Documentation
Data Field Reference
role

role

References one or more Cavaliba roles. Allows assigning permissions and responsibilities through role definitions.

dataformat: role 

  MYFIELD:
      dataformat: role

dataformat_ext

Not used - Role fields have no extended options. The field automatically references all roles in the system.

Values

Field contains role identifiers as strings. References SireneRole objects in the system.

Multivalue

Multi-value is supported for assigning multiple roles.

## SCHEMA
MYROLES:
      dataformat: role
      cardinal_max: 0

## INSTANCE multi-valued
  MYROLES: [editor, reviewer, admin]

Examples

Schema Definition 

- classname: _schema
  keyname: person
  primary_role:
    dataformat: role
    displayname: Primary Role
    description: Primary role assignment

Instance Example 

- classname: person
  keyname: john_smith
  primary_role: developer

Role Structure

Roles contain:

  • Permissions: Granular permissions (e.g., p_data_create, p_data_read)
  • Hierarchy: Can be organized hierarchically (e.g., admin > editor > viewer)
  • Purpose: Define what users can do in the system

Relationship to Users and Groups

  • Users can have roles directly
  • Groups can contain users with specific roles
  • Combined with SireneGroup for team-based access control
  • Used in API authentication (e.g., APIKey schema)

Notes

  • References actual roles in the IAM system (SireneRole model)
  • Roles bundle multiple permissions together
  • Useful for permission management and access control
  • Related to the AAA (Authentication, Authorization, Accounting) system
  • Can define hierarchy and inheritance of permissions
  • Commonly used in API keys for access control
groupschema