Overview
The COmanage Registry Data Model revolves around the CO Person, which conceptually represents one person associated with a CO.
- In order for a person to become a CO Person, they must first have at least one Org Identity, which conceptually represents their identity as asserted by a "home" institution, such as their University or a social identity provider.
- A CO Person record is created and one or more Org Identities are linked to it. The CO Person record maintains information that is unique to a person within the CO, such as names and identifiers.
- A CO Person may have one or more CO Person Roles within the CO. A CO Person Role record maintains information that is unique to a role a person has within a CO, such as title and physical address.
Tables
Additional Columns
In addition to the column definitions available for each table below, all tables have additional columns used by the framework and supporting code. These columns include
- Timestamps managed by Cake (
created
,modified
) - Columns used in support of Changelog Behavior
Table Name | Description | Status |
---|---|---|
Addresses | Tentative | |
API (Programmatic) Users | To be refactored | |
Known applications | Not implemented | |
CMP enrollment attribute configuration | Tentative | |
CMP enrollment configuration | Tentative | |
Per-CO configured applications | Not implemented | |
Per-CO Changelog provisioning target configurations | Tentative | |
Per-CO restrictions on publishing of directory information | Not implemented | |
Per-CO enrollment flow attribute configurations | Tentative | |
Default values for CO enrollment flow attributes configuration | Tentative | |
Per-CO enrollment flow configurations | Tentative | |
Per-CO expiration policies | Tentative | |
Per-CO extended attributes | Tentative | |
Per-CO attribute type configurations | Tentative | |
Per-CO FIFER services | Not implemented | |
Per-CO GitHub provisioning target configurations | Tentative | |
Per-CO per-Grouper target Grouper group map | Tentative | |
Per-CO Grouper provisioning target configurations | Tentative | |
Per-CO groups | Tentative | |
Per-CO group memberships | Tentative | |
Per-CO Home Directory provisioning target configurations | Experimental | |
Per-CO rules for identifier assignment | Tentative | |
Per-CO invitations to join | To be refactored | |
Per-CO per-LDAP target attribute grouping definitions | Tentative | |
Per-CO per-LDAP target attribute definitions | Tentative | |
Per-CO per-LDAP target DN map | Tentative | |
Per-CO LDAP provisioning target configurations | Tentative | |
Per-CO Text Localizations | Tentative | |
Per-Identifier tracking of assigned name-based sequences | Obsolete | |
Per-CO Navigation Links | Tentative | |
Per-CO Notifications | Tentative | |
Demographics for statistics | Tentative | |
Per-CO link to org identity | Tentative | |
Per-CO person identity | Tentative | |
Per-CO person role identity | Tentative | |
Per-CO link from person to org person | Obsolete as of v0.2 | |
Per-CO enrollment petition attributes | Tentative | |
Per-CO enrollment petition history records | Tentative | |
Per-CO enrollment petitions | Tentative | |
Per-CO provisioning target export record | Tentative | |
Per-CO provisioning events to process | Tentative | |
Per-CO provisioning targets | Tentative | |
Per-CO person role assignments | Not implemented | |
Per-CO group memberships implied by role | Not implemented | |
Per-CO role definitions | Not implemented | |
Per-CO self service permissions | Tentative | |
Per-Identifier tracking of next values for sequentially assigned identifiers | Tentative | |
Per-CO Settings | Tentative | |
Per-CO Person agreements to terms and conditions | Tentative | |
Per-CO terms and conditions | Tentative | |
COordinate configuration values | Not implemented | |
Definitions of (virtual) organizations | Tentative | |
Definitions of (virtual) organization units | Tentative | |
Demographics | Tentative | |
Email Addresses | Tentative | |
Transaction history (human readable) | Tentative | |
Person identifiers, from organizational source | Tentative | |
cm_meta | Meta (platform) information | Tentative |
Names | Tentative | |
Navigation Links | Tentative | |
Person identity, from organizational source | Tentative | |
Definitions of (real) organizations | To be refactored | |
Permissions for COoordinate | Not implemented | |
SSH keys | Tentative | |
Telephone numbers | Tentative |
- View All Tables in a list or as a high level ERD.
- Auditing: If enabled, each table will have a corresponding cma_ table with an additional timestamp column with all previous values.
Data | Potential Storage |
---|---|
Applications | SQL, LDAP?, Config file? |
Changelog | SQL, Log files |
Groups | SQL, Grouper |
History | SQL, Log files |
Invites | SQL, LDAP? |
Mailing Lists | Mailman, Sympa, /etc/aliases, etc |
Monitoring | Nagios, etc |
Organizations | SQL, LDAP |
People | SQL, LDAP |
Permissions | SQL, Grouper, Config file? |
Reports | JasperReports, etc |
Roles | SQL, Grouper |