diff --git a/examples/legacy_policy.json b/examples/legacy_policy.json new file mode 100644 index 0000000..2f8b04a --- /dev/null +++ b/examples/legacy_policy.json @@ -0,0 +1,166 @@ +{ + "example": { + "CERTIFICATE": { + "LOCATE": "ALLOW_ALL", + "CHECK": "ALLOW_ALL", + "GET": "ALLOW_ALL", + "GET_ATTRIBUTES": "ALLOW_ALL", + "GET_ATTRIBUTE_LIST": "ALLOW_ALL", + "ADD_ATTRIBUTE": "ALLOW_OWNER", + "MODIFY_ATTRIBUTE": "ALLOW_OWNER", + "DELETE_ATTRIBUTE": "ALLOW_OWNER", + "OBTAIN_LEASE": "ALLOW_ALL", + "ACTIVATE": "ALLOW_OWNER", + "REVOKE": "ALLOW_OWNER", + "DESTROY": "ALLOW_OWNER", + "ARCHIVE": "ALLOW_OWNER", + "RECOVER": "ALLOW_OWNER" + }, + "SYMMETRIC_KEY": { + "REKEY": "ALLOW_OWNER", + "REKEY_KEY_PAIR": "ALLOW_OWNER", + "DERIVE_KEY": "ALLOW_OWNER", + "LOCATE": "ALLOW_OWNER", + "CHECK": "ALLOW_OWNER", + "GET": "ALLOW_OWNER", + "GET_ATTRIBUTES": "ALLOW_OWNER", + "GET_ATTRIBUTE_LIST": "ALLOW_OWNER", + "ADD_ATTRIBUTE": "ALLOW_OWNER", + "MODIFY_ATTRIBUTE": "ALLOW_OWNER", + "DELETE_ATTRIBUTE": "ALLOW_OWNER", + "OBTAIN_LEASE": "ALLOW_OWNER", + "GET_USAGE_ALLOCATION": "ALLOW_OWNER", + "ACTIVATE": "ALLOW_OWNER", + "REVOKE": "ALLOW_OWNER", + "DESTROY": "ALLOW_OWNER", + "ARCHIVE": "ALLOW_OWNER", + "RECOVER": "ALLOW_OWNER" + }, + "PUBLIC_KEY": { + "LOCATE": "ALLOW_ALL", + "CHECK": "ALLOW_ALL", + "GET": "ALLOW_ALL", + "GET_ATTRIBUTES": "ALLOW_ALL", + "GET_ATTRIBUTE_LIST": "ALLOW_ALL", + "ADD_ATTRIBUTE": "ALLOW_OWNER", + "MODIFY_ATTRIBUTE": "ALLOW_OWNER", + "DELETE_ATTRIBUTE": "ALLOW_OWNER", + "OBTAIN_LEASE": "ALLOW_ALL", + "ACTIVATE": "ALLOW_OWNER", + "REVOKE": "ALLOW_OWNER", + "DESTROY": "ALLOW_OWNER", + "ARCHIVE": "ALLOW_OWNER", + "RECOVER": "ALLOW_OWNER" + }, + "PRIVATE_KEY": { + "REKEY": "ALLOW_OWNER", + "REKEY_KEY_PAIR": "ALLOW_OWNER", + "DERIVE_KEY": "ALLOW_OWNER", + "LOCATE": "ALLOW_OWNER", + "CHECK": "ALLOW_OWNER", + "GET": "ALLOW_OWNER", + "GET_ATTRIBUTES": "ALLOW_OWNER", + "GET_ATTRIBUTE_LIST": "ALLOW_OWNER", + "ADD_ATTRIBUTE": "ALLOW_OWNER", + "MODIFY_ATTRIBUTE": "ALLOW_OWNER", + "DELETE_ATTRIBUTE": "ALLOW_OWNER", + "OBTAIN_LEASE": "ALLOW_OWNER", + "GET_USAGE_ALLOCATION": "ALLOW_OWNER", + "ACTIVATE": "ALLOW_OWNER", + "REVOKE": "ALLOW_OWNER", + "DESTROY": "ALLOW_OWNER", + "ARCHIVE": "ALLOW_OWNER", + "RECOVER": "ALLOW_OWNER" + }, + "SPLIT_KEY": { + "REKEY": "ALLOW_OWNER", + "REKEY_KEY_PAIR": "ALLOW_OWNER", + "DERIVE_KEY": "ALLOW_OWNER", + "LOCATE": "ALLOW_OWNER", + "CHECK": "ALLOW_OWNER", + "GET": "ALLOW_OWNER", + "GET_ATTRIBUTES": "ALLOW_OWNER", + "GET_ATTRIBUTE_LIST": "ALLOW_OWNER", + "ADD_ATTRIBUTE": "ALLOW_OWNER", + "MODIFY_ATTRIBUTE": "ALLOW_OWNER", + "DELETE_ATTRIBUTE": "ALLOW_OWNER", + "OBTAIN_LEASE": "ALLOW_OWNER", + "GET_USAGE_ALLOCATION": "ALLOW_OWNER", + "ACTIVATE": "ALLOW_OWNER", + "REVOKE": "ALLOW_OWNER", + "DESTROY": "ALLOW_OWNER", + "ARCHIVE": "ALLOW_OWNER", + "RECOVER": "ALLOW_OWNER" + }, + "TEMPLATE": { + "LOCATE": "ALLOW_OWNER", + "GET": "ALLOW_OWNER", + "GET_ATTRIBUTES": "ALLOW_OWNER", + "GET_ATTRIBUTE_LIST": "ALLOW_OWNER", + "ADD_ATTRIBUTE": "ALLOW_OWNER", + "MODIFY_ATTRIBUTE": "ALLOW_OWNER", + "DELETE_ATTRIBUTE": "ALLOW_OWNER", + "DESTROY": "ALLOW_OWNER" + }, + "SECRET_DATA": { + "REKEY": "ALLOW_OWNER", + "REKEY_KEY_PAIR": "ALLOW_OWNER", + "DERIVE_KEY": "ALLOW_OWNER", + "LOCATE": "ALLOW_OWNER", + "CHECK": "ALLOW_OWNER", + "GET": "ALLOW_OWNER", + "GET_ATTRIBUTES": "ALLOW_OWNER", + "GET_ATTRIBUTE_LIST": "ALLOW_OWNER", + "ADD_ATTRIBUTE": "ALLOW_OWNER", + "MODIFY_ATTRIBUTE": "ALLOW_OWNER", + "DELETE_ATTRIBUTE": "ALLOW_OWNER", + "OBTAIN_LEASE": "ALLOW_OWNER", + "GET_USAGE_ALLOCATION": "ALLOW_OWNER", + "ACTIVATE": "ALLOW_OWNER", + "REVOKE": "ALLOW_OWNER", + "DESTROY": "ALLOW_OWNER", + "ARCHIVE": "ALLOW_OWNER", + "RECOVER": "ALLOW_OWNER" + }, + "OPAQUE_DATA": { + "REKEY": "ALLOW_OWNER", + "REKEY_KEY_PAIR": "ALLOW_OWNER", + "DERIVE_KEY": "ALLOW_OWNER", + "LOCATE": "ALLOW_OWNER", + "CHECK": "ALLOW_OWNER", + "GET": "ALLOW_OWNER", + "GET_ATTRIBUTES": "ALLOW_OWNER", + "GET_ATTRIBUTE_LIST": "ALLOW_OWNER", + "ADD_ATTRIBUTE": "ALLOW_OWNER", + "MODIFY_ATTRIBUTE": "ALLOW_OWNER", + "DELETE_ATTRIBUTE": "ALLOW_OWNER", + "OBTAIN_LEASE": "ALLOW_OWNER", + "GET_USAGE_ALLOCATION": "ALLOW_OWNER", + "ACTIVATE": "ALLOW_OWNER", + "REVOKE": "ALLOW_OWNER", + "DESTROY": "ALLOW_OWNER", + "ARCHIVE": "ALLOW_OWNER", + "RECOVER": "ALLOW_OWNER" + }, + "PGP_KEY": { + "REKEY": "ALLOW_OWNER", + "REKEY_KEY_PAIR": "ALLOW_OWNER", + "DERIVE_KEY": "ALLOW_OWNER", + "LOCATE": "ALLOW_OWNER", + "CHECK": "ALLOW_OWNER", + "GET": "ALLOW_OWNER", + "GET_ATTRIBUTES": "ALLOW_OWNER", + "GET_ATTRIBUTE_LIST": "ALLOW_OWNER", + "ADD_ATTRIBUTE": "ALLOW_OWNER", + "MODIFY_ATTRIBUTE": "ALLOW_OWNER", + "DELETE_ATTRIBUTE": "ALLOW_OWNER", + "OBTAIN_LEASE": "ALLOW_OWNER", + "GET_USAGE_ALLOCATION": "ALLOW_OWNER", + "ACTIVATE": "ALLOW_OWNER", + "REVOKE": "ALLOW_OWNER", + "DESTROY": "ALLOW_OWNER", + "ARCHIVE": "ALLOW_OWNER", + "RECOVER": "ALLOW_OWNER" + } + } +} diff --git a/examples/policy.json b/examples/policy.json index 2f8b04a..f683b7e 100644 --- a/examples/policy.json +++ b/examples/policy.json @@ -1,166 +1,168 @@ { "example": { - "CERTIFICATE": { - "LOCATE": "ALLOW_ALL", - "CHECK": "ALLOW_ALL", - "GET": "ALLOW_ALL", - "GET_ATTRIBUTES": "ALLOW_ALL", - "GET_ATTRIBUTE_LIST": "ALLOW_ALL", - "ADD_ATTRIBUTE": "ALLOW_OWNER", - "MODIFY_ATTRIBUTE": "ALLOW_OWNER", - "DELETE_ATTRIBUTE": "ALLOW_OWNER", - "OBTAIN_LEASE": "ALLOW_ALL", - "ACTIVATE": "ALLOW_OWNER", - "REVOKE": "ALLOW_OWNER", - "DESTROY": "ALLOW_OWNER", - "ARCHIVE": "ALLOW_OWNER", - "RECOVER": "ALLOW_OWNER" - }, - "SYMMETRIC_KEY": { - "REKEY": "ALLOW_OWNER", - "REKEY_KEY_PAIR": "ALLOW_OWNER", - "DERIVE_KEY": "ALLOW_OWNER", - "LOCATE": "ALLOW_OWNER", - "CHECK": "ALLOW_OWNER", - "GET": "ALLOW_OWNER", - "GET_ATTRIBUTES": "ALLOW_OWNER", - "GET_ATTRIBUTE_LIST": "ALLOW_OWNER", - "ADD_ATTRIBUTE": "ALLOW_OWNER", - "MODIFY_ATTRIBUTE": "ALLOW_OWNER", - "DELETE_ATTRIBUTE": "ALLOW_OWNER", - "OBTAIN_LEASE": "ALLOW_OWNER", - "GET_USAGE_ALLOCATION": "ALLOW_OWNER", - "ACTIVATE": "ALLOW_OWNER", - "REVOKE": "ALLOW_OWNER", - "DESTROY": "ALLOW_OWNER", - "ARCHIVE": "ALLOW_OWNER", - "RECOVER": "ALLOW_OWNER" - }, - "PUBLIC_KEY": { - "LOCATE": "ALLOW_ALL", - "CHECK": "ALLOW_ALL", - "GET": "ALLOW_ALL", - "GET_ATTRIBUTES": "ALLOW_ALL", - "GET_ATTRIBUTE_LIST": "ALLOW_ALL", - "ADD_ATTRIBUTE": "ALLOW_OWNER", - "MODIFY_ATTRIBUTE": "ALLOW_OWNER", - "DELETE_ATTRIBUTE": "ALLOW_OWNER", - "OBTAIN_LEASE": "ALLOW_ALL", - "ACTIVATE": "ALLOW_OWNER", - "REVOKE": "ALLOW_OWNER", - "DESTROY": "ALLOW_OWNER", - "ARCHIVE": "ALLOW_OWNER", - "RECOVER": "ALLOW_OWNER" - }, - "PRIVATE_KEY": { - "REKEY": "ALLOW_OWNER", - "REKEY_KEY_PAIR": "ALLOW_OWNER", - "DERIVE_KEY": "ALLOW_OWNER", - "LOCATE": "ALLOW_OWNER", - "CHECK": "ALLOW_OWNER", - "GET": "ALLOW_OWNER", - "GET_ATTRIBUTES": "ALLOW_OWNER", - "GET_ATTRIBUTE_LIST": "ALLOW_OWNER", - "ADD_ATTRIBUTE": "ALLOW_OWNER", - "MODIFY_ATTRIBUTE": "ALLOW_OWNER", - "DELETE_ATTRIBUTE": "ALLOW_OWNER", - "OBTAIN_LEASE": "ALLOW_OWNER", - "GET_USAGE_ALLOCATION": "ALLOW_OWNER", - "ACTIVATE": "ALLOW_OWNER", - "REVOKE": "ALLOW_OWNER", - "DESTROY": "ALLOW_OWNER", - "ARCHIVE": "ALLOW_OWNER", - "RECOVER": "ALLOW_OWNER" - }, - "SPLIT_KEY": { - "REKEY": "ALLOW_OWNER", - "REKEY_KEY_PAIR": "ALLOW_OWNER", - "DERIVE_KEY": "ALLOW_OWNER", - "LOCATE": "ALLOW_OWNER", - "CHECK": "ALLOW_OWNER", - "GET": "ALLOW_OWNER", - "GET_ATTRIBUTES": "ALLOW_OWNER", - "GET_ATTRIBUTE_LIST": "ALLOW_OWNER", - "ADD_ATTRIBUTE": "ALLOW_OWNER", - "MODIFY_ATTRIBUTE": "ALLOW_OWNER", - "DELETE_ATTRIBUTE": "ALLOW_OWNER", - "OBTAIN_LEASE": "ALLOW_OWNER", - "GET_USAGE_ALLOCATION": "ALLOW_OWNER", - "ACTIVATE": "ALLOW_OWNER", - "REVOKE": "ALLOW_OWNER", - "DESTROY": "ALLOW_OWNER", - "ARCHIVE": "ALLOW_OWNER", - "RECOVER": "ALLOW_OWNER" - }, - "TEMPLATE": { - "LOCATE": "ALLOW_OWNER", - "GET": "ALLOW_OWNER", - "GET_ATTRIBUTES": "ALLOW_OWNER", - "GET_ATTRIBUTE_LIST": "ALLOW_OWNER", - "ADD_ATTRIBUTE": "ALLOW_OWNER", - "MODIFY_ATTRIBUTE": "ALLOW_OWNER", - "DELETE_ATTRIBUTE": "ALLOW_OWNER", - "DESTROY": "ALLOW_OWNER" - }, - "SECRET_DATA": { - "REKEY": "ALLOW_OWNER", - "REKEY_KEY_PAIR": "ALLOW_OWNER", - "DERIVE_KEY": "ALLOW_OWNER", - "LOCATE": "ALLOW_OWNER", - "CHECK": "ALLOW_OWNER", - "GET": "ALLOW_OWNER", - "GET_ATTRIBUTES": "ALLOW_OWNER", - "GET_ATTRIBUTE_LIST": "ALLOW_OWNER", - "ADD_ATTRIBUTE": "ALLOW_OWNER", - "MODIFY_ATTRIBUTE": "ALLOW_OWNER", - "DELETE_ATTRIBUTE": "ALLOW_OWNER", - "OBTAIN_LEASE": "ALLOW_OWNER", - "GET_USAGE_ALLOCATION": "ALLOW_OWNER", - "ACTIVATE": "ALLOW_OWNER", - "REVOKE": "ALLOW_OWNER", - "DESTROY": "ALLOW_OWNER", - "ARCHIVE": "ALLOW_OWNER", - "RECOVER": "ALLOW_OWNER" - }, - "OPAQUE_DATA": { - "REKEY": "ALLOW_OWNER", - "REKEY_KEY_PAIR": "ALLOW_OWNER", - "DERIVE_KEY": "ALLOW_OWNER", - "LOCATE": "ALLOW_OWNER", - "CHECK": "ALLOW_OWNER", - "GET": "ALLOW_OWNER", - "GET_ATTRIBUTES": "ALLOW_OWNER", - "GET_ATTRIBUTE_LIST": "ALLOW_OWNER", - "ADD_ATTRIBUTE": "ALLOW_OWNER", - "MODIFY_ATTRIBUTE": "ALLOW_OWNER", - "DELETE_ATTRIBUTE": "ALLOW_OWNER", - "OBTAIN_LEASE": "ALLOW_OWNER", - "GET_USAGE_ALLOCATION": "ALLOW_OWNER", - "ACTIVATE": "ALLOW_OWNER", - "REVOKE": "ALLOW_OWNER", - "DESTROY": "ALLOW_OWNER", - "ARCHIVE": "ALLOW_OWNER", - "RECOVER": "ALLOW_OWNER" - }, - "PGP_KEY": { - "REKEY": "ALLOW_OWNER", - "REKEY_KEY_PAIR": "ALLOW_OWNER", - "DERIVE_KEY": "ALLOW_OWNER", - "LOCATE": "ALLOW_OWNER", - "CHECK": "ALLOW_OWNER", - "GET": "ALLOW_OWNER", - "GET_ATTRIBUTES": "ALLOW_OWNER", - "GET_ATTRIBUTE_LIST": "ALLOW_OWNER", - "ADD_ATTRIBUTE": "ALLOW_OWNER", - "MODIFY_ATTRIBUTE": "ALLOW_OWNER", - "DELETE_ATTRIBUTE": "ALLOW_OWNER", - "OBTAIN_LEASE": "ALLOW_OWNER", - "GET_USAGE_ALLOCATION": "ALLOW_OWNER", - "ACTIVATE": "ALLOW_OWNER", - "REVOKE": "ALLOW_OWNER", - "DESTROY": "ALLOW_OWNER", - "ARCHIVE": "ALLOW_OWNER", - "RECOVER": "ALLOW_OWNER" + "default": { + "CERTIFICATE": { + "LOCATE": "ALLOW_ALL", + "CHECK": "ALLOW_ALL", + "GET": "ALLOW_ALL", + "GET_ATTRIBUTES": "ALLOW_ALL", + "GET_ATTRIBUTE_LIST": "ALLOW_ALL", + "ADD_ATTRIBUTE": "ALLOW_OWNER", + "MODIFY_ATTRIBUTE": "ALLOW_OWNER", + "DELETE_ATTRIBUTE": "ALLOW_OWNER", + "OBTAIN_LEASE": "ALLOW_ALL", + "ACTIVATE": "ALLOW_OWNER", + "REVOKE": "ALLOW_OWNER", + "DESTROY": "ALLOW_OWNER", + "ARCHIVE": "ALLOW_OWNER", + "RECOVER": "ALLOW_OWNER" + }, + "SYMMETRIC_KEY": { + "REKEY": "ALLOW_OWNER", + "REKEY_KEY_PAIR": "ALLOW_OWNER", + "DERIVE_KEY": "ALLOW_OWNER", + "LOCATE": "ALLOW_OWNER", + "CHECK": "ALLOW_OWNER", + "GET": "ALLOW_OWNER", + "GET_ATTRIBUTES": "ALLOW_OWNER", + "GET_ATTRIBUTE_LIST": "ALLOW_OWNER", + "ADD_ATTRIBUTE": "ALLOW_OWNER", + "MODIFY_ATTRIBUTE": "ALLOW_OWNER", + "DELETE_ATTRIBUTE": "ALLOW_OWNER", + "OBTAIN_LEASE": "ALLOW_OWNER", + "GET_USAGE_ALLOCATION": "ALLOW_OWNER", + "ACTIVATE": "ALLOW_OWNER", + "REVOKE": "ALLOW_OWNER", + "DESTROY": "ALLOW_OWNER", + "ARCHIVE": "ALLOW_OWNER", + "RECOVER": "ALLOW_OWNER" + }, + "PUBLIC_KEY": { + "LOCATE": "ALLOW_ALL", + "CHECK": "ALLOW_ALL", + "GET": "ALLOW_ALL", + "GET_ATTRIBUTES": "ALLOW_ALL", + "GET_ATTRIBUTE_LIST": "ALLOW_ALL", + "ADD_ATTRIBUTE": "ALLOW_OWNER", + "MODIFY_ATTRIBUTE": "ALLOW_OWNER", + "DELETE_ATTRIBUTE": "ALLOW_OWNER", + "OBTAIN_LEASE": "ALLOW_ALL", + "ACTIVATE": "ALLOW_OWNER", + "REVOKE": "ALLOW_OWNER", + "DESTROY": "ALLOW_OWNER", + "ARCHIVE": "ALLOW_OWNER", + "RECOVER": "ALLOW_OWNER" + }, + "PRIVATE_KEY": { + "REKEY": "ALLOW_OWNER", + "REKEY_KEY_PAIR": "ALLOW_OWNER", + "DERIVE_KEY": "ALLOW_OWNER", + "LOCATE": "ALLOW_OWNER", + "CHECK": "ALLOW_OWNER", + "GET": "ALLOW_OWNER", + "GET_ATTRIBUTES": "ALLOW_OWNER", + "GET_ATTRIBUTE_LIST": "ALLOW_OWNER", + "ADD_ATTRIBUTE": "ALLOW_OWNER", + "MODIFY_ATTRIBUTE": "ALLOW_OWNER", + "DELETE_ATTRIBUTE": "ALLOW_OWNER", + "OBTAIN_LEASE": "ALLOW_OWNER", + "GET_USAGE_ALLOCATION": "ALLOW_OWNER", + "ACTIVATE": "ALLOW_OWNER", + "REVOKE": "ALLOW_OWNER", + "DESTROY": "ALLOW_OWNER", + "ARCHIVE": "ALLOW_OWNER", + "RECOVER": "ALLOW_OWNER" + }, + "SPLIT_KEY": { + "REKEY": "ALLOW_OWNER", + "REKEY_KEY_PAIR": "ALLOW_OWNER", + "DERIVE_KEY": "ALLOW_OWNER", + "LOCATE": "ALLOW_OWNER", + "CHECK": "ALLOW_OWNER", + "GET": "ALLOW_OWNER", + "GET_ATTRIBUTES": "ALLOW_OWNER", + "GET_ATTRIBUTE_LIST": "ALLOW_OWNER", + "ADD_ATTRIBUTE": "ALLOW_OWNER", + "MODIFY_ATTRIBUTE": "ALLOW_OWNER", + "DELETE_ATTRIBUTE": "ALLOW_OWNER", + "OBTAIN_LEASE": "ALLOW_OWNER", + "GET_USAGE_ALLOCATION": "ALLOW_OWNER", + "ACTIVATE": "ALLOW_OWNER", + "REVOKE": "ALLOW_OWNER", + "DESTROY": "ALLOW_OWNER", + "ARCHIVE": "ALLOW_OWNER", + "RECOVER": "ALLOW_OWNER" + }, + "TEMPLATE": { + "LOCATE": "ALLOW_OWNER", + "GET": "ALLOW_OWNER", + "GET_ATTRIBUTES": "ALLOW_OWNER", + "GET_ATTRIBUTE_LIST": "ALLOW_OWNER", + "ADD_ATTRIBUTE": "ALLOW_OWNER", + "MODIFY_ATTRIBUTE": "ALLOW_OWNER", + "DELETE_ATTRIBUTE": "ALLOW_OWNER", + "DESTROY": "ALLOW_OWNER" + }, + "SECRET_DATA": { + "REKEY": "ALLOW_OWNER", + "REKEY_KEY_PAIR": "ALLOW_OWNER", + "DERIVE_KEY": "ALLOW_OWNER", + "LOCATE": "ALLOW_OWNER", + "CHECK": "ALLOW_OWNER", + "GET": "ALLOW_OWNER", + "GET_ATTRIBUTES": "ALLOW_OWNER", + "GET_ATTRIBUTE_LIST": "ALLOW_OWNER", + "ADD_ATTRIBUTE": "ALLOW_OWNER", + "MODIFY_ATTRIBUTE": "ALLOW_OWNER", + "DELETE_ATTRIBUTE": "ALLOW_OWNER", + "OBTAIN_LEASE": "ALLOW_OWNER", + "GET_USAGE_ALLOCATION": "ALLOW_OWNER", + "ACTIVATE": "ALLOW_OWNER", + "REVOKE": "ALLOW_OWNER", + "DESTROY": "ALLOW_OWNER", + "ARCHIVE": "ALLOW_OWNER", + "RECOVER": "ALLOW_OWNER" + }, + "OPAQUE_DATA": { + "REKEY": "ALLOW_OWNER", + "REKEY_KEY_PAIR": "ALLOW_OWNER", + "DERIVE_KEY": "ALLOW_OWNER", + "LOCATE": "ALLOW_OWNER", + "CHECK": "ALLOW_OWNER", + "GET": "ALLOW_OWNER", + "GET_ATTRIBUTES": "ALLOW_OWNER", + "GET_ATTRIBUTE_LIST": "ALLOW_OWNER", + "ADD_ATTRIBUTE": "ALLOW_OWNER", + "MODIFY_ATTRIBUTE": "ALLOW_OWNER", + "DELETE_ATTRIBUTE": "ALLOW_OWNER", + "OBTAIN_LEASE": "ALLOW_OWNER", + "GET_USAGE_ALLOCATION": "ALLOW_OWNER", + "ACTIVATE": "ALLOW_OWNER", + "REVOKE": "ALLOW_OWNER", + "DESTROY": "ALLOW_OWNER", + "ARCHIVE": "ALLOW_OWNER", + "RECOVER": "ALLOW_OWNER" + }, + "PGP_KEY": { + "REKEY": "ALLOW_OWNER", + "REKEY_KEY_PAIR": "ALLOW_OWNER", + "DERIVE_KEY": "ALLOW_OWNER", + "LOCATE": "ALLOW_OWNER", + "CHECK": "ALLOW_OWNER", + "GET": "ALLOW_OWNER", + "GET_ATTRIBUTES": "ALLOW_OWNER", + "GET_ATTRIBUTE_LIST": "ALLOW_OWNER", + "ADD_ATTRIBUTE": "ALLOW_OWNER", + "MODIFY_ATTRIBUTE": "ALLOW_OWNER", + "DELETE_ATTRIBUTE": "ALLOW_OWNER", + "OBTAIN_LEASE": "ALLOW_OWNER", + "GET_USAGE_ALLOCATION": "ALLOW_OWNER", + "ACTIVATE": "ALLOW_OWNER", + "REVOKE": "ALLOW_OWNER", + "DESTROY": "ALLOW_OWNER", + "ARCHIVE": "ALLOW_OWNER", + "RECOVER": "ALLOW_OWNER" + } } } }