HyperCube-based Access Control Management System |
All functionalities required to manipulate each data type and to test their values are covered by the language: you can create cubes, add/remove/re-order dimensions, add/remove/update coordinates, create group of coordinates, add and remove members, … |
Important features |
Block of commands |
Commands can be grouped in block and associated with assertions to be checked BEFORE commiting the changes to the repository. |
Explanation of access evaluation |
Along with supporting the classical voting mechanisms (affirmative, unanimous, consensus) and the "get authorities for" verb, the language can provide clear explanations of why an evaluation produces this particular result. eval path { (ID = (ID | EMAIL) ,)* ID = (ID | EMAIL) } (context { (ID = QUOTED ,)* ID = QUOTED })? in ID with (Voter.affirmative | Voter.consensus | Voter.unanimous) (allowsMissingDim)? explain path { (ID = (ID | EMAIL) ,)* ID = (ID | EMAIL) } (context { (ID = QUOTED ,)* ID = QUOTED })? in ID getauthorities { (ID = (ID | EMAIL) ,)* ID = (ID | EMAIL) } (in ID)? |
Export in various format |
Cube, dimension and coordinates can be indivually dumped in various format: CSV, TAB, JSON, XML, RDF and most important HCACMS script language itself. |
Aiming large organizations |
Large set of language verbs are aiming the specific problematic of large organizations like internal re-organisation moving people form one business unit to another one, opening access to a new application to large set of people, … |
For programmer by programmer… |
Programming constructs |
if … else … logical operations AND, OR, XOR, NOT macro definitions with parameters … |
|
|
Examples |
Bootstrap script |
Script executed to create the internal __SYSTEM__ cube on a new DB schema |