You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 15 Next »

Registry models are built on a basic CRUD model, however Registry implements additional logic in many places. This document provides a "contract" for these application (or "domain" or "business") rules that follows Semantic Versioning (beginning with Registry v5.0.0). ie: Rules documented here will not change in a backward-incompatible way between minor Registry versions.

General Model Rules (GMRs)

  1. Once an entity is created within a CO, it cannot be moved to another CO.
  2. Foreign keys from one entity to another cannot cross COs.

API User

  1. API Users created in the COmanage CO (CO #1) have full access to the Registry API.
  2. API Users created in other COs may be privileged, in which case they have full access to the Registry API for that CO, or unprivileged, in which case access most be contextually granted.
  3. For namespacing purposes, API Users are named with a prefix consisting of the string co_#. (the letters co, an underscore, the numeric ID of the CO, and a dot). API usernames must be unique across the entire platform.
  4. API Keys for API Users cannot be directly set, only generated.

CO

  1. Deleting a CO will cause a hard delete of all CO related data.
  2. The CO named COmanage cannot be rename, deleted, or suspended.
  3. Two COs cannot share the same name.
  4. Duplicating a CO will duplicate configuration related objects (such as COUs, Groups, and Enrollment Flows) but not data related objects (such as People and Group Memberships).
  5. A CO cannot be deleted if it is in Active status.

COU

  1. A COU may not be deleted if it has any members (ie: People with a Person Role with the specified COU).
  2. A COU may not be deleted if it has any children.
  3. Two COUs within the same CO cannot share the same name.
  4. When a COU is created, the special groups associated with the COU will also be created.
  5. If a COU is renamed, the special groups associated with the COU will also be renamed.

Name

  1. Exactly one Name for each Person and External Identity must be designated as Primary at all times.
  2. If a display name value is provided for any Name, it will be used within Registry whenever a full name representation of that Name is required.
  3. If a full name is constructed from the various Name components, by default the components will be assembled as givenmiddlefamilysuffix. However, for Names with a language set to hujakoza-Hans, or za-Hant, the components will be assembled as familygiven.
  4. Each Person and External Identity must have at least one Name.

Type

  1. When a new CO is created, the default Types will be instantiated into the CO. Afterwards, available Types are only updated by administrator action.
  2. A Type cannot be deleted once it has been used by at least one Registry object, even if that object is subsequently deleted.
  3. A Suspended Type can not be assigned to new Registry objects, but existing objects already referencing it will not be changed.
  • No labels