<xsd:element name="fileauditedpermissions_item" substitutionGroup="oval-sc:item">
<xsd:annotation>
<xsd:documentation>This item stores the audited access rights of a file that a system access control list (SACL) structure grants to a specified trustee. The trustee's audited access rights are determined checking all access control entries (ACEs) in the SACL. For help with this test see the GetAuditedPermissionsFromAcl() api.</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:complexContent>
<xsd:extension base="oval-sc:ItemType">
<xsd:sequence>
<xsd:element name="path" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This element specifies the absolute path to a file on the machine from which the DACL was retrieved.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="fileaudititempath" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:fileauditedpermissions_item/win-sc:path">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the path entity of a fileauditedpermissions_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="filename" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1" nillable="true">
<xsd:annotation>
<xsd:documentation>The name of the file. If the nillable attribute is set to true, then the item being represented is the higher directory represented by the path entity. The other items associated with this item would then reflect the values associated with the directory.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="fileaudititemfilename" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:fileauditedpermissions_item/win-sc:filename">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the filename entity of a fileauditedpermissions_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="trustee_sid" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The trustee_sid entity specifies the SID that associated a user, group, system, or program (such as a Windows service).</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="fileaudititemtrustee_sid" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:fileauditedpermissions_item/win-sc:trustee_sid">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the trustee_sid entity of a fileauditedpermissions_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="trustee_name" type="oval-sc:EntityItemStringType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>This entity has been deprecated and will be removed in version 6.0 of the language.</xsd:documentation>
<xsd:documentation>This element specifies the trustee name associated with this particular SACL. A trustee can be a user, group, or program (such as a Windows service). In a domain environment, trustee names should be identified in the form: "domain\trustee name" For local trustee names use: "computer name\trustee name" For built-in accounts on the system, use the trustee name without a domain. For example: ADMINISTRATOR, SYSTEM, NETWORK_SERVICES, ADMINISTRATORS (group), etc. Note that the built-in trustee names should be all caps as that is how the windows apis return them.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="fileaudititemtrustee_name" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:fileauditedpermissions_item/win-sc:trustee_name">
<sch:assert test="not(@datatype) or @datatype='string'">item <value-of select="../@id" /> - datatype attribute for the trustee_name entity of a fileauditedpermissions_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="standard_delete" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The right to delete the object.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="fileaudititemstandard_delete" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:fileauditedpermissions_item/win-sc:standard_delete">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the standard_delete entity of a fileauditedpermissions_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="standard_read_control" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The right to read the information in the object's security descriptor, not including the information in the SACL.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="fileaudititemstandard_read_control" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:fileauditedpermissions_item/win-sc:standard_read_control">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the standard_read_control entity of a fileauditedpermissions_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="standard_write_dac" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The right to modify the DACL in the object's security descriptor.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="fileaudititemstandard_write_dac" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:fileauditedpermissions_item/win-sc:standard_write_dac">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the standard_write_dac entity of a fileauditedpermissions_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="standard_write_owner" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>The right to change the owner in the object's security descriptor.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="fileaudititemstandard_write_owner" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:fileauditedpermissions_item/win-sc:standard_write_owner">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the standard_write_owner entity of a fileauditedpermissions_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="standard_synchronize" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Windows NT/2000: The right to use the object for synchronization. This enables a thread to wait until the object is in the signaled state. Some object types do not support this access right.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="fileaudititemstandard_synchronize" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:fileauditedpermissions_item/win-sc:standard_synchronize">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for thestandard_synchronize entity of a fileauditedpermissions_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="access_system_security" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Indicates access to a system access control list (SACL).</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="fileaudititemaccess_system_security" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:fileauditedpermissions_item/win-sc:access_system_security">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the access_system_security entity of a fileauditedpermissions_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="generic_read" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Read access.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="fileaudititemgeneric_read" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:fileauditedpermissions_item/win-sc:generic_read">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the generic_read entity of a fileauditedpermissions_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="generic_write" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Write access.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="fileaudititemgeneric_write" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:fileauditedpermissions_item/win-sc:generic_write">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the generic_write entity of a fileauditedpermissions_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="generic_execute" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Execute access.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="fileaudititemgeneric_execute" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:fileauditedpermissions_item/win-sc:generic_execute">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the generic_execute entity of a fileauditedpermissions_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="generic_all" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Read, write, and execute access.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="fileaudititemgeneric_all" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:fileauditedpermissions_item/win-sc:generic_all">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the generic_all entity of a fileauditedpermissions_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="file_read_data" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Grants the right to read data from the file.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="fileaudititemfile_read_data" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:fileauditedpermissions_item/win-sc:file_read_data">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the file_read_data entity of a fileauditedpermissions_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="file_write_data" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Grants the right to write data to the file.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="fileaudititemfile_write_data" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:fileauditedpermissions_item/win-sc:file_write_data">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the file_write_data entity of a fileauditedpermissions_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="file_append_data" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Grants the right to append data to the file.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="fileaudititemfile_append_data" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:fileauditedpermissions_item/win-sc:file_append_data">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the file_append_data entity of a fileauditedpermissions_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="file_read_ea" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Grants the right to read extended attributes.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="fileaudititemfile_read_ea" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:fileauditedpermissions_item/win-sc:file_read_ea">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the file_read_ea entity of a fileauditedpermissions_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="file_write_ea" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Grants the right to write extended attributes.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="fileaudititemfile_write_ea" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:fileauditedpermissions_item/win-sc:file_write_ea">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the file_write_ea entity of a fileauditedpermissions_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="file_execute" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Grants the right to execute a file.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="fileaudititemfile_execute" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:fileauditedpermissions_item/win-sc:file_execute">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the file_execute entity of a fileauditedpermissions_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="file_delete_child" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Right to delete a directory and all the files it contains (its children), even if the files are read-only.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="fileaudititemfile_delete_child" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:fileauditedpermissions_item/win-sc:file_delete_child">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the file_delete_child entity of a fileauditedpermissions_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="file_read_attributes" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Grants the right to read file attributes.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="fileaudititemfile_read_attributes" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:fileauditedpermissions_item/win-sc:file_read_attributes">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the file_read_attributes entity of a fileauditedpermissions_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
<xsd:element name="file_write_attributes" type="win-sc:EntityItemAuditType" minOccurs="0" maxOccurs="1">
<xsd:annotation>
<xsd:documentation>Grants the right to change file attributes.</xsd:documentation>
<xsd:appinfo>
<sch:pattern id="fileaudititemfile_write_attributes" xmlns:sch="http://purl.oclc.org/dsdl/schematron">
<sch:rule context="win-sc:fileauditedpermissions_item/win-sc:file_write_attributes">
<sch:assert test="not(@datatype) or @datatype='string'">item <sch:value-of select="../@id" /> - datatype attribute for the file_write_attributes entity of a fileauditedpermissions_item should be 'string'</sch:assert>
</sch:rule>
</sch:pattern>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:extension>
</xsd:complexContent>
</xsd:complexType>
</xsd:element>
|
XSD Schema Diagram:
