Authorization schema tables

This set of tables contains the information about the authorization of users and apps to grant access to specific Data Storage Units (DSU), Entities and Providers.

Identity table

This table represents identities, they can be for a user or an app. The authentication is performed by Identity Server.

Column Description
Id Identity identifier
Username Username when the identity represents a user
FriendlyName A more human readable name to represent the identity
ClientId Identifier of the client in Identity Server

IdentityAccess table

IdentityAccess stores the permissions that an identity has over the different types of elements: Data Storage Units, Entities and Providers.

Column Description
Id IdentityAccess identifier
IdIdentity Identifier of the identity
MetadataAccessLevel Access level to the metadata of the selected element type -DSU, entity, provider-. A sample of value would be ReadWriteDelete
DataAccessLevel Access level to the data of the selected element type -DSU, entity, provider-. A sample of value would be ReadWriteDelete
SecurityPath Path of identifiers of the selected element to be authorized. The path follows the Metadata hierarchy model, e.g. 1/10/100 represents the entity with Id 100 that is associated with the provider with Id 10 that belongs to the DSU with Id 1
IdDataStorageUnit Identifier of the selected Data Storage Unit to which the access levels will be applied. If it contains a value, the IdEntity and IdProvider must be NULL
IdEntity Identifier of the selected Entity to which the access levels will be applied. If it contains a value, the IdDataStorageUnit and IdProvider must be NULL
IdProvider Identifier of the selected Provider to which the access levels will be applied. If it contains a value, the IdDataStorageUnit and IdEntity must be NULL
Filter JSON structure containing a list of pairs -attribute and values- used for filtering. The values property is also list

A sample of value for the Filter column:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
"filter": [
  {
    "attribute": "geography",
    "values": ["Ireland", "Spain"]
  },
  {
    "attribute": "brand",
    "values": ["Honda", "Suzuki"]
  }
]

Role table

This table represents the roles used for authorization.

Column Description
Id Role identifier
Name Name of the role
Description Description of the role

IdentityRole table

IdentityRole implements the relationship between Identity and Role. An identity can have a relationship with many roles. A role can have many Identities.

Column Description
IdIdentity Identifier of the Identity
IdRole Identifier of the Role