Commit 6ddeff64 authored by Jonathon Duerig's avatar Jonathon Duerig

Final tweaks to new policy extensions for credential.

Added generation of policy.xsd to xsdgen. Set final namespace and schema locations in GeniUtil. Moved schema to final location.
parent 5aa38356
......@@ -31,10 +31,10 @@ my $group = "GeniSlices";
use vars qw($EXTENSIONS_NS $XSI_NS $EXTENSIONS_PREFIX $EXTENSIONS_SCHEMA_LOCATION);
#Extensions namespace URI.
# TODO: pick the right NS URI, prefix and update here.
$EXTENSIONS_NS = "http://www.protogeni.net/resources/credential/ext/policy/1.0";
$EXTENSIONS_NS = "http://www.protogeni.net/resources/credential/ext/policy/1";
$XSI_NS = "http://www.w3.org/2001/XMLSchema-instance";
$EXTENSIONS_PREFIX = "policyExt";
$EXTENSIONS_SCHEMA_LOCATION = "file:///home/srikanth/schema/policy.xsd";
$EXTENSIONS_SCHEMA_LOCATION = "http://www.protogeni.net/resources/credential/ext/policy/1/policy.xsd";
sub GENI_PURGEFLAG() { return 1; }
......
......@@ -50,3 +50,12 @@ for path in ext/gre-tunnel/1; do
fi
done
done
cd ../security
for path in ext/policy/1; do
if [ -e ${path}/policy.rnc ]; then
$TRANGCMD ${path}/policy.rnc ${path}/policy.xsd
sudo scp ${path}/policy.xsd ${path}/policy.rnc ops.emulab.net:/usr/local/www.geni/data/trac/resources/credential/${path}/
fi
done
<?xml version="1.0" encoding="UTF-8"?>
<!--
Your extension should have its own namespace to disambiguate it from
others.
-->
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" targetNamespace="http://www.protogeni.net/resources/credential/ext/policy/1.0" xmlns:policy="http://www.protogeni.net/resources/credential/ext/policy/1.0">
<!--
This is meant to specify maximum sliver lifetime,
that will be honored by the CM. It takes precedence over
the default limit imposed by CM on all users.
-->
<xs:element name="max_sliver_lifetime" type="xs:integer"/>
<!--
It is meant to specify exception limits to resource allocation
at the granularity of node type.
-->
<xs:element name="component_type">
<xs:complexType>
<xs:attribute name="type" use="required" type="xs:string"/>
<xs:attribute name="count" use="required" type="xs:string"/>
</xs:complexType>
</xs:element>
<!--
It allows CM to limit the total number of components allocated
to a user within a slice.
-->
<xs:element name="max_components">
<xs:complexType>
<xs:sequence>
<xs:element minOccurs="0" maxOccurs="unbounded" ref="policy:component_type"/>
</xs:sequence>
<xs:attribute name="limit" use="required" type="xs:integer"/>
</xs:complexType>
</xs:element>
<!--
policy exceptions enable CM to let specific users
pass through certain policies.
-->
<xs:element name="policy_exceptions">
<xs:complexType>
<xs:sequence>
<xs:element minOccurs="0" maxOccurs="unbounded" ref="policy:policy"/>
</xs:sequence>
</xs:complexType>
</xs:element>
<xs:element name="policy" type="xs:string"/>
<!-- All of the above are extensions specified in credential. -->
</xs:schema>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment