
///
[CimField(false, false)]
public virtual bool PrivilegeGranted
{
get
{
return bool.Parse(this["PrivilegeGranted"][0]);
}
set
{
this.SetOrAddField("PrivilegeGranted",value.ToString().ToLower(CultureInfo.InvariantCulture));
}
}
///
/// Remove QualifierFormats field.
/// Note: This method will succeed only if this field is optional in the concrete object.
///
public virtual void RemoveQualifierFormats()
{
RemoveField("QualifierFormats");
}
///
/// Is true if the field QualifierFormats exists in the current object,
/// otherwise is false.
///
public virtual bool QualifierFormatsExist
{
get
{
return ContainsField("QualifierFormats");
}
}
///
/// Optional, Defines the semantics of corresponding entries in the ActivityQualifiers array. An example of each of these 'formats' and their use follows:
/// - 2=Class Name. Example: If the authorization target is a CIM Service or a Namespace, then the ActivityQualifiers entries can define a list of classes that the authorized subject is able to create or delete.
/// - 3=<Class.>Property. Example: If the authorization target is a CIM Service, Namespace or Collection of instances, then the ActivityQualifiers entries can define the class properties that may or may not be accessed. In this case, the class names are specified with the property names to avoid ambiguity - since a CIM Service, Namespace or Collection could manage multiple classes. On the other hand, if the authorization target is an individual instance, then there is no possible ambiguity and the class name may be omitted. To specify ALL properties, the wildcard string "*" should be used.
/// - 4=<Class.>Method. This example is very similar to the Property one, above. And, as above, the string "*" may be specified to select ALL methods.
/// - 5=Object Reference. Example: If the authorization target is a CIM Service or Namespace, then the ActivityQualifiers entries can define a list of object references (as strings) that the authorized subject can access.
/// - 6=Namespace. Example: If the authorization target is a CIM Service, then the ActivityQualifiers entries can define a list of Namespaces that the authorized subject is able to access.
/// - 7=URL. Example: An authorization target may not be defined, but a Privilege could be used to deny access to specific URLs by individual Identities or for specific Roles, such as the 'under 17' Role.
/// - 8=Directory/File Name. Example: If the authorization target is a FileSystem, then the ActivityQualifiers entries can define a list of directories and files whose access is protected.
/// - 9=Command Line Instruction. Example: If the authorization target is a ComputerSystem or Service, then the ActivityQualifiers entries can define a list of command line instructions that may or may not be 'Executed' by the authorized subjects.
/// - 10=SCSI Command, using a format of 'CDB=xx[,Page=pp]'. For example, the ability to select the VPD page of the Inquiry command is encoded as 'CDB=12,Page=83' in the corresponding ActivityQualifiers entry. A '*' may be used to indicate all CDBs or Page numbers.
/// - 11=Packets. Example: The transmission of packets is permitted or denied by the Privilege for the target (a ComputerSystem, ProtocolEndpoint, Pipe, or other ManagedSystemElement).
///
[CimField(false, false)]
public virtual ushort[] QualifierFormats
{
get
{
return CimTypesUtils.StringArrayToArray(this["QualifierFormats"]);
}
set
{
string[] arr = CimTypesUtils.ArrayToStringArray(value);
this.SetOrAddField("QualifierFormats", arr);
}
}
///
/// Remove RepresentsAuthorizationRights field.
/// Note: This method will succeed only if this field is optional in the concrete object.
///
public virtual void RemoveRepresentsAuthorizationRights()
{
RemoveField("RepresentsAuthorizationRights");
}
///
/// Is true if the field RepresentsAuthorizationRights exists in the current object,
/// otherwise is false.
///
public virtual bool RepresentsAuthorizationRightsExist
{
get
{
return ContainsField("RepresentsAuthorizationRights");
}
}
///
/// Optional, The RepresentsAuthorizationRights flag indicates whether the rights defined by this instance should be interpreted as rights of Subjects to access Targets or as rights of Subjects to change those rights on/for Targets.
///
[CimField(false, false)]
public virtual bool RepresentsAuthorizationRights
{
get
{
return bool.Parse(this["RepresentsAuthorizationRights"][0]);
}
set
{
this.SetOrAddField("RepresentsAuthorizationRights",value.ToString().ToLower(CultureInfo.InvariantCulture));
}
}
///
/// Enumerate instances of CIM_Privilege class at an endpoint.
///
/// WS-Management client
/// Keys for selecting the instances
/// Collection of CIM_Privilege objects
public static new Collection Enumerate(IWSManClient client, CimBase.CimKeys cimKeys)
{
List ret = CimBase.Enumerate(client, cimKeys);
return new Collection(ret);
}
///
/// Enumerate instances of CIM_Privilege class at an endpoint.
///
/// WS-Management client
/// Collection of CIM_Privilege objects
public static new Collection Enumerate(IWSManClient client)
{
List ret = CimBase.Enumerate(client);
return new Collection(ret);
}
///
/// Delete the instance of CIM_Privilege if it is singular.
/// Note: This method will succeed only if a single instance of the class exists.
///
/// WS-Management client
public static new void Delete(IWSManClient client)
{
CimBase.Delete(client);
}
///
/// Represents the keys of the CIM_Privilege class.
///
public new class CimKeys : CIM_ManagedElement.CimKeys
{
///
/// Key, Required, Within the scope of the instantiating Namespace, InstanceID opaquely and uniquely identifies an instance of this class. In order to ensure uniqueness within the NameSpace, the value of InstanceID SHOULD be constructed using the following 'preferred' algorithm:
/// <OrgID>:<LocalID>
/// Where <OrgID> and <LocalID> are separated by a colon ':', and where <OrgID> MUST include a copyrighted, trademarked or otherwise unique name that is owned by the business entity creating/defining the InstanceID, or is a registered ID that is assigned to the business entity by a recognized global authority. (This is similar to the <Schema Name>_<Class Name> structure of Schema class names.) In addition, to ensure uniqueness <OrgID> MUST NOT contain a colon (':'). When using this algorithm, the first colon to appear in InstanceID MUST appear between <OrgID> and <LocalID>.
/// <LocalID> is chosen by the business entity and SHOULD not be re-used to identify different underlying (real-world) elements. If the above 'preferred' algorithm is not used, the defining entity MUST assure that the resultant InstanceID is not re-used across any InstanceIDs produced by this or other providers for this instance's NameSpace. For DMTF defined instances, the 'preferred' algorithm MUST be used with the <OrgID> set to 'CIM'.
///
public virtual string InstanceID
{
get
{
return GetKey("InstanceID");
}
set
{
SetOrAddKey("InstanceID", value);
}
}
}
}
}