From fe500315f049f973004eba6c2343be67f31f337b Mon Sep 17 00:00:00 2001 From: Jeremy Price Date: Mon, 9 Aug 2021 15:26:27 +0200 Subject: [PATCH] Accesscontrol update api examples (#37654) * Fix status, add global flags * Check examples are working, correct where they aren't --- docs/sources/http_api/access_control.md | 52 ++++++++++++++----------- 1 file changed, 30 insertions(+), 22 deletions(-) diff --git a/docs/sources/http_api/access_control.md b/docs/sources/http_api/access_control.md index cbb021dde4b..3937fb72294 100644 --- a/docs/sources/http_api/access_control.md +++ b/docs/sources/http_api/access_control.md @@ -26,10 +26,11 @@ Returns an indicator to check if fine-grained access control is enabled or not. | -------------------- | ---------------------- | | status:accesscontrol | services:accesscontrol | + #### Example request ```http -GET /api/access-control/check +GET /api/access-control/status Accept: application/json Content-Type: application/json ``` @@ -61,6 +62,7 @@ Content-Type: application/json; charset=UTF-8 `GET /api/access-control/roles` Gets all existing roles. The response contains all global and organization local roles, for the organization which user is signed in. + Refer to the [Role scopes]({{< relref "../enterprise/access-control/roles.md#built-in-role-assignments" >}}) for more information. #### Required permissions @@ -254,6 +256,7 @@ Content-Type: application/json; charset=UTF-8 #### Status codes + | Code | Description | | ---- | ---------------------------------------------------------------------------------- | | 200 | Role is updated. | @@ -276,6 +279,7 @@ For example, if a user does not have required permissions for creating users, th | ----------- | -------------------- | | roles:write | permissions:delegate | + #### Example request ```http @@ -284,16 +288,17 @@ Accept: application/json Content-Type: application/json { - "version": 2, - "name": "custom:delete:create:roles", - "description": "My custom role which gives users permissions to delete and create roles", + "version": 3, + "name": "custom:delete:write:roles", + "description": "My custom role which gives users permissions to delete and write roles", + "global": true, "permissions": [ { "action": "roles:delete", "scope": "permissions:delegate" }, - { - "action": "roles:create", + { + "action": "roles:write", "scope": "permissions:delegate" } ] @@ -323,25 +328,27 @@ HTTP/1.1 200 OK Content-Type: application/json; charset=UTF-8 { - "version": 3, - "name": "custom:delete:create:roles", - "description": "My custom role which gives users permissions to delete and create roles", - "permissions": [ + "version":3, + "uid":"jZrmlLCGka", + "name":"custom:delete:write:roles", + "description":"My custom role which gives users permissions to delete and write roles", + "permissions":[ { - "action": "roles:delete", - "scope": "permissions:delegate", - "updated": "2021-05-13T23:19:46.546146+02:00", - "created": "2021-05-13T23:19:46.546146+02:00" + "action":"roles:delete", + "scope":"permissions:delegate", + "updated":"2021-08-06T18:27:40+02:00", + "created":"2021-08-06T18:27:40+02:00" }, - { - "action": "roles:create", - "scope": "permissions:delegate", - "updated": "2021-05-13T23:19:46.546146+02:00", - "created": "2021-05-13T23:19:46.546146+02:00" + { + "action":"roles:write", + "scope":"permissions:delegate", + "updated":"2021-08-06T18:27:41+02:00", + "created":"2021-08-06T18:27:41+02:00" } ], - "updated": "2021-05-13T23:19:46.540987+02:00", - "created": "2021-05-13T23:19:46.540986+02:00" + "updated":"2021-08-06T18:27:41+02:00", + "created":"2021-08-06T18:27:40+02:00", + "global":true } ``` @@ -370,10 +377,11 @@ For example, if a user does not have required permissions for creating users, th | ------------ | -------------------- | | roles:delete | permissions:delegate | + #### Example request ```http -DELETE /api/access-control/roles/jZrmlLCGka?force=true +DELETE /api/access-control/roles/jZrmlLCGka?force=true&global=true Accept: application/json ```