A role has an a range of administrative scope, i.e. domains and units
Attribute |
type |
values |
default |
mandate |
comment |
name |
string |
|
|
true |
|
description |
string |
|
|
false |
|
|
|
|
|
|
|
permits |
coll |
|
|
true |
Role's permissions |
domains |
coll |
|
|
|
Managing domains |
users |
coll |
|
|
|
Assigned users |
groups |
coll |
|
|
|
Assigned groups |
Permit is a dynamic object with the following attributes:
Permit does not have any method.
To create a new role, we must specify the name of the role and its administrative scope. On success, the method always returns the internal role id of the newly created role. Parameters: \{ "attrs":\{list of attribute value pairs\} \} Response: \{ "error":0, "result":\{"id":the id of the newly created role\} \} \\ +Examples 1:+ Method:/role/create Parameters: \{ "attrs": \{ "name":"sales manager", "permits": \[ \{ "scope":"*.*", "object":"user", "actions":"create,list,view" \}, \{ "scope":"D1.U2", "object":"token", "actions":"create,delete,view" \} \] \} \} Response: \{"error":0, "result":\{"id":1\}\} \\ +Examples 2:+ Method:/role/create Parameters: \{ "attrs": \{ "name":"token manager", "domains":\{id:1, id:2\}, "permits": \[ \{ "scope":"A.?",// the unit the user belongs to "object":"token", "actions":"edit,view" \}, \{ "scope":"A.?",// the unit the user belongs to "object":"user", "actions":"view" \} \] \} \} Response: \{"error":0, "result":\{"id":1\}\} \\ |
+Examples:+ Method:/role/search Parameters: \{ "match": \[ \["domain.id", "=", 1\] \], "return":\["id","name"\], "sort":"id", "order":"asc", "max": 20, "offset": 10 \} Response: \{ "error":0, "result": \[ \{ "id",20, "name":"sales manager", \}, \{ ... \} \] \} |
Method:/role/get \\ +Example 1:+ Parameters: \{ "match": \[ \["id", "=", 2\], \], "return": \[ "id", "name", \{ "permits": \[ "size", \{elements:\["scope","object","actions"\]\} \] \} \] \} Response: \{ "error":0, "result": \{ "id":"1", "name":"sales manager", "permits": \{ "size":2, "elements": \[ \{ "scope":"*", "object":"user" "actions":\["create","delete","view"\] \}, \{ ... \} \] \} \} \} \\ |
Method:/role/set
Parameters:
{
"id":1,
"attrs":{list of attributes}
}
Response:
{
"error":0
}
Method:/role/delete
Parameters:
{
"id":1
}
Response:
{
"error":0
}
Method:/role/listActions Parameters: \{ "scope":"System" | "Domain" | "Unit \} Response: \{error:0, result: \{ categories: \[ \{// category name:xx, displayName:xx, objects: \[ \{ //object name:xx, displayName:xx, actions: \[ \{ // action name:xx, displayName:xx \} \] \} \] \} \], objects: \[ \{ //object name:'*', displayName:'All Objects', actions: \[ \{ // action name: displayName: \} \\ \] \} \] \} \} |