jfraeysd/fetch_ml
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 1
fetch_ml/configs/schema/permissions_schema.yaml
Jeremie Fraeys cd5640ebd2 Slim and secure: move scripts, clean configs, remove secrets 
- Move ci-test.sh and setup.sh to scripts/
- Trim docs/src/zig-cli.md to current structure
- Replace hardcoded secrets with placeholders in configs
- Update .gitignore to block .env*, secrets/, keys, build artifacts
- Slim README.md to reflect current CLI/TUI split
- Add cleanup trap to ci-test.sh
- Ensure no secrets are committed
2025-12-07 13:57:51 -05:00

102 lines
2.6 KiB
YAML
Raw Blame History

# Fetch ML Permissions Configuration Schema (JSON Schema expressed as YAML)
$schema: "http://json-schema.org/draft-07/schema#"
title: "Fetch ML Permissions Configuration"
type: object
additionalProperties: false
required:
- roles
properties:
roles:
type: object
description: Role-based permissions configuration
additionalProperties:
type: object
additionalProperties: false
required:
- description
- permissions
properties:
description:
type: string
description: Human-readable role description
permissions:
type: array
description: List of permissions for this role
items:
type: string
pattern: "^[^:]+:[^:]+$"
description: Permission in format resource:action
groups:
type: object
description: Permission groups for easier management
additionalProperties:
type: object
additionalProperties: false
required:
- description
properties:
description:
type: string
description: Group description
inherits:
type: array
description: Roles to inherit permissions from
items:
type: string
permissions:
type: array
description: Additional permissions for this group
items:
type: string
pattern: "^[^:]+:[^:]+$"
hierarchy:
type: object
description: Resource hierarchy for permission inheritance
additionalProperties:
type: object
additionalProperties: false
properties:
children:
type: object
description: Child permissions
additionalProperties:
type: boolean
special:
type: object
description: Special permission rules
additionalProperties:
type: string
defaults:
type: object
description: Default permission settings
additionalProperties: false
properties:
new_user_role:
type: string
description: Default role for new users
default: "viewer"
admin_users:
type: array
description: Users with admin privileges
items:
type: string
default: ["admin", "root", "system"]
# Examples section (not part of schema but for documentation)
examples:
- |
roles:
admin:
description: "Full system access"
permissions: ["*"]
data_scientist:
description: "ML experiment management"
permissions:
- "jobs:create"
- "jobs:read"
- "data:read"
- "models:create"
Reference in a new issue View git blame Copy permalink