A role has an a range of administrative scope, i.e. domains and units
| Anchor | ||||
|---|---|---|---|---|
|
Attribute | type | values | default | mandate | comment |
name | string |
|
| true |
|
description | string |
|
| false |
|
|
|
|
|
|
|
permits | coll |
|
| true | Role's permissions |
domains | coll |
|
|
| Managing domains |
users | coll |
|
|
| Assigned users |
groups | coll |
|
|
| Assigned groups |
Permit is a dynamic object with the following attributes:
- scope
- object
- actions
Permit does not have any method.
| Anchor | ||||
|---|---|---|---|---|
|
| Wiki Markup |
|---|
To create a new role, we must specify the name of the role and its administrative scope. On success, the method always returns the internal role id of the newly created role.
Parameters:
\{
"attrs":\{list of attribute value pairs\}
\}
Response:
\{
"error":0,
"result":\{"id":the id of the newly created role\}
\}
\\
+Examples 1:+
Method:/role/create
Parameters:
\{
"attrs":
\{
"name":"sales manager",
"permits":
\[
\{
"scope":"*.*",
"object":"user",
"actions":"create,list,view"
\},
\{
"scope":"D1.U2",
"object":"token",
"actions":"create,delete,view"
\}
\]
\}
\}
Response: \{"error":0, "result":\{"id":1\}\}
\\
+Examples 2:+
Method:/role/create
Parameters:
\{
"attrs":
\{
"name":"token manager",
"domains":\{id:1, id:2\},
"permits":
\[
\{
"scope":"A.?",// the unit the user belongs to
"object":"token",
"actions":"edit,view"
\},
\{
"scope":"A.?",// the unit the user belongs to
"object":"user",
"actions":"view"
\}
\]
\}
\}
Response: \{"error":0, "result":\{"id":1\}\}
\\ |
| Anchor | ||||
|---|---|---|---|---|
|
| Wiki Markup |
|---|
+Examples:+
Method:/role/search
Parameters:
\{
"match":
\[
\["domain.id", "=", 1\]
\],
"return":\["id","name"\],
"sort":"id",
"order":"asc",
"max": 20,
"offset": 10
\}
Response:
\{
"error":0,
"result":
\[
\{
"id",20,
"name":"sales manager",
\},
\{
...
\}
\]
\} |
| Anchor | ||||
|---|---|---|---|---|
|
| Wiki Markup |
|---|
Method:/role/get
\\
+Example 1:+
Parameters:
\{
"match":
\[
\["id", "=", 2\],
\],
"return":
\[
"id",
"name",
\{
"permits":
\[
"size",
\{elements:\["scope","object","actions"\]\}
\]
\}
\]
\}
Response:
\{
"error":0,
"result":
\{
"id":"1",
"name":"sales manager",
"permits":
\{
"size":2,
"elements":
\[
\{
"scope":"*",
"object":"user"
"actions":\["create","delete","view"\]
\},
\{
...
\}
\]
\}
\}
\}
\\ |
| Anchor | ||||
|---|---|---|---|---|
|
Method:/role/set
Parameters:
{
"id":1,
"attrs":{list of attributes}
}
Response:
{
"error":0
}
| Anchor | ||||
|---|---|---|---|---|
|
Method:/role/delete
Parameters:
{
"id":1
}
Response:
{
"error":0
}
| Anchor | ||||
|---|---|---|---|---|
|
| Wiki Markup |
|---|
Method:/role/listActions
Parameters:
\{
"scope":"System" | "Domain" | "Unit
\}
Response:
\{error:0, result:
\{
categories:
\[
\{// category
name:xx,
displayName:xx,
objects:
\[
\{ //object
name:xx,
displayName:xx,
actions:
\[
\{ // action
name:xx,
displayName:xx
\}
\]
\}
\]
\}
\],
objects:
\[
\{ //object
name:'*',
displayName:'All Objects',
actions:
\[
\{ // action
name:
displayName:
\}
\\
\]
\}
\]
\}
\} |