From a9d2108ed04172d2a54a8a317350946c83b0bbde Mon Sep 17 00:00:00 2001 From: sg481n Date: Sat, 23 Sep 2017 14:26:06 +0000 Subject: Update License & modify properties in aaf/authz Updated license file & sitepath modified and O-parent latest added to parent pom of aaf/authz,Javadocs plugin version added & duplicate staging plugin removed. Issue-id: AAF-59 Change-Id: I13a843d1b1868a12b0f0387ff2ba99e516c7601f Signed-off-by: sg481n --- LICENSE | 44 +- authz-batch/pom.xml | 134 +- authz-cass/pom.xml | 33 +- authz-certman/pom.xml | 34 +- authz-client/pom.xml | 41 +- authz-cmd/pom.xml | 33 +- authz-core/pom.xml | 33 +- authz-defOrg/pom.xml | 47 +- authz-fs/pom.xml | 32 +- authz-gui/pom.xml | 44 +- authz-gw/pom.xml | 48 +- authz-service/pom.xml | 80 +- authz-test/pom.xml | 32 +- docs/AAF-API-Documentation.rst | 3206 -------------------- .../AAF-API-Documentation.rst | 3206 ++++++++++++++++++++ docs/index.rst | 8 +- pom.xml | 50 +- 17 files changed, 3452 insertions(+), 3653 deletions(-) delete mode 100644 docs/AAF-API-Documentation.rst create mode 100644 docs/AAF-API-Documentation/AAF-API-Documentation.rst diff --git a/LICENSE b/LICENSE index cd88bf02..b8850837 100644 --- a/LICENSE +++ b/LICENSE @@ -1,23 +1,39 @@ - \ No newline at end of file +*/ \ No newline at end of file diff --git a/authz-batch/pom.xml b/authz-batch/pom.xml index 8b81eb63..af456a33 100644 --- a/authz-batch/pom.xml +++ b/authz-batch/pom.xml @@ -39,6 +39,21 @@ 1.0.0-SNAPSHOT 1.0.0-SNAPSHOT 1.0.0-SNAPSHOT + UTF-8 + false + 3.1.200 + java + jacoco + ${project.build.directory}/surefire-reports + ${project.build.directory}/coverage-reports/jacoco.exec + ${project.build.directory}/coverage-reports/jacoco-it.exec + true + ${project.version} + https://nexus.onap.org + /content/repositories/snapshots/ + /content/repositories/releases/ + /content/repositories/staging/ + /content/sites/site/org/onap/aaf/authz/${project.artifactId}/${project.version} @@ -67,31 +82,6 @@ ${project.cadiVersion} - - - prg.onap.aaf.authz @@ -128,20 +118,7 @@ org.slf4j slf4j-log4j12 - - + @@ -226,22 +203,69 @@ - - - org.apache.maven.plugins - maven-gpg-plugin - 1.5 - - - sign-artifacts - verify - - sign - - - - - + + org.sonatype.plugins + nexus-staging-maven-plugin + 1.6.7 + true + + ${nexusproxy} + 176c31dfe190a + ecomp-staging + + + + org.jacoco + jacoco-maven-plugin + 0.7.7.201606060606 + + true + + org.onap.aaf.* + + + + + pre-unit-test + + prepare-agent + + + ${project.build.directory}/coverage-reports/jacoco.exec + + + + + pre-integration-test + pre-integration-test + + prepare-agent + + + ${project.build.directory}/coverage-reports/jacoco-it.exec + + + + + + merge + + post-integration-test + + + + ${project.build.directory}/coverage-reports + + *.exec + + + + ${project.build.directory}/jacoco-dev.exec + + + + + diff --git a/authz-cass/pom.xml b/authz-cass/pom.xml index eb95e2d4..7c99385e 100644 --- a/authz-cass/pom.xml +++ b/authz-cass/pom.xml @@ -64,7 +64,7 @@ /content/repositories/snapshots/ /content/repositories/releases/ /content/repositories/staging/ - /content/sites/site/${project.groupId}/${project.artifactId}/${project.version} + /content/sites/site/org/onap/aaf/authz/${project.artifactId}/${project.version} @@ -119,10 +119,10 @@ maven-jarsigner-plugin - - + org.apache.maven.plugins maven-javadoc-plugin + 2.10.4 false @@ -230,33 +230,6 @@ dav:${nexusproxy}${sitePath} - - - onap-plugin-snapshots - https://nexus.onap.org/content/repositories/snapshots/ - - - - - central - Maven 2 repository 2 - http://repo2.maven.org/maven2/ - - - onap-jar-snapshots - https://nexus.onap.org/content/repositories/snapshots - - - spring-repo - Spring repo - https://artifacts.alfresco.com/nexus/content/repositories/public/ - - - repository.jboss.org-public - JBoss.org Maven repository - https://repository.jboss.org/nexus/content/groups/public - - diff --git a/authz-certman/pom.xml b/authz-certman/pom.xml index f71d2564..1473a1c8 100644 --- a/authz-certman/pom.xml +++ b/authz-certman/pom.xml @@ -66,7 +66,7 @@ /content/repositories/snapshots/ /content/repositories/releases/ /content/repositories/staging/ - /content/sites/site/${project.groupId}/${project.artifactId}/${project.version} + /content/sites/site/org/onap/aaf/authz/${project.artifactId}/${project.version} @@ -120,6 +120,7 @@ org.apache.maven.plugins maven-javadoc-plugin + 2.10.4 false @@ -131,7 +132,7 @@ - + @@ -231,32 +232,5 @@ dav:${nexusproxy}${sitePath} - - - onap-plugin-snapshots - https://nexus.onap.org/content/repositories/snapshots/ - - - - - - central - Maven 2 repository 2 - http://repo2.maven.org/maven2/ - - - onap-jar-snapshots - https://nexus.onap.org/content/repositories/snapshots - - - spring-repo - Spring repo - https://artifacts.alfresco.com/nexus/content/repositories/public/ - - - repository.jboss.org-public - JBoss.org Maven repository - https://repository.jboss.org/nexus/content/groups/public - - + diff --git a/authz-client/pom.xml b/authz-client/pom.xml index 492d7716..6e822e00 100644 --- a/authz-client/pom.xml +++ b/authz-client/pom.xml @@ -73,7 +73,7 @@ /content/repositories/snapshots/ /content/repositories/releases/ /content/repositories/staging/ - /content/sites/site/${project.groupId}/${project.artifactId}/${project.version} + /content/sites/site/org/onap/aaf/authz/${project.artifactId}/${project.version} @@ -104,15 +104,6 @@ src/main/xsd - - org.apache.maven.plugins - maven-compiler-plugin - - 1.6 - 1.6 - - - @@ -159,6 +150,7 @@ org.apache.maven.plugins maven-javadoc-plugin + 2.10.4 false @@ -268,33 +260,6 @@ dav:${nexusproxy}${sitePath} - - - onap-plugin-snapshots - https://nexus.onap.org/content/repositories/snapshots/ - - - - - - central - Maven 2 repository 2 - http://repo2.maven.org/maven2/ - - - onap-jar-snapshots - https://nexus.onap.org/content/repositories/snapshots - - - spring-repo - Spring repo - https://artifacts.alfresco.com/nexus/content/repositories/public/ - - - repository.jboss.org-public - JBoss.org Maven repository - https://repository.jboss.org/nexus/content/groups/public - - + diff --git a/authz-cmd/pom.xml b/authz-cmd/pom.xml index 197414b9..23066374 100644 --- a/authz-cmd/pom.xml +++ b/authz-cmd/pom.xml @@ -66,7 +66,7 @@ /content/repositories/snapshots/ /content/repositories/releases/ /content/repositories/staging/ - /content/sites/site/${project.groupId}/${project.artifactId}/${project.version} + /content/sites/site/org/onap/aaf/authz/${project.artifactId}/${project.version} @@ -127,6 +127,7 @@ org.apache.maven.plugins maven-javadoc-plugin + 2.10.4 false @@ -138,7 +139,7 @@ - + @@ -238,33 +239,5 @@ dav:${nexusproxy}${sitePath} - - - onap-plugin-snapshots - https://nexus.onap.org/content/repositories/snapshots/ - - - - - - central - Maven 2 repository 2 - http://repo2.maven.org/maven2/ - - - onap-jar-snapshots - https://nexus.onap.org/content/repositories/snapshots - - - spring-repo - Spring repo - https://artifacts.alfresco.com/nexus/content/repositories/public/ - - - repository.jboss.org-public - JBoss.org Maven repository - https://repository.jboss.org/nexus/content/groups/public - - diff --git a/authz-core/pom.xml b/authz-core/pom.xml index 4dbb8d3e..36c72e64 100644 --- a/authz-core/pom.xml +++ b/authz-core/pom.xml @@ -107,10 +107,10 @@ - org.apache.maven.plugins maven-javadoc-plugin + 2.10.4 false @@ -122,7 +122,7 @@ - + @@ -221,34 +221,7 @@ dav:${nexusproxy}${sitePath} - - - onap-plugin-snapshots - https://nexus.onap.org/content/repositories/snapshots/ - - - - - - central - Maven 2 repository 2 - http://repo2.maven.org/maven2/ - - - onap-jar-snapshots - https://nexus.onap.org/content/repositories/snapshots - - - spring-repo - Spring repo - https://artifacts.alfresco.com/nexus/content/repositories/public/ - - - repository.jboss.org-public - JBoss.org Maven repository - https://repository.jboss.org/nexus/content/groups/public - - + diff --git a/authz-defOrg/pom.xml b/authz-defOrg/pom.xml index efe54315..86bd4b25 100644 --- a/authz-defOrg/pom.xml +++ b/authz-defOrg/pom.xml @@ -67,7 +67,7 @@ /content/repositories/snapshots/ /content/repositories/releases/ /content/repositories/staging/ - /content/sites/site/${project.groupId}/${project.artifactId}/${project.version} + /content/sites/site/org/onap/aaf/authz/${project.artifactId}/${project.version} @@ -93,6 +93,22 @@ + + org.apache.maven.plugins + maven-javadoc-plugin + 2.10.4 + + false + + + + attach-javadocs + + jar + + + + org.sonatype.plugins nexus-staging-maven-plugin @@ -174,33 +190,6 @@ dav:${nexusproxy}${sitePath} - - - onap-plugin-snapshots - https://nexus.onap.org/content/repositories/snapshots/ - - - - - - central - Maven 2 repository 2 - http://repo2.maven.org/maven2/ - - - onap-jar-snapshots - https://nexus.onap.org/content/repositories/snapshots - - - spring-repo - Spring repo - https://artifacts.alfresco.com/nexus/content/repositories/public/ - - - repository.jboss.org-public - JBoss.org Maven repository - https://repository.jboss.org/nexus/content/groups/public - - + diff --git a/authz-fs/pom.xml b/authz-fs/pom.xml index b93e30f4..14d0997b 100644 --- a/authz-fs/pom.xml +++ b/authz-fs/pom.xml @@ -66,7 +66,7 @@ /content/repositories/snapshots/ /content/repositories/releases/ /content/repositories/staging/ - /content/sites/site/${project.groupId}/${project.artifactId}/${project.version} + /content/sites/site/org/onap/aaf/authz/${project.artifactId}/${project.version} @@ -103,6 +103,7 @@ org.apache.maven.plugins maven-javadoc-plugin + 2.10.4 false @@ -211,32 +212,5 @@ dav:${nexusproxy}${sitePath} - - - onap-plugin-snapshots - https://nexus.onap.org/content/repositories/snapshots/ - - - - - - central - Maven 2 repository 2 - http://repo2.maven.org/maven2/ - - - onap-jar-snapshots - https://nexus.onap.org/content/repositories/snapshots - - - spring-repo - Spring repo - https://artifacts.alfresco.com/nexus/content/repositories/public/ - - - repository.jboss.org-public - JBoss.org Maven repository - https://repository.jboss.org/nexus/content/groups/public - - + diff --git a/authz-gui/pom.xml b/authz-gui/pom.xml index 8621af4f..0aee3c60 100644 --- a/authz-gui/pom.xml +++ b/authz-gui/pom.xml @@ -36,8 +36,24 @@ true 28 + UTF-8 + false + 1.0.0-SNAPSHOT 1.0.0-SNAPSHOT 1.0.0-SNAPSHOT + 3.1.200 + java + jacoco + ${project.build.directory}/surefire-reports + ${project.build.directory}/coverage-reports/jacoco.exec + ${project.build.directory}/coverage-reports/jacoco-it.exec + true + ${project.version} + https://nexus.onap.org + /content/repositories/snapshots/ + /content/repositories/releases/ + /content/repositories/staging/ + /content/sites/site/org/onap/aaf/authz/${project.artifactId}/${project.version} @@ -152,6 +168,7 @@ org.apache.maven.plugins maven-javadoc-plugin + 2.10.4 false @@ -163,7 +180,7 @@ - + @@ -241,14 +258,23 @@ - - - - + - - - - + + + ecomp-releases + AAF Release Repository + ${nexusproxy}${releaseNexusPath} + + + ecomp-snapshots + AAF Snapshot Repository + ${nexusproxy}${snapshotNexusPath} + + + ecomp-site + dav:${nexusproxy}${sitePath} + + diff --git a/authz-gw/pom.xml b/authz-gw/pom.xml index 00043f27..64f9ab5e 100644 --- a/authz-gw/pom.xml +++ b/authz-gw/pom.xml @@ -66,7 +66,7 @@ /content/repositories/snapshots/ /content/repositories/releases/ /content/repositories/staging/ - /content/sites/site/${project.groupId}/${project.artifactId}/${project.version} + /content/sites/site/org/onap/aaf/authz/${project.artifactId}/${project.version} @@ -111,7 +111,22 @@ 2.3.1 - + + org.apache.maven.plugins + maven-javadoc-plugin + 2.10.4 + + false + + + + attach-javadocs + + jar + + + + org.apache.maven.plugins maven-source-plugin @@ -207,32 +222,5 @@ dav:${nexusproxy}${sitePath} - - - onap-plugin-snapshots - https://nexus.onap.org/content/repositories/snapshots/ - - - - - - central - Maven 2 repository 2 - http://repo2.maven.org/maven2/ - - - onap-jar-snapshots - https://nexus.onap.org/content/repositories/snapshots - - - spring-repo - Spring repo - https://artifacts.alfresco.com/nexus/content/repositories/public/ - - - repository.jboss.org-public - JBoss.org Maven repository - https://repository.jboss.org/nexus/content/groups/public - - + diff --git a/authz-service/pom.xml b/authz-service/pom.xml index d589b815..34760557 100644 --- a/authz-service/pom.xml +++ b/authz-service/pom.xml @@ -69,7 +69,7 @@ /content/repositories/snapshots/ /content/repositories/releases/ /content/repositories/staging/ - /content/sites/site/${project.groupId}/${project.artifactId}/${project.version} + /content/sites/site/org/onap/aaf/authz/${project.artifactId}/${project.version} @@ -144,33 +144,7 @@ - - org.apache.maven.plugins - maven-resources-plugin - 2.7 - - - copy-docker-file - package - - copy-resources - - - ${dockerLocation} - true - - - ${basedir}/src/main/resources/docker - true - - **/* - - - - - - - + com.spotify docker-maven-plugin @@ -201,6 +175,26 @@ maven-resources-plugin 2.7 + + copy-docker-file + package + + copy-resources + + + ${dockerLocation} + true + + + ${basedir}/src/main/resources/docker + true + + **/* + + + + + copy-resources-1 validate @@ -375,6 +369,7 @@ org.apache.maven.plugins maven-javadoc-plugin + 2.10.4 false @@ -487,32 +482,5 @@ dav:${nexusproxy}${sitePath} - - - onap-plugin-snapshots - https://nexus.onap.org/content/repositories/snapshots/ - - - - - - central - Maven 2 repository 2 - http://repo2.maven.org/maven2/ - - - onap-jar-snapshots - https://nexus.onap.org/content/repositories/snapshots - - - spring-repo - Spring repo - https://artifacts.alfresco.com/nexus/content/repositories/public/ - - - repository.jboss.org-public - JBoss.org Maven repository - https://repository.jboss.org/nexus/content/groups/public - - + diff --git a/authz-test/pom.xml b/authz-test/pom.xml index 7da863fa..17cb314f 100644 --- a/authz-test/pom.xml +++ b/authz-test/pom.xml @@ -68,7 +68,7 @@ /content/repositories/snapshots/ /content/repositories/releases/ /content/repositories/staging/ - /content/sites/site/${project.groupId}/${project.artifactId}/${project.version} + /content/sites/site/org/onap/aaf/authz/${project.artifactId}/${project.version} @@ -143,6 +143,7 @@ org.apache.maven.plugins maven-javadoc-plugin + 2.10.4 false @@ -252,32 +253,5 @@ dav:${nexusproxy}${sitePath} - - - onap-plugin-snapshots - https://nexus.onap.org/content/repositories/snapshots/ - - - - - - central - Maven 2 repository 2 - http://repo2.maven.org/maven2/ - - - onap-jar-snapshots - https://nexus.onap.org/content/repositories/snapshots - - - spring-repo - Spring repo - https://artifacts.alfresco.com/nexus/content/repositories/public/ - - - repository.jboss.org-public - JBoss.org Maven repository - https://repository.jboss.org/nexus/content/groups/public - - + diff --git a/docs/AAF-API-Documentation.rst b/docs/AAF-API-Documentation.rst deleted file mode 100644 index 05d516ec..00000000 --- a/docs/AAF-API-Documentation.rst +++ /dev/null @@ -1,3206 +0,0 @@ -AT&T Auth Tool -============== - --------------- - -AAF 2.0 RESTful interface -========================= - --------------- - -Accessing RESTful ------------------ - -AAF RESTful service is secured by the following: - -The Client must utilize HTTP/S. Non Secure HTTP is not acceptable - -The Client MUST supply an Identity validated by one of the following mechanisms - -- Valid Global Login Cookie (CSP) -- BASIC AUTH protocol using CSO Registered MechID, provisioned in AAF -- (Near Future) Application level Certificate & oAuth - -Responses - -Each API Entity listed shows what structure will be accepted by service (ContentType) or responded with by service (Accept). Therefore, use these in making your call. Critical for PUT/POST. - -Each API call may respond with JSON or XML. Choose the ContentType/Accept that has +json after the type for JSON or +xml after the Type for XML - -XSDs for Versions - - -AAF can support multiple Versions of the API. Choose the ContentType/Accept that has the appropriate version=?.? - - -Character Restrictions - -- Character Restrictions must depend on the Enforcement Point used -- Most AAF usage will be AAF Enforcement Point Characters for Instance and Action are: - *a-zA-Z0-9,.()\_-=%* - For Instance, you may declare a multi-dimensional key with : (colon) separator, example: - -Ask for a Consultation on how these are typically used, or, if your tool is the only Enforcement Point, if set may be expanded - -+--------------------+--------------------+--------------------+--------------------+ -| Entity | Method | Path Info | Description | -+====================+====================+====================+====================+ -| PERMISSION | POST | /authz/perm | Create a | -| | | | Permission | -| | | | | -| | | | Permission | -| | | | consists of: | -| | | | | -| | | | - type - a | -| | | | Namespace | -| | | | qualified | -| | | | identifier | -| | | | specifying what | -| | | | kind of | -| | | | resource is | -| | | | being protected | -| | | | - instance - a | -| | | | key, possibly | -| | | | multi-dimension | -| | | | al, | -| | | | that identifies | -| | | | a specific | -| | | | instance of the | -| | | | type | -| | | | - action - what | -| | | | kind of action | -| | | | is allowed | -| | | | | -| | | | Note: instance and | -| | | | action can be an | -| | | | \* | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 201 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 403, 404, 406, 409 | -| | | | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUGVybVJ | -| | | | lcXVlc3QranNvbjtxP | -| | | | TEuMDtjaGFyc2V0PXV | -| | | | 0Zi04O3ZlcnNpb249M | -| | | | i4wLGFwcGxpY2F0aW9 | -| | | | uL2pzb247cT0xLjA7d | -| | | | mVyc2lvbj0yLjAsKi8 | -| | | | qO3E9MS4w>`__\ app | -| | | | lication/PermReque | -| | | | st+json;q=1.0;char | -| | | | set=utf-8;version= | -| | | | 2.0,application/js | -| | | | on;q=1.0;version=2 | -| | | | .0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUGVybVJ | -| | | | lcXVlc3QreG1sO3E9M | -| | | | S4wO2NoYXJzZXQ9dXR | -| | | | mLTg7dmVyc2lvbj0yL | -| | | | jAsdGV4dC94bWw7cT0 | -| | | | xLjA7dmVyc2lvbj0yL | -| | | | jA=>`__\ applicati | -| | | | on/PermRequest+xml | -| | | | ;q=1.0;charset=utf | -| | | | -8;version=2.0,tex | -| | | | t/xml;q=1.0;versio | -| | | | n=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | PUT | /authz/perm | Set Description | -| | | | for Permission | -| | | | | -| | | | Add Description | -| | | | Data to Perm | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 404, 406 | -| | | | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUGVybVJ | -| | | | lcXVlc3QranNvbjtxP | -| | | | TEuMDtjaGFyc2V0PXV | -| | | | 0Zi04O3ZlcnNpb249M | -| | | | i4wLGFwcGxpY2F0aW9 | -| | | | uL2pzb247cT0xLjA7d | -| | | | mVyc2lvbj0yLjAsKi8 | -| | | | qO3E9MS4w>`__\ app | -| | | | lication/PermReque | -| | | | st+json;q=1.0;char | -| | | | set=utf-8;version= | -| | | | 2.0,application/js | -| | | | on;q=1.0;version=2 | -| | | | .0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUGVybVJ | -| | | | lcXVlc3QreG1sO3E9M | -| | | | S4wO2NoYXJzZXQ9dXR | -| | | | mLTg7dmVyc2lvbj0yL | -| | | | jAsdGV4dC94bWw7cT0 | -| | | | xLjA7dmVyc2lvbj0yL | -| | | | jA=>`__\ applicati | -| | | | on/PermRequest+xml | -| | | | ;q=1.0;charset=utf | -| | | | -8;version=2.0,tex | -| | | | t/xml;q=1.0;versio | -| | | | n=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | DELETE | /authz/perm | Delete a | -| | | | Permission | -| | | | | -| | | | Delete the | -| | | | Permission | -| | | | referenced by | -| | | | PermKey. | -| | | | | -| | | | You cannot | -| | | | normally delete a | -| | | | permission which | -| | | | is still granted | -| | | | to roles, | -| | | | | -| | | | however the | -| | | | "force" property | -| | | | allows you to do | -| | | | just that. To do | -| | | | this: Add | -| | | | | -| | | | 'force=true' as a | -| | | | query parameter. | -| | | | | -| | | | WARNING: Using | -| | | | force will ungrant | -| | | | this permission | -| | | | from all roles. | -| | | | Use with care. | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 404, 406 | -| | | | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUGVybVJ | -| | | | lcXVlc3QranNvbjtxP | -| | | | TEuMDtjaGFyc2V0PXV | -| | | | 0Zi04O3ZlcnNpb249M | -| | | | i4wLGFwcGxpY2F0aW9 | -| | | | uL2pzb247cT0xLjA7d | -| | | | mVyc2lvbj0yLjAsKi8 | -| | | | qO3E9MS4w>`__\ app | -| | | | lication/PermReque | -| | | | st+json;q=1.0;char | -| | | | set=utf-8;version= | -| | | | 2.0,application/js | -| | | | on;q=1.0;version=2 | -| | | | .0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUGVybVJ | -| | | | lcXVlc3QreG1sO3E9M | -| | | | S4wO2NoYXJzZXQ9dXR | -| | | | mLTg7dmVyc2lvbj0yL | -| | | | jAsdGV4dC94bWw7cT0 | -| | | | xLjA7dmVyc2lvbj0yL | -| | | | jA=>`__\ applicati | -| | | | on/PermRequest+xml | -| | | | ;q=1.0;charset=utf | -| | | | -8;version=2.0,tex | -| | | | t/xml;q=1.0;versio | -| | | | n=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | DELETE | /authz/perm/:name/ | Delete a | -| | | :type/:action | Permission | -| | | | | -| | | | Delete the | -| | | | Permission | -| | | | referenced by | -| | | | :type :instance | -| | | | :action | -| | | | | -| | | | You cannot | -| | | | normally delete a | -| | | | permission which | -| | | | is still granted | -| | | | to roles, | -| | | | | -| | | | however the | -| | | | "force" property | -| | | | allows you to do | -| | | | just that. To do | -| | | | this: Add | -| | | | | -| | | | 'force=true' as a | -| | | | query parameter | -| | | | | -| | | | WARNING: Using | -| | | | force will ungrant | -| | | | this permission | -| | | | from all roles. | -| | | | Use with care. | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | type : string | -| | | | (Required) | -| | | | | -| | | | instance : string | -| | | | (Required) | -| | | | | -| | | | action : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 404, 406 | -| | | | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUGVybUt | -| | | | leStqc29uO3E9MS4wO | -| | | | 2NoYXJzZXQ9dXRmLTg | -| | | | 7dmVyc2lvbj0yLjAsY | -| | | | XBwbGljYXRpb24vanN | -| | | | vbjtxPTEuMDt2ZXJza | -| | | | W9uPTIuMCwqLyo7cT0 | -| | | | xLjA=>`__\ applica | -| | | | tion/PermKey+json; | -| | | | q=1.0;charset=utf- | -| | | | 8;version=2.0,appl | -| | | | ication/json;q=1.0 | -| | | | ;version=2.0,\*/\* | -| | | | ;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUGVybUt | -| | | | leSt4bWw7cT0xLjA7Y | -| | | | 2hhcnNldD11dGYtODt | -| | | | 2ZXJzaW9uPTIuMCx0Z | -| | | | Xh0L3htbDtxPTEuMDt | -| | | | 2ZXJzaW9uPTIuMA==> | -| | | | `__\ application/P | -| | | | ermKey+xml;q=1.0;c | -| | | | harset=utf-8;versi | -| | | | on=2.0,text/xml;q= | -| | | | 1.0;version=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | PUT | /authz/perm/:type/ | Update a | -| | | :instance/:action | Permission | -| | | | | -| | | | Rename the | -| | | | Permission | -| | | | referenced by | -| | | | :type :instance | -| | | | :action, and | -| | | | rename | -| | | | (copy/delete) to | -| | | | the Permission | -| | | | described in | -| | | | PermRequest | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | type : string | -| | | | (Required) | -| | | | | -| | | | instance : string | -| | | | (Required) | -| | | | | -| | | | action : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 404, 406, 409 | -| | | | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUGVybVJ | -| | | | lcXVlc3QranNvbjtxP | -| | | | TEuMDtjaGFyc2V0PXV | -| | | | 0Zi04O3ZlcnNpb249M | -| | | | i4wLGFwcGxpY2F0aW9 | -| | | | uL2pzb247cT0xLjA7d | -| | | | mVyc2lvbj0yLjAsKi8 | -| | | | qO3E9MS4w>`__\ app | -| | | | lication/PermReque | -| | | | st+json;q=1.0;char | -| | | | set=utf-8;version= | -| | | | 2.0,application/js | -| | | | on;q=1.0;version=2 | -| | | | .0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUGVybVJ | -| | | | lcXVlc3QreG1sO3E9M | -| | | | S4wO2NoYXJzZXQ9dXR | -| | | | mLTg7dmVyc2lvbj0yL | -| | | | jAsdGV4dC94bWw7cT0 | -| | | | xLjA7dmVyc2lvbj0yL | -| | | | jA=>`__\ applicati | -| | | | on/PermRequest+xml | -| | | | ;q=1.0;charset=utf | -| | | | -8;version=2.0,tex | -| | | | t/xml;q=1.0;versio | -| | | | n=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | GET | /authz/perms/:type | Get Permissions by | -| | | | Type | -| | | | | -| | | | List All | -| | | | Permissions that | -| | | | match the :type | -| | | | element of the key | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | type : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 404, 406 | -| | | | | -| | | | Accept: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUGVybXM | -| | | | ranNvbjtxPTEuMDtja | -| | | | GFyc2V0PXV0Zi04O3Z | -| | | | lcnNpb249Mi4wLGFwc | -| | | | GxpY2F0aW9uL2pzb24 | -| | | | 7cT0xLjA7dmVyc2lvb | -| | | | j0yLjAsKi8qO3E9MS4 | -| | | | w>`__\ application | -| | | | /Perms+json;q=1.0; | -| | | | charset=utf-8;vers | -| | | | ion=2.0,applicatio | -| | | | n/json;q=1.0;versi | -| | | | on=2.0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUGVybXM | -| | | | reG1sO3E9MS4wO2NoY | -| | | | XJzZXQ9dXRmLTg7dmV | -| | | | yc2lvbj0yLjAsdGV4d | -| | | | C94bWw7cT0xLjA7dmV | -| | | | yc2lvbj0yLjA=>`__\ | -| | | | application/Perms | -| | | | +xml;q=1.0;charset | -| | | | =utf-8;version=2.0 | -| | | | ,text/xml;q=1.0;ve | -| | | | rsion=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | GET | /authz/perms/:type | Get Permissions by | -| | | /:instance/:action | Key | -| | | | | -| | | | List Permissions | -| | | | that match key; | -| | | | :type, :instance | -| | | | and :action | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | type : string | -| | | | (Required) | -| | | | | -| | | | instance : string | -| | | | (Required) | -| | | | | -| | | | action : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 404, 406 | -| | | | | -| | | | Accept: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUGVybXM | -| | | | ranNvbjtxPTEuMDtja | -| | | | GFyc2V0PXV0Zi04O3Z | -| | | | lcnNpb249Mi4wLGFwc | -| | | | GxpY2F0aW9uL2pzb24 | -| | | | 7cT0xLjA7dmVyc2lvb | -| | | | j0yLjAsKi8qO3E9MS4 | -| | | | w>`__\ application | -| | | | /Perms+json;q=1.0; | -| | | | charset=utf-8;vers | -| | | | ion=2.0,applicatio | -| | | | n/json;q=1.0;versi | -| | | | on=2.0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUGVybXM | -| | | | reG1sO3E9MS4wO2NoY | -| | | | XJzZXQ9dXRmLTg7dmV | -| | | | yc2lvbj0yLjAsdGV4d | -| | | | C94bWw7cT0xLjA7dmV | -| | | | yc2lvbj0yLjA=>`__\ | -| | | | application/Perms | -| | | | +xml;q=1.0;charset | -| | | | =utf-8;version=2.0 | -| | | | ,text/xml;q=1.0;ve | -| | | | rsion=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | GET | /authz/perms/ns/:n | Get PermsByNS | -| | | s | | -| | | | List All | -| | | | Permissions that | -| | | | are in Namespace | -| | | | :ns | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | ns : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 404, 406 | -| | | | | -| | | | Accept: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUGVybXM | -| | | | ranNvbjtxPTEuMDtja | -| | | | GFyc2V0PXV0Zi04O3Z | -| | | | lcnNpb249Mi4wLGFwc | -| | | | GxpY2F0aW9uL2pzb24 | -| | | | 7cT0xLjA7dmVyc2lvb | -| | | | j0yLjAsKi8qO3E9MC4 | -| | | | y>`__\ application | -| | | | /Perms+json;q=1.0; | -| | | | charset=utf-8;vers | -| | | | ion=2.0,applicatio | -| | | | n/json;q=1.0;versi | -| | | | on=2.0,\*/\*;q=0.2 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUGVybXM | -| | | | reG1sO3E9MS4wO2NoY | -| | | | XJzZXQ9dXRmLTg7dmV | -| | | | yc2lvbj0yLjAsdGV4d | -| | | | C94bWw7cT0xLjA7dmV | -| | | | yc2lvbj0yLjA=>`__\ | -| | | | application/Perms | -| | | | +xml;q=1.0;charset | -| | | | =utf-8;version=2.0 | -| | | | ,text/xml;q=1.0;ve | -| | | | rsion=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | GET | /authz/perms/role/ | Get Permissions by | -| | | :role | Role | -| | | | | -| | | | List All | -| | | | Permissions that | -| | | | are granted to | -| | | | :role | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | role : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 404, 406 | -| | | | | -| | | | Accept: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUGVybXM | -| | | | ranNvbjtxPTEuMDtja | -| | | | GFyc2V0PXV0Zi04O3Z | -| | | | lcnNpb249Mi4wLGFwc | -| | | | GxpY2F0aW9uL2pzb24 | -| | | | 7cT0xLjA7dmVyc2lvb | -| | | | j0yLjAsKi8qO3E9MS4 | -| | | | w>`__\ application | -| | | | /Perms+json;q=1.0; | -| | | | charset=utf-8;vers | -| | | | ion=2.0,applicatio | -| | | | n/json;q=1.0;versi | -| | | | on=2.0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUGVybXM | -| | | | reG1sO3E9MS4wO2NoY | -| | | | XJzZXQ9dXRmLTg7dmV | -| | | | yc2lvbj0yLjAsdGV4d | -| | | | C94bWw7cT0xLjA7dmV | -| | | | yc2lvbj0yLjA=>`__\ | -| | | | application/Perms | -| | | | +xml;q=1.0;charset | -| | | | =utf-8;version=2.0 | -| | | | ,text/xml;q=1.0;ve | -| | | | rsion=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | POST | /authz/perms/user/ | Get Permissions by | -| | | :user | User, Query AAF | -| | | | Perms | -| | | | | -| | | | List All | -| | | | Permissions that | -| | | | match user :user | -| | | | | -| | | | 'user' must be | -| | | | expressed as full | -| | | | identity (ex: | -| | | | id@full.domain.com | -| | | | ) | -| | | | | -| | | | Present Queries as | -| | | | one or more | -| | | | Permissions (see | -| | | | ContentType Links | -| | | | below for format). | -| | | | | -| | | | If the Caller is | -| | | | Granted this | -| | | | specific | -| | | | Permission, and | -| | | | the Permission is | -| | | | valid | -| | | | | -| | | | for the User, it | -| | | | will be included | -| | | | in response | -| | | | Permissions, along | -| | | | with | -| | | | | -| | | | all the normal | -| | | | permissions on the | -| | | | 'GET' version of | -| | | | this call. If it | -| | | | is not | -| | | | | -| | | | valid, or Caller | -| | | | does not have | -| | | | permission to see, | -| | | | it will be removed | -| | | | from the list | -| | | | | -| | | | \*Note: This | -| | | | design allows you | -| | | | to make one call | -| | | | for all expected | -| | | | permissions | -| | | | | -| | | | The permission to | -| | | | be included MUST | -| | | | be: | -| | | | | -| | | | .access\|:[:key]\| | -| | | | | -| | | | examples: | -| | | | | -| | | | com.onap.myns.acces | -| | | | s\|:ns\|write | -| | | | | -| | | | com.onap.myns.acces | -| | | | s\|:role:myrole\|c | -| | | | reate | -| | | | | -| | | | com.onap.myns.acces | -| | | | s\|:perm:mytype:my | -| | | | instance:myaction\ | -| | | | |read | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | user : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 404, 406 | -| | | | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUGVybXM | -| | | | ranNvbjtxPTEuMDtja | -| | | | GFyc2V0PXV0Zi04O3Z | -| | | | lcnNpb249Mi4wLGFwc | -| | | | GxpY2F0aW9uL2pzb24 | -| | | | 7cT0xLjA7dmVyc2lvb | -| | | | j0yLjAsKi8qO3E9MS4 | -| | | | w>`__\ application | -| | | | /Perms+json;q=1.0; | -| | | | charset=utf-8;vers | -| | | | ion=2.0,applicatio | -| | | | n/json;q=1.0;versi | -| | | | on=2.0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUGVybXM | -| | | | reG1sO3E9MS4wO2NoY | -| | | | XJzZXQ9dXRmLTg7dmV | -| | | | yc2lvbj0yLjAsdGV4d | -| | | | C94bWw7cT0xLjA7dmV | -| | | | yc2lvbj0yLjA=>`__\ | -| | | | application/Perms | -| | | | +xml;q=1.0;charset | -| | | | =utf-8;version=2.0 | -| | | | ,text/xml;q=1.0;ve | -| | | | rsion=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | GET | /authz/perms/user/ | Get Permissions by | -| | | :user | User | -| | | | | -| | | | List All | -| | | | Permissions that | -| | | | match user :user | -| | | | | -| | | | 'user' must be | -| | | | expressed as full | -| | | | identity (ex: | -| | | | id@full.domain.com | -| | | | ) | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | user : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 404, 406 | -| | | | | -| | | | Accept: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUGVybXM | -| | | | ranNvbjtxPTEuMDtja | -| | | | GFyc2V0PXV0Zi04O3Z | -| | | | lcnNpb249Mi4wLGFwc | -| | | | GxpY2F0aW9uL2pzb24 | -| | | | 7cT0xLjA7dmVyc2lvb | -| | | | j0yLjAsKi8qO3E9MC4 | -| | | | y>`__\ application | -| | | | /Perms+json;q=1.0; | -| | | | charset=utf-8;vers | -| | | | ion=2.0,applicatio | -| | | | n/json;q=1.0;versi | -| | | | on=2.0,\*/\*;q=0.2 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUGVybXM | -| | | | reG1sO3E9MS4wO2NoY | -| | | | XJzZXQ9dXRmLTg7dmV | -| | | | yc2lvbj0yLjAsdGV4d | -| | | | C94bWw7cT0xLjA7dmV | -| | | | yc2lvbj0yLjA=>`__\ | -| | | | application/Perms | -| | | | +xml;q=1.0;charset | -| | | | =utf-8;version=2.0 | -| | | | ,text/xml;q=1.0;ve | -| | | | rsion=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| ROLE | POST | /authz/role | Create Role | -| | | | | -| | | | Roles are part of | -| | | | Namespaces | -| | | | | -| | | | Examples: | -| | | | | -| | | | - com.onap.aaf - | -| | | | The team that | -| | | | created and | -| | | | maintains AAF | -| | | | - com.onap.csp - | -| | | | The team that | -| | | | created Global | -| | | | Login | -| | | | | -| | | | Roles do not | -| | | | include implied | -| | | | permissions for an | -| | | | App. Instead, they | -| | | | contain explicit | -| | | | Granted | -| | | | Permissions by any | -| | | | Namespace in AAF | -| | | | (See Permissions) | -| | | | | -| | | | Restrictions on | -| | | | Role Names: | -| | | | | -| | | | - Must start with | -| | | | valid Namespace | -| | | | name, | -| | | | terminated by . | -| | | | (dot/period) | -| | | | - Allowed | -| | | | Characters are | -| | | | a-zA-Z0-9.\_- | -| | | | - role names are | -| | | | Case Sensitive | -| | | | | -| | | | The right | -| | | | questions to ask | -| | | | for defining and | -| | | | populating a Role | -| | | | in AAF, therefore, | -| | | | are: | -| | | | | -| | | | - 'What Job | -| | | | Function does | -| | | | this | -| | | | represent?' | -| | | | - 'Does this | -| | | | person perform | -| | | | this Job | -| | | | Function?' | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 201 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 403, 404, 406, 409 | -| | | | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUm9sZVJ | -| | | | lcXVlc3QranNvbjtxP | -| | | | TEuMDtjaGFyc2V0PXV | -| | | | 0Zi04O3ZlcnNpb249M | -| | | | i4wLGFwcGxpY2F0aW9 | -| | | | uL2pzb247cT0xLjA7d | -| | | | mVyc2lvbj0yLjAsKi8 | -| | | | qO3E9MS4w>`__\ app | -| | | | lication/RoleReque | -| | | | st+json;q=1.0;char | -| | | | set=utf-8;version= | -| | | | 2.0,application/js | -| | | | on;q=1.0;version=2 | -| | | | .0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUm9sZVJ | -| | | | lcXVlc3QreG1sO3E9M | -| | | | S4wO2NoYXJzZXQ9dXR | -| | | | mLTg7dmVyc2lvbj0yL | -| | | | jAsdGV4dC94bWw7cT0 | -| | | | xLjA7dmVyc2lvbj0yL | -| | | | jA=>`__\ applicati | -| | | | on/RoleRequest+xml | -| | | | ;q=1.0;charset=utf | -| | | | -8;version=2.0,tex | -| | | | t/xml;q=1.0;versio | -| | | | n=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | PUT | /authz/role | Set Description | -| | | | for role | -| | | | | -| | | | Add Description | -| | | | Data to a Role | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 404, 406 | -| | | | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUm9sZVJ | -| | | | lcXVlc3QranNvbjtxP | -| | | | TEuMDtjaGFyc2V0PXV | -| | | | 0Zi04O3ZlcnNpb249M | -| | | | i4wLGFwcGxpY2F0aW9 | -| | | | uL2pzb247cT0xLjA7d | -| | | | mVyc2lvbj0yLjAsKi8 | -| | | | qO3E9MS4w>`__\ app | -| | | | lication/RoleReque | -| | | | st+json;q=1.0;char | -| | | | set=utf-8;version= | -| | | | 2.0,application/js | -| | | | on;q=1.0;version=2 | -| | | | .0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUm9sZVJ | -| | | | lcXVlc3QreG1sO3E9M | -| | | | S4wO2NoYXJzZXQ9dXR | -| | | | mLTg7dmVyc2lvbj0yL | -| | | | jAsdGV4dC94bWw7cT0 | -| | | | xLjA7dmVyc2lvbj0yL | -| | | | jA=>`__\ applicati | -| | | | on/RoleRequest+xml | -| | | | ;q=1.0;charset=utf | -| | | | -8;version=2.0,tex | -| | | | t/xml;q=1.0;versio | -| | | | n=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | DELETE | /authz/role | Delete Role | -| | | | | -| | | | Delete the Role | -| | | | referenced by | -| | | | RoleKey | -| | | | | -| | | | You cannot | -| | | | normally delete a | -| | | | role which still | -| | | | has permissions | -| | | | granted or users | -| | | | assigned to it, | -| | | | | -| | | | however the | -| | | | "force" property | -| | | | allows you to do | -| | | | just that. To do | -| | | | this: Add | -| | | | 'force=true' | -| | | | | -| | | | as a query | -| | | | parameter. | -| | | | | -| | | | WARNING: Using | -| | | | force will remove | -| | | | all users and | -| | | | permission from | -| | | | this role. Use | -| | | | with care. | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 404, 406 | -| | | | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUm9sZVJ | -| | | | lcXVlc3QranNvbjtxP | -| | | | TEuMDtjaGFyc2V0PXV | -| | | | 0Zi04O3ZlcnNpb249M | -| | | | i4wLGFwcGxpY2F0aW9 | -| | | | uL2pzb247cT0xLjA7d | -| | | | mVyc2lvbj0yLjAsKi8 | -| | | | qO3E9MS4w>`__\ app | -| | | | lication/RoleReque | -| | | | st+json;q=1.0;char | -| | | | set=utf-8;version= | -| | | | 2.0,application/js | -| | | | on;q=1.0;version=2 | -| | | | .0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUm9sZVJ | -| | | | lcXVlc3QreG1sO3E9M | -| | | | S4wO2NoYXJzZXQ9dXR | -| | | | mLTg7dmVyc2lvbj0yL | -| | | | jAsdGV4dC94bWw7cT0 | -| | | | xLjA7dmVyc2lvbj0yL | -| | | | jA=>`__\ applicati | -| | | | on/RoleRequest+xml | -| | | | ;q=1.0;charset=utf | -| | | | -8;version=2.0,tex | -| | | | t/xml;q=1.0;versio | -| | | | n=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | DELETE | /authz/role/:role | Delete Role | -| | | | | -| | | | Delete the Role | -| | | | named :role | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | role : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 404, 406 | -| | | | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUm9sZSt | -| | | | qc29uO3E9MS4wO2NoY | -| | | | XJzZXQ9dXRmLTg7dmV | -| | | | yc2lvbj0yLjAsYXBwb | -| | | | GljYXRpb24vanNvbjt | -| | | | xPTEuMDt2ZXJzaW9uP | -| | | | TIuMCwqLyo7cT0xLjA | -| | | | =>`__\ application | -| | | | /Role+json;q=1.0;c | -| | | | harset=utf-8;versi | -| | | | on=2.0,application | -| | | | /json;q=1.0;versio | -| | | | n=2.0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUm9sZSt | -| | | | 4bWw7cT0xLjA7Y2hhc | -| | | | nNldD11dGYtODt2ZXJ | -| | | | zaW9uPTIuMCx0ZXh0L | -| | | | 3htbDtxPTEuMDt2ZXJ | -| | | | zaW9uPTIuMA==>`__\ | -| | | | application/Role+ | -| | | | xml;q=1.0;charset= | -| | | | utf-8;version=2.0, | -| | | | text/xml;q=1.0;ver | -| | | | sion=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | DELETE | /authz/role/:role/ | Delete Permission | -| | | perm | from Role | -| | | | | -| | | | Ungrant a | -| | | | permission from | -| | | | Role :role | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | role : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 404, 406 | -| | | | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUm9sZVB | -| | | | lcm1SZXF1ZXN0K2pzb | -| | | | 247cT0xLjA7Y2hhcnN | -| | | | ldD11dGYtODt2ZXJza | -| | | | W9uPTIuMCxhcHBsaWN | -| | | | hdGlvbi9qc29uO3E9M | -| | | | S4wO3ZlcnNpb249Mi4 | -| | | | wLCovKjtxPTEuMA==> | -| | | | `__\ application/R | -| | | | olePermRequest+jso | -| | | | n;q=1.0;charset=ut | -| | | | f-8;version=2.0,ap | -| | | | plication/json;q=1 | -| | | | .0;version=2.0,\*/ | -| | | | \*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUm9sZVB | -| | | | lcm1SZXF1ZXN0K3htb | -| | | | DtxPTEuMDtjaGFyc2V | -| | | | 0PXV0Zi04O3ZlcnNpb | -| | | | 249Mi4wLHRleHQveG1 | -| | | | sO3E9MS4wO3ZlcnNpb | -| | | | 249Mi4w>`__\ appli | -| | | | cation/RolePermReq | -| | | | uest+xml;q=1.0;cha | -| | | | rset=utf-8;version | -| | | | =2.0,text/xml;q=1. | -| | | | 0;version=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | POST | /authz/role/perm | Add Permission to | -| | | | Role | -| | | | | -| | | | Grant a Permission | -| | | | to a Role | -| | | | | -| | | | Permission | -| | | | consists of: | -| | | | | -| | | | - type - a | -| | | | Namespace | -| | | | qualified | -| | | | identifier | -| | | | specifying what | -| | | | kind of | -| | | | resource is | -| | | | being protected | -| | | | - instance - a | -| | | | key, possibly | -| | | | multi-dimension | -| | | | al, | -| | | | that identifies | -| | | | a specific | -| | | | instance of the | -| | | | type | -| | | | - action - what | -| | | | kind of action | -| | | | is allowed | -| | | | | -| | | | Note: instance and | -| | | | action can be an | -| | | | \* | -| | | | | -| | | | Note: Using the | -| | | | "force" property | -| | | | will create the | -| | | | Permission, if it | -| | | | doesn't exist AND | -| | | | the requesting ID | -| | | | is allowed to | -| | | | create. It will | -| | | | then grant | -| | | | | -| | | | the permission to | -| | | | the role in one | -| | | | step. To do this: | -| | | | add 'force=true' | -| | | | as a query | -| | | | parameter. | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 201 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 403, 404, 406, 409 | -| | | | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUm9sZVB | -| | | | lcm1SZXF1ZXN0K2pzb | -| | | | 247cT0xLjA7Y2hhcnN | -| | | | ldD11dGYtODt2ZXJza | -| | | | W9uPTIuMCxhcHBsaWN | -| | | | hdGlvbi9qc29uO3E9M | -| | | | S4wO3ZlcnNpb249Mi4 | -| | | | wLCovKjtxPTEuMA==> | -| | | | `__\ application/R | -| | | | olePermRequest+jso | -| | | | n;q=1.0;charset=ut | -| | | | f-8;version=2.0,ap | -| | | | plication/json;q=1 | -| | | | .0;version=2.0,\*/ | -| | | | \*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUm9sZVB | -| | | | lcm1SZXF1ZXN0K3htb | -| | | | DtxPTEuMDtjaGFyc2V | -| | | | 0PXV0Zi04O3ZlcnNpb | -| | | | 249Mi4wLHRleHQveG1 | -| | | | sO3E9MS4wO3ZlcnNpb | -| | | | 249Mi4w>`__\ appli | -| | | | cation/RolePermReq | -| | | | uest+xml;q=1.0;cha | -| | | | rset=utf-8;version | -| | | | =2.0,text/xml;q=1. | -| | | | 0;version=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | PUT | /authz/role/perm | Set a Permission's | -| | | | Roles | -| | | | | -| | | | Set a permission's | -| | | | roles to roles | -| | | | given | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 201 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 403, 404, 406, 409 | -| | | | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUm9sZVB | -| | | | lcm1SZXF1ZXN0K2pzb | -| | | | 247cT0xLjA7Y2hhcnN | -| | | | ldD11dGYtODt2ZXJza | -| | | | W9uPTIuMCxhcHBsaWN | -| | | | hdGlvbi9qc29uO3E9M | -| | | | S4wO3ZlcnNpb249Mi4 | -| | | | wLCovKjtxPTEuMA==> | -| | | | `__\ application/R | -| | | | olePermRequest+jso | -| | | | n;q=1.0;charset=ut | -| | | | f-8;version=2.0,ap | -| | | | plication/json;q=1 | -| | | | .0;version=2.0,\*/ | -| | | | \*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUm9sZVB | -| | | | lcm1SZXF1ZXN0K3htb | -| | | | DtxPTEuMDtjaGFyc2V | -| | | | 0PXV0Zi04O3ZlcnNpb | -| | | | 249Mi4wLHRleHQveG1 | -| | | | sO3E9MS4wO3ZlcnNpb | -| | | | 249Mi4w>`__\ appli | -| | | | cation/RolePermReq | -| | | | uest+xml;q=1.0;cha | -| | | | rset=utf-8;version | -| | | | =2.0,text/xml;q=1. | -| | | | 0;version=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | GET | /authz/roles/:role | GetRolesByFullName | -| | | | | -| | | | List Roles that | -| | | | match :role | -| | | | | -| | | | Note: You must | -| | | | have permission to | -| | | | see any given role | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | role : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 404, 406 | -| | | | | -| | | | Accept: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUm9sZXM | -| | | | ranNvbjtxPTEuMDtja | -| | | | GFyc2V0PXV0Zi04O3Z | -| | | | lcnNpb249Mi4wLGFwc | -| | | | GxpY2F0aW9uL2pzb24 | -| | | | 7cT0xLjA7dmVyc2lvb | -| | | | j0yLjAsKi8qO3E9MS4 | -| | | | w>`__\ application | -| | | | /Roles+json;q=1.0; | -| | | | charset=utf-8;vers | -| | | | ion=2.0,applicatio | -| | | | n/json;q=1.0;versi | -| | | | on=2.0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUm9sZXM | -| | | | reG1sO3E9MS4wO2NoY | -| | | | XJzZXQ9dXRmLTg7dmV | -| | | | yc2lvbj0yLjAsdGV4d | -| | | | C94bWw7cT0xLjA7dmV | -| | | | yc2lvbj0yLjA=>`__\ | -| | | | application/Roles | -| | | | +xml;q=1.0;charset | -| | | | =utf-8;version=2.0 | -| | | | ,text/xml;q=1.0;ve | -| | | | rsion=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | GET | /authz/roles/name/ | GetRolesByNameOnly | -| | | :name | | -| | | | List all Roles for | -| | | | only the Name of | -| | | | Role (without | -| | | | Namespace) | -| | | | | -| | | | Note: You must | -| | | | have permission to | -| | | | see any given role | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | name : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 404, 406 | -| | | | | -| | | | Accept: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUm9sZXM | -| | | | ranNvbjtxPTEuMDtja | -| | | | GFyc2V0PXV0Zi04O3Z | -| | | | lcnNpb249Mi4wLGFwc | -| | | | GxpY2F0aW9uL2pzb24 | -| | | | 7cT0xLjA7dmVyc2lvb | -| | | | j0yLjAsKi8qO3E9MS4 | -| | | | w>`__\ application | -| | | | /Roles+json;q=1.0; | -| | | | charset=utf-8;vers | -| | | | ion=2.0,applicatio | -| | | | n/json;q=1.0;versi | -| | | | on=2.0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUm9sZXM | -| | | | reG1sO3E9MS4wO2NoY | -| | | | XJzZXQ9dXRmLTg7dmV | -| | | | yc2lvbj0yLjAsdGV4d | -| | | | C94bWw7cT0xLjA7dmV | -| | | | yc2lvbj0yLjA=>`__\ | -| | | | application/Roles | -| | | | +xml;q=1.0;charset | -| | | | =utf-8;version=2.0 | -| | | | ,text/xml;q=1.0;ve | -| | | | rsion=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | GET | /authz/roles/ns/:n | GetRolesByNS | -| | | s | | -| | | | List all Roles for | -| | | | the Namespace :ns | -| | | | | -| | | | Note: You must | -| | | | have permission to | -| | | | see any given role | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | ns : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 404, 406 | -| | | | | -| | | | Accept: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUm9sZXM | -| | | | ranNvbjtxPTEuMDtja | -| | | | GFyc2V0PXV0Zi04O3Z | -| | | | lcnNpb249Mi4wLGFwc | -| | | | GxpY2F0aW9uL2pzb24 | -| | | | 7cT0xLjA7dmVyc2lvb | -| | | | j0yLjAsKi8qO3E9MC4 | -| | | | y>`__\ application | -| | | | /Roles+json;q=1.0; | -| | | | charset=utf-8;vers | -| | | | ion=2.0,applicatio | -| | | | n/json;q=1.0;versi | -| | | | on=2.0,\*/\*;q=0.2 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUm9sZXM | -| | | | reG1sO3E9MS4wO2NoY | -| | | | XJzZXQ9dXRmLTg7dmV | -| | | | yc2lvbj0yLjAsdGV4d | -| | | | C94bWw7cT0xLjA7dmV | -| | | | yc2lvbj0yLjA=>`__\ | -| | | | application/Roles | -| | | | +xml;q=1.0;charset | -| | | | =utf-8;version=2.0 | -| | | | ,text/xml;q=1.0;ve | -| | | | rsion=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | GET | /authz/roles/perm/ | GetRolesByPerm | -| | | :type/:instance/:a | | -| | | ction | Find all Roles | -| | | | containing the | -| | | | given | -| | | | Permission.Permiss | -| | | | ion | -| | | | consists of: | -| | | | | -| | | | - type - a | -| | | | Namespace | -| | | | qualified | -| | | | identifier | -| | | | specifying what | -| | | | kind of | -| | | | resource is | -| | | | being protected | -| | | | - instance - a | -| | | | key, possibly | -| | | | multi-dimension | -| | | | al, | -| | | | that identifies | -| | | | a specific | -| | | | instance of the | -| | | | type | -| | | | - action - what | -| | | | kind of action | -| | | | is allowed | -| | | | | -| | | | Notes: instance | -| | | | and action can be | -| | | | an \* | -| | | | | -| | | | You must have | -| | | | permission to see | -| | | | any given role | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | type : string | -| | | | (Required) | -| | | | | -| | | | instance : string | -| | | | (Required) | -| | | | | -| | | | action : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 404, 406 | -| | | | | -| | | | Accept: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUm9sZXM | -| | | | ranNvbjtxPTEuMDtja | -| | | | GFyc2V0PXV0Zi04O3Z | -| | | | lcnNpb249Mi4wLGFwc | -| | | | GxpY2F0aW9uL2pzb24 | -| | | | 7cT0xLjA7dmVyc2lvb | -| | | | j0yLjAsKi8qO3E9MS4 | -| | | | w>`__\ application | -| | | | /Roles+json;q=1.0; | -| | | | charset=utf-8;vers | -| | | | ion=2.0,applicatio | -| | | | n/json;q=1.0;versi | -| | | | on=2.0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUm9sZXM | -| | | | reG1sO3E9MS4wO2NoY | -| | | | XJzZXQ9dXRmLTg7dmV | -| | | | yc2lvbj0yLjAsdGV4d | -| | | | C94bWw7cT0xLjA7dmV | -| | | | yc2lvbj0yLjA=>`__\ | -| | | | application/Roles | -| | | | +xml;q=1.0;charset | -| | | | =utf-8;version=2.0 | -| | | | ,text/xml;q=1.0;ve | -| | | | rsion=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | GET | /authz/roles/user/ | GetRolesByUser | -| | | :name | | -| | | | List all Roles | -| | | | that match user | -| | | | :name | -| | | | | -| | | | 'user' must be | -| | | | expressed as full | -| | | | identity (ex: | -| | | | id@full.domain.com | -| | | | ) | -| | | | | -| | | | Note: You must | -| | | | have permission to | -| | | | see any given role | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | name : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 404, 406 | -| | | | | -| | | | Accept: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUm9sZXM | -| | | | ranNvbjtxPTEuMDtja | -| | | | GFyc2V0PXV0Zi04O3Z | -| | | | lcnNpb249Mi4wLGFwc | -| | | | GxpY2F0aW9uL2pzb24 | -| | | | 7cT0xLjA7dmVyc2lvb | -| | | | j0yLjAsKi8qO3E9MS4 | -| | | | w>`__\ application | -| | | | /Roles+json;q=1.0; | -| | | | charset=utf-8;vers | -| | | | ion=2.0,applicatio | -| | | | n/json;q=1.0;versi | -| | | | on=2.0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vUm9sZXM | -| | | | reG1sO3E9MS4wO2NoY | -| | | | XJzZXQ9dXRmLTg7dmV | -| | | | yc2lvbj0yLjAsdGV4d | -| | | | C94bWw7cT0xLjA7dmV | -| | | | yc2lvbj0yLjA=>`__\ | -| | | | application/Roles | -| | | | +xml;q=1.0;charset | -| | | | =utf-8;version=2.0 | -| | | | ,text/xml;q=1.0;ve | -| | | | rsion=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | POST | /authz/userRole | Request User Role | -| | | | Access | -| | | | | -| | | | Create a UserRole | -| | | | relationship (add | -| | | | User to Role) | -| | | | | -| | | | A UserRole is an | -| | | | object | -| | | | Representation of | -| | | | membership of a | -| | | | Role for limited | -| | | | time. | -| | | | | -| | | | If a shorter | -| | | | amount of time for | -| | | | Role ownership is | -| | | | required, use the | -| | | | 'End' field. | -| | | | | -| | | | \*\* Note: Owners | -| | | | of Namespaces will | -| | | | be required to | -| | | | revalidate users | -| | | | in these roles | -| | | | | -| | | | before Expirations | -| | | | expire. Namespace | -| | | | owners will be | -| | | | notified by email. | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 201 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 403, 404, 406, 409 | -| | | | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVXNlclJ | -| | | | vbGVSZXF1ZXN0K2pzb | -| | | | 247cT0xLjA7Y2hhcnN | -| | | | ldD11dGYtODt2ZXJza | -| | | | W9uPTIuMCxhcHBsaWN | -| | | | hdGlvbi9qc29uO3E9M | -| | | | S4wO3ZlcnNpb249Mi4 | -| | | | wLCovKjtxPTEuMA==> | -| | | | `__\ application/U | -| | | | serRoleRequest+jso | -| | | | n;q=1.0;charset=ut | -| | | | f-8;version=2.0,ap | -| | | | plication/json;q=1 | -| | | | .0;version=2.0,\*/ | -| | | | \*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVXNlclJ | -| | | | vbGVSZXF1ZXN0K3htb | -| | | | DtxPTEuMDtjaGFyc2V | -| | | | 0PXV0Zi04O3ZlcnNpb | -| | | | 249Mi4wLHRleHQveG1 | -| | | | sO3E9MS4wO3ZlcnNpb | -| | | | 249Mi4w>`__\ appli | -| | | | cation/UserRoleReq | -| | | | uest+xml;q=1.0;cha | -| | | | rset=utf-8;version | -| | | | =2.0,text/xml;q=1. | -| | | | 0;version=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | GET | /authz/userRole/:u | Get if User is In | -| | | ser/:role | Role | -| | | | | -| | | | Returns the User | -| | | | (with Expiration | -| | | | date from listed | -| | | | User/Role) if it | -| | | | exists | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | user : string | -| | | | (Required) | -| | | | | -| | | | role : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 403, 404, 406 | -| | | | | -| | | | Accept: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVXNlcnM | -| | | | ranNvbjtxPTEuMDtja | -| | | | GFyc2V0PXV0Zi04O3Z | -| | | | lcnNpb249Mi4wLGFwc | -| | | | GxpY2F0aW9uL2pzb24 | -| | | | 7cT0xLjA7dmVyc2lvb | -| | | | j0yLjAsKi8qO3E9MS4 | -| | | | w>`__\ application | -| | | | /Users+json;q=1.0; | -| | | | charset=utf-8;vers | -| | | | ion=2.0,applicatio | -| | | | n/json;q=1.0;versi | -| | | | on=2.0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVXNlcnM | -| | | | reG1sO3E9MS4wO2NoY | -| | | | XJzZXQ9dXRmLTg7dmV | -| | | | yc2lvbj0yLjAsdGV4d | -| | | | C94bWw7cT0xLjA7dmV | -| | | | yc2lvbj0yLjA=>`__\ | -| | | | application/Users | -| | | | +xml;q=1.0;charset | -| | | | =utf-8;version=2.0 | -| | | | ,text/xml;q=1.0;ve | -| | | | rsion=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | DELETE | /authz/userRole/:u | Delete User Role | -| | | ser/:role | | -| | | | Remove Role :role | -| | | | from User :user. | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | user : string | -| | | | (Required) | -| | | | | -| | | | role : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 403, 404, 406 | -| | | | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVm9pZCt | -| | | | qc29uO3E9MS4wO2NoY | -| | | | XJzZXQ9dXRmLTg7dmV | -| | | | yc2lvbj0yLjAsYXBwb | -| | | | GljYXRpb24vanNvbjt | -| | | | xPTEuMDt2ZXJzaW9uP | -| | | | TIuMCwqLyo7cT0xLjA | -| | | | =>`__\ application | -| | | | /Void+json;q=1.0;c | -| | | | harset=utf-8;versi | -| | | | on=2.0,application | -| | | | /json;q=1.0;versio | -| | | | n=2.0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVm9pZCt | -| | | | 4bWw7cT0xLjA7Y2hhc | -| | | | nNldD11dGYtODt2ZXJ | -| | | | zaW9uPTIuMCx0ZXh0L | -| | | | 3htbDtxPTEuMDt2ZXJ | -| | | | zaW9uPTIuMA==>`__\ | -| | | | application/Void+ | -| | | | xml;q=1.0;charset= | -| | | | utf-8;version=2.0, | -| | | | text/xml;q=1.0;ver | -| | | | sion=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | PUT | /authz/userRole/ex | Extend Expiration | -| | | tend/:user/:role | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVm9pZCt | -| | | | qc29uO3E9MS4wO2NoY | -| | | | XJzZXQ9dXRmLTg7dmV | -| | | | yc2lvbj0yLjAsYXBwb | -| | | | GljYXRpb24vanNvbjt | -| | | | xPTEuMDt2ZXJzaW9uP | -| | | | TIuMCwqLyo7cT0xLjA | -| | | | =>`__\ application | -| | | | /Void+json;q=1.0;c | -| | | | harset=utf-8;versi | -| | | | on=2.0,application | -| | | | /json;q=1.0;versio | -| | | | n=2.0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVm9pZCt | -| | | | 4bWw7cT0xLjA7Y2hhc | -| | | | nNldD11dGYtODt2ZXJ | -| | | | zaW9uPTIuMCx0ZXh0L | -| | | | 3htbDtxPTEuMDt2ZXJ | -| | | | zaW9uPTIuMA==>`__\ | -| | | | application/Void+ | -| | | | xml;q=1.0;charset= | -| | | | utf-8;version=2.0, | -| | | | text/xml;q=1.0;ver | -| | | | sion=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | PUT | /authz/userRole/ro | Update Users for a | -| | | le | role | -| | | | | -| | | | Set a Role's users | -| | | | to the users | -| | | | specified in the | -| | | | UserRoleRequest | -| | | | object. | -| | | | | -| | | | WARNING: Users | -| | | | supplied will be | -| | | | the ONLY users | -| | | | attached to this | -| | | | role | -| | | | | -| | | | If no users are | -| | | | supplied, role's | -| | | | users are reset. | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 403, 404, 406 | -| | | | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVXNlclJ | -| | | | vbGVSZXF1ZXN0K2pzb | -| | | | 247cT0xLjA7Y2hhcnN | -| | | | ldD11dGYtODt2ZXJza | -| | | | W9uPTIuMCxhcHBsaWN | -| | | | hdGlvbi9qc29uO3E9M | -| | | | S4wO3ZlcnNpb249Mi4 | -| | | | wLCovKjtxPTEuMA==> | -| | | | `__\ application/U | -| | | | serRoleRequest+jso | -| | | | n;q=1.0;charset=ut | -| | | | f-8;version=2.0,ap | -| | | | plication/json;q=1 | -| | | | .0;version=2.0,\*/ | -| | | | \*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVXNlclJ | -| | | | vbGVSZXF1ZXN0K3htb | -| | | | DtxPTEuMDtjaGFyc2V | -| | | | 0PXV0Zi04O3ZlcnNpb | -| | | | 249Mi4wLHRleHQveG1 | -| | | | sO3E9MS4wO3ZlcnNpb | -| | | | 249Mi4w>`__\ appli | -| | | | cation/UserRoleReq | -| | | | uest+xml;q=1.0;cha | -| | | | rset=utf-8;version | -| | | | =2.0,text/xml;q=1. | -| | | | 0;version=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | PUT | /authz/userRole/us | Update Roles for a | -| | | er | user | -| | | | | -| | | | Set a User's roles | -| | | | to the roles | -| | | | specified in the | -| | | | UserRoleRequest | -| | | | object. | -| | | | | -| | | | WARNING: Roles | -| | | | supplied will be | -| | | | the ONLY roles | -| | | | attached to this | -| | | | user | -| | | | | -| | | | If no roles are | -| | | | supplied, user's | -| | | | roles are reset. | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 403, 404, 406 | -| | | | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVXNlclJ | -| | | | vbGVSZXF1ZXN0K2pzb | -| | | | 247cT0xLjA7Y2hhcnN | -| | | | ldD11dGYtODt2ZXJza | -| | | | W9uPTIuMCxhcHBsaWN | -| | | | hdGlvbi9qc29uO3E9M | -| | | | S4wO3ZlcnNpb249Mi4 | -| | | | wLCovKjtxPTEuMA==> | -| | | | `__\ application/U | -| | | | serRoleRequest+jso | -| | | | n;q=1.0;charset=ut | -| | | | f-8;version=2.0,ap | -| | | | plication/json;q=1 | -| | | | .0;version=2.0,\*/ | -| | | | \*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVXNlclJ | -| | | | vbGVSZXF1ZXN0K3htb | -| | | | DtxPTEuMDtjaGFyc2V | -| | | | 0PXV0Zi04O3ZlcnNpb | -| | | | 249Mi4wLHRleHQveG1 | -| | | | sO3E9MS4wO3ZlcnNpb | -| | | | 249Mi4w>`__\ appli | -| | | | cation/UserRoleReq | -| | | | uest+xml;q=1.0;cha | -| | | | rset=utf-8;version | -| | | | =2.0,text/xml;q=1. | -| | | | 0;version=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | GET | /authz/userRoles/r | Get UserRoles by | -| | | ole/:role | Role | -| | | | | -| | | | List all Users | -| | | | that are attached | -| | | | to Role specified | -| | | | in :role | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | role : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 404, 406 | -| | | | | -| | | | Accept: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVXNlclJ | -| | | | vbGVzK2pzb247cT0xL | -| | | | jA7Y2hhcnNldD11dGY | -| | | | tODt2ZXJzaW9uPTIuM | -| | | | CxhcHBsaWNhdGlvbi9 | -| | | | qc29uO3E9MS4wO3Zlc | -| | | | nNpb249Mi4wLCovKjt | -| | | | xPTAuMg==>`__\ app | -| | | | lication/UserRoles | -| | | | +json;q=1.0;charse | -| | | | t=utf-8;version=2. | -| | | | 0,application/json | -| | | | ;q=1.0;version=2.0 | -| | | | ,\*/\*;q=0.2 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVXNlclJ | -| | | | vbGVzK3htbDtxPTEuM | -| | | | DtjaGFyc2V0PXV0Zi0 | -| | | | 4O3ZlcnNpb249Mi4wL | -| | | | HRleHQveG1sO3E9MS4 | -| | | | wO3ZlcnNpb249Mi4w> | -| | | | `__\ application/U | -| | | | serRoles+xml;q=1.0 | -| | | | ;charset=utf-8;ver | -| | | | sion=2.0,text/xml; | -| | | | q=1.0;version=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | GET | /authz/userRoles/u | Get UserRoles by | -| | | ser/:user | User | -| | | | | -| | | | List all UserRoles | -| | | | for :user | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | role : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 404, 406 | -| | | | | -| | | | Accept: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVXNlclJ | -| | | | vbGVzK2pzb247cT0xL | -| | | | jA7Y2hhcnNldD11dGY | -| | | | tODt2ZXJzaW9uPTIuM | -| | | | CxhcHBsaWNhdGlvbi9 | -| | | | qc29uO3E9MS4wO3Zlc | -| | | | nNpb249Mi4wLCovKjt | -| | | | xPTAuMg==>`__\ app | -| | | | lication/UserRoles | -| | | | +json;q=1.0;charse | -| | | | t=utf-8;version=2. | -| | | | 0,application/json | -| | | | ;q=1.0;version=2.0 | -| | | | ,\*/\*;q=0.2 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVXNlclJ | -| | | | vbGVzK3htbDtxPTEuM | -| | | | DtjaGFyc2V0PXV0Zi0 | -| | | | 4O3ZlcnNpb249Mi4wL | -| | | | HRleHQveG1sO3E9MS4 | -| | | | wO3ZlcnNpb249Mi4w> | -| | | | `__\ application/U | -| | | | serRoles+xml;q=1.0 | -| | | | ;charset=utf-8;ver | -| | | | sion=2.0,text/xml; | -| | | | q=1.0;version=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| NAMESPACE | POST | /authz/ns | Create a Namespace | -| | | | | -| | | | Namespace consists | -| | | | of: | -| | | | | -| | | | - name - What you | -| | | | want to call | -| | | | this Namespace | -| | | | - responsible(s) | -| | | | - Person(s) who | -| | | | receive | -| | | | Notifications | -| | | | and approves | -| | | | Requests | -| | | | | -| | | | regarding this | -| | | | Namespace. | -| | | | Companies have | -| | | | Policies as to | -| | | | who may take on | -| | | | | -| | | | this | -| | | | Responsibility. | -| | | | Separate | -| | | | multiple | -| | | | identities with | -| | | | commas | -| | | | | -| | | | - admin(s) - | -| | | | Person(s) who | -| | | | are allowed to | -| | | | make changes on | -| | | | the namespace, | -| | | | | -| | | | including | -| | | | creating Roles, | -| | | | Permissions and | -| | | | Credentials. | -| | | | Separate | -| | | | multiple | -| | | | | -| | | | identities with | -| | | | commas | -| | | | | -| | | | Note: Namespaces | -| | | | are dot-delimited | -| | | | (i.e. | -| | | | com.myCompany.myAp | -| | | | p) | -| | | | and must be | -| | | | | -| | | | created with | -| | | | parent credentials | -| | | | (i.e. To create | -| | | | com.myCompany.myAp | -| | | | p, | -| | | | you must | -| | | | | -| | | | be an admin of | -| | | | com.myCompany or | -| | | | com | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 201 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 403, 404, 406, 409 | -| | | | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vTnNSZXF | -| | | | 1ZXN0K2pzb247cT0xL | -| | | | jA7Y2hhcnNldD11dGY | -| | | | tODt2ZXJzaW9uPTIuM | -| | | | CxhcHBsaWNhdGlvbi9 | -| | | | qc29uO3E9MS4wO3Zlc | -| | | | nNpb249Mi4wLCovKjt | -| | | | xPTEuMA==>`__\ app | -| | | | lication/NsRequest | -| | | | +json;q=1.0;charse | -| | | | t=utf-8;version=2. | -| | | | 0,application/json | -| | | | ;q=1.0;version=2.0 | -| | | | ,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vTnNSZXF | -| | | | 1ZXN0K3htbDtxPTEuM | -| | | | DtjaGFyc2V0PXV0Zi0 | -| | | | 4O3ZlcnNpb249Mi4wL | -| | | | HRleHQveG1sO3E9MS4 | -| | | | wO3ZlcnNpb249Mi4w> | -| | | | `__\ application/N | -| | | | sRequest+xml;q=1.0 | -| | | | ;charset=utf-8;ver | -| | | | sion=2.0,text/xml; | -| | | | q=1.0;version=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | PUT | /authz/ns | Set a Description | -| | | | for a Namespace | -| | | | | -| | | | Replace the | -| | | | Current | -| | | | Description of a | -| | | | Namespace with a | -| | | | new one | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 403, 404, 406 | -| | | | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vTnNSZXF | -| | | | 1ZXN0K2pzb247cT0xL | -| | | | jA7Y2hhcnNldD11dGY | -| | | | tODt2ZXJzaW9uPTIuM | -| | | | CxhcHBsaWNhdGlvbi9 | -| | | | qc29uO3E9MS4wO3Zlc | -| | | | nNpb249Mi4wLCovKjt | -| | | | xPTEuMA==>`__\ app | -| | | | lication/NsRequest | -| | | | +json;q=1.0;charse | -| | | | t=utf-8;version=2. | -| | | | 0,application/json | -| | | | ;q=1.0;version=2.0 | -| | | | ,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vTnNSZXF | -| | | | 1ZXN0K3htbDtxPTEuM | -| | | | DtjaGFyc2V0PXV0Zi0 | -| | | | 4O3ZlcnNpb249Mi4wL | -| | | | HRleHQveG1sO3E9MS4 | -| | | | wO3ZlcnNpb249Mi4w> | -| | | | `__\ application/N | -| | | | sRequest+xml;q=1.0 | -| | | | ;charset=utf-8;ver | -| | | | sion=2.0,text/xml; | -| | | | q=1.0;version=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | DELETE | /authz/ns/:ns | Delete a Namespace | -| | | | | -| | | | Delete the | -| | | | Namespace :ns. | -| | | | Namespaces cannot | -| | | | normally be | -| | | | deleted when there | -| | | | | -| | | | are still | -| | | | credentials | -| | | | associated with | -| | | | them, but they can | -| | | | be deleted by | -| | | | setting | -| | | | | -| | | | the "force" | -| | | | property. To do | -| | | | this: Add | -| | | | 'force=true' as a | -| | | | query parameter | -| | | | | -| | | | WARNING: Using | -| | | | force will delete | -| | | | all credentials | -| | | | attached to this | -| | | | namespace. Use | -| | | | with care. | -| | | | | -| | | | if the "force" | -| | | | property is set to | -| | | | 'force=move', then | -| | | | Permissions and | -| | | | Roles are not | -| | | | deleted,but are | -| | | | retained, and | -| | | | assigned to the | -| | | | Parent Namespace. | -| | | | 'force=move' is | -| | | | not permitted at | -| | | | or below | -| | | | Application Scope | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | ns : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 403, 404, 424 | -| | | | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVm9pZCt | -| | | | qc29uO3E9MS4wO2NoY | -| | | | XJzZXQ9dXRmLTg7dmV | -| | | | yc2lvbj0yLjAsYXBwb | -| | | | GljYXRpb24vanNvbjt | -| | | | xPTEuMDt2ZXJzaW9uP | -| | | | TIuMCwqLyo7cT0xLjA | -| | | | =>`__\ application | -| | | | /Void+json;q=1.0;c | -| | | | harset=utf-8;versi | -| | | | on=2.0,application | -| | | | /json;q=1.0;versio | -| | | | n=2.0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVm9pZCt | -| | | | 4bWw7cT0xLjA7Y2hhc | -| | | | nNldD11dGYtODt2ZXJ | -| | | | zaW9uPTIuMCx0ZXh0L | -| | | | 3htbDtxPTEuMDt2ZXJ | -| | | | zaW9uPTIuMA==>`__\ | -| | | | application/Void+ | -| | | | xml;q=1.0;charset= | -| | | | utf-8;version=2.0, | -| | | | text/xml;q=1.0;ver | -| | | | sion=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | POST | /authz/ns/:ns/admi | Add an Admin to a | -| | | n/:id | Namespace | -| | | | | -| | | | Add an Identity | -| | | | :id to the list of | -| | | | Admins for the | -| | | | Namespace :ns | -| | | | | -| | | | Note: :id must be | -| | | | fully qualified | -| | | | | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | ns : string | -| | | | (Required) | -| | | | | -| | | | id : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 201 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 403, 404, 406, 409 | -| | | | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVm9pZCt | -| | | | qc29uO3E9MS4wO2NoY | -| | | | XJzZXQ9dXRmLTg7dmV | -| | | | yc2lvbj0yLjAsYXBwb | -| | | | GljYXRpb24vanNvbjt | -| | | | xPTEuMDt2ZXJzaW9uP | -| | | | TIuMCwqLyo7cT0xLjA | -| | | | =>`__\ application | -| | | | /Void+json;q=1.0;c | -| | | | harset=utf-8;versi | -| | | | on=2.0,application | -| | | | /json;q=1.0;versio | -| | | | n=2.0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVm9pZCt | -| | | | 4bWw7cT0xLjA7Y2hhc | -| | | | nNldD11dGYtODt2ZXJ | -| | | | zaW9uPTIuMCx0ZXh0L | -| | | | 3htbDtxPTEuMDt2ZXJ | -| | | | zaW9uPTIuMA==>`__\ | -| | | | application/Void+ | -| | | | xml;q=1.0;charset= | -| | | | utf-8;version=2.0, | -| | | | text/xml;q=1.0;ver | -| | | | sion=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | DELETE | /authz/ns/:ns/admi | Remove an Admin | -| | | n/:id | from a Namespace | -| | | | | -| | | | Remove an Identity | -| | | | :id from the list | -| | | | of Admins for the | -| | | | Namespace :ns | -| | | | | -| | | | Note: :id must be | -| | | | fully qualified | -| | | | | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | ns : string | -| | | | (Required) | -| | | | | -| | | | id : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 403, 404 | -| | | | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVm9pZCt | -| | | | qc29uO3E9MS4wO2NoY | -| | | | XJzZXQ9dXRmLTg7dmV | -| | | | yc2lvbj0yLjAsYXBwb | -| | | | GljYXRpb24vanNvbjt | -| | | | xPTEuMDt2ZXJzaW9uP | -| | | | TIuMCwqLyo7cT0xLjA | -| | | | =>`__\ application | -| | | | /Void+json;q=1.0;c | -| | | | harset=utf-8;versi | -| | | | on=2.0,application | -| | | | /json;q=1.0;versio | -| | | | n=2.0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVm9pZCt | -| | | | 4bWw7cT0xLjA7Y2hhc | -| | | | nNldD11dGYtODt2ZXJ | -| | | | zaW9uPTIuMCx0ZXh0L | -| | | | 3htbDtxPTEuMDt2ZXJ | -| | | | zaW9uPTIuMA==>`__\ | -| | | | application/Void+ | -| | | | xml;q=1.0;charset= | -| | | | utf-8;version=2.0, | -| | | | text/xml;q=1.0;ver | -| | | | sion=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | DELETE | /authz/ns/:ns/attr | delete an | -| | | ib/:key | Attribute from a | -| | | | Namespace | -| | | | | -| | | | Delete an | -| | | | attribute in the | -| | | | Namespace | -| | | | | -| | | | You must be given | -| | | | direct permission | -| | | | for key by AAF | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | ns : string | -| | | | (Required) | -| | | | | -| | | | key : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 403, 404 | -| | | | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVm9pZCt | -| | | | qc29uO3E9MS4wO2NoY | -| | | | XJzZXQ9dXRmLTg7dmV | -| | | | yc2lvbj0yLjAsYXBwb | -| | | | GljYXRpb24vanNvbjt | -| | | | xPTEuMDt2ZXJzaW9uP | -| | | | TIuMCwqLyo7cT0xLjA | -| | | | =>`__\ application | -| | | | /Void+json;q=1.0;c | -| | | | harset=utf-8;versi | -| | | | on=2.0,application | -| | | | /json;q=1.0;versio | -| | | | n=2.0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVm9pZCt | -| | | | 4bWw7cT0xLjA7Y2hhc | -| | | | nNldD11dGYtODt2ZXJ | -| | | | zaW9uPTIuMCx0ZXh0L | -| | | | 3htbDtxPTEuMDt2ZXJ | -| | | | zaW9uPTIuMA==>`__\ | -| | | | application/Void+ | -| | | | xml;q=1.0;charset= | -| | | | utf-8;version=2.0, | -| | | | text/xml;q=1.0;ver | -| | | | sion=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | POST | /authz/ns/:ns/attr | Add an Attribute | -| | | ib/:key/:value | from a Namespace | -| | | | | -| | | | Create an | -| | | | attribute in the | -| | | | Namespace | -| | | | | -| | | | You must be given | -| | | | direct permission | -| | | | for key by AAF | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | ns : string | -| | | | (Required) | -| | | | | -| | | | key : string | -| | | | (Required) | -| | | | | -| | | | value : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 201 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 403, 404, 406, 409 | -| | | | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVm9pZCt | -| | | | qc29uO3E9MS4wO2NoY | -| | | | XJzZXQ9dXRmLTg7dmV | -| | | | yc2lvbj0yLjAsYXBwb | -| | | | GljYXRpb24vanNvbjt | -| | | | xPTEuMDt2ZXJzaW9uP | -| | | | TIuMCwqLyo7cT0xLjA | -| | | | =>`__\ application | -| | | | /Void+json;q=1.0;c | -| | | | harset=utf-8;versi | -| | | | on=2.0,application | -| | | | /json;q=1.0;versio | -| | | | n=2.0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVm9pZCt | -| | | | 4bWw7cT0xLjA7Y2hhc | -| | | | nNldD11dGYtODt2ZXJ | -| | | | zaW9uPTIuMCx0ZXh0L | -| | | | 3htbDtxPTEuMDt2ZXJ | -| | | | zaW9uPTIuMA==>`__\ | -| | | | application/Void+ | -| | | | xml;q=1.0;charset= | -| | | | utf-8;version=2.0, | -| | | | text/xml;q=1.0;ver | -| | | | sion=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | PUT | /authz/ns/:ns/attr | update an | -| | | ib/:key/:value | Attribute from a | -| | | | Namespace | -| | | | | -| | | | Update Value on an | -| | | | existing attribute | -| | | | in the Namespace | -| | | | | -| | | | You must be given | -| | | | direct permission | -| | | | for key by AAF | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | ns : string | -| | | | (Required) | -| | | | | -| | | | key : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 403, 404 | -| | | | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVm9pZCt | -| | | | qc29uO3E9MS4wO2NoY | -| | | | XJzZXQ9dXRmLTg7dmV | -| | | | yc2lvbj0yLjAsYXBwb | -| | | | GljYXRpb24vanNvbjt | -| | | | xPTEuMDt2ZXJzaW9uP | -| | | | TIuMCwqLyo7cT0xLjA | -| | | | =>`__\ application | -| | | | /Void+json;q=1.0;c | -| | | | harset=utf-8;versi | -| | | | on=2.0,application | -| | | | /json;q=1.0;versio | -| | | | n=2.0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVm9pZCt | -| | | | 4bWw7cT0xLjA7Y2hhc | -| | | | nNldD11dGYtODt2ZXJ | -| | | | zaW9uPTIuMCx0ZXh0L | -| | | | 3htbDtxPTEuMDt2ZXJ | -| | | | zaW9uPTIuMA==>`__\ | -| | | | application/Void+ | -| | | | xml;q=1.0;charset= | -| | | | utf-8;version=2.0, | -| | | | text/xml;q=1.0;ver | -| | | | sion=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | POST | /authz/ns/:ns/resp | Add a Responsible | -| | | onsible/:id | Identity to a | -| | | | Namespace | -| | | | | -| | | | Add an Identity | -| | | | :id to the list of | -| | | | Responsibles for | -| | | | the Namespace :ns | -| | | | | -| | | | Note: :id must be | -| | | | fully qualified | -| | | | | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | ns : string | -| | | | (Required) | -| | | | | -| | | | id : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 201 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 403, 404, 406, 409 | -| | | | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVm9pZCt | -| | | | qc29uO3E9MS4wO2NoY | -| | | | XJzZXQ9dXRmLTg7dmV | -| | | | yc2lvbj0yLjAsYXBwb | -| | | | GljYXRpb24vanNvbjt | -| | | | xPTEuMDt2ZXJzaW9uP | -| | | | TIuMCwqLyo7cT0xLjA | -| | | | =>`__\ application | -| | | | /Void+json;q=1.0;c | -| | | | harset=utf-8;versi | -| | | | on=2.0,application | -| | | | /json;q=1.0;versio | -| | | | n=2.0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVm9pZCt | -| | | | 4bWw7cT0xLjA7Y2hhc | -| | | | nNldD11dGYtODt2ZXJ | -| | | | zaW9uPTIuMCx0ZXh0L | -| | | | 3htbDtxPTEuMDt2ZXJ | -| | | | zaW9uPTIuMA==>`__\ | -| | | | application/Void+ | -| | | | xml;q=1.0;charset= | -| | | | utf-8;version=2.0, | -| | | | text/xml;q=1.0;ver | -| | | | sion=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | DELETE | /authz/ns/:ns/resp | Remove a | -| | | onsible/:id | Responsible | -| | | | Identity from | -| | | | Namespace | -| | | | | -| | | | Remove an Identity | -| | | | :id to the list of | -| | | | Responsibles for | -| | | | the Namespace :ns | -| | | | | -| | | | Note: :id must be | -| | | | fully qualified | -| | | | | -| | | | | -| | | | Note: A namespace | -| | | | must have at least | -| | | | 1 responsible | -| | | | party | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | ns : string | -| | | | (Required) | -| | | | | -| | | | id : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 403, 404 | -| | | | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVm9pZCt | -| | | | qc29uO3E9MS4wO2NoY | -| | | | XJzZXQ9dXRmLTg7dmV | -| | | | yc2lvbj0yLjAsYXBwb | -| | | | GljYXRpb24vanNvbjt | -| | | | xPTEuMDt2ZXJzaW9uP | -| | | | TIuMCwqLyo7cT0xLjA | -| | | | =>`__\ application | -| | | | /Void+json;q=1.0;c | -| | | | harset=utf-8;versi | -| | | | on=2.0,application | -| | | | /json;q=1.0;versio | -| | | | n=2.0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVm9pZCt | -| | | | 4bWw7cT0xLjA7Y2hhc | -| | | | nNldD11dGYtODt2ZXJ | -| | | | zaW9uPTIuMCx0ZXh0L | -| | | | 3htbDtxPTEuMDt2ZXJ | -| | | | zaW9uPTIuMA==>`__\ | -| | | | application/Void+ | -| | | | xml;q=1.0;charset= | -| | | | utf-8;version=2.0, | -| | | | text/xml;q=1.0;ver | -| | | | sion=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | GET | /authz/ns/attrib/: | get Ns Key List | -| | | key | From Attribute | -| | | | | -| | | | Read Attributes | -| | | | for Namespace | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | key : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 403, 404 | -| | | | | -| | | | Accept: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vS2V5cyt | -| | | | qc29uO3E9MS4wO2NoY | -| | | | XJzZXQ9dXRmLTg7dmV | -| | | | yc2lvbj0yLjAsYXBwb | -| | | | GljYXRpb24vanNvbjt | -| | | | xPTEuMDt2ZXJzaW9uP | -| | | | TIuMCwqLyo7cT0xLjA | -| | | | =>`__\ application | -| | | | /Keys+json;q=1.0;c | -| | | | harset=utf-8;versi | -| | | | on=2.0,application | -| | | | /json;q=1.0;versio | -| | | | n=2.0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vS2V5cyt | -| | | | 4bWw7cT0xLjA7Y2hhc | -| | | | nNldD11dGYtODt2ZXJ | -| | | | zaW9uPTIuMCx0ZXh0L | -| | | | 3htbDtxPTEuMDt2ZXJ | -| | | | zaW9uPTIuMA==>`__\ | -| | | | application/Keys+ | -| | | | xml;q=1.0;charset= | -| | | | utf-8;version=2.0, | -| | | | text/xml;q=1.0;ver | -| | | | sion=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | GET | /authz/nss/:id | Return Information | -| | | | about Namespaces | -| | | | | -| | | | Lists the | -| | | | Admin(s), | -| | | | Responsible | -| | | | Party(s), Role(s), | -| | | | Permission(s) | -| | | | | -| | | | Credential(s) and | -| | | | Expiration of | -| | | | Credential(s) in | -| | | | Namespace :id | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | id : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 404, 406 | -| | | | | -| | | | Accept: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vTnNzK2p | -| | | | zb247cT0xLjA7Y2hhc | -| | | | nNldD11dGYtODt2ZXJ | -| | | | zaW9uPTIuMCxhcHBsa | -| | | | WNhdGlvbi9qc29uO3E | -| | | | 9MS4wO3ZlcnNpb249M | -| | | | i4wLCovKjtxPTEuMA= | -| | | | =>`__\ application | -| | | | /Nss+json;q=1.0;ch | -| | | | arset=utf-8;versio | -| | | | n=2.0,application/ | -| | | | json;q=1.0;version | -| | | | =2.0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vTnNzK3h | -| | | | tbDtxPTEuMDtjaGFyc | -| | | | 2V0PXV0Zi04O3ZlcnN | -| | | | pb249Mi4wLHRleHQve | -| | | | G1sO3E9MS4wO3ZlcnN | -| | | | pb249Mi4w>`__\ app | -| | | | lication/Nss+xml;q | -| | | | =1.0;charset=utf-8 | -| | | | ;version=2.0,text/ | -| | | | xml;q=1.0;version= | -| | | | 2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | GET | /authz/nss/admin/: | Return Namespaces | -| | | user | where User is an | -| | | | Admin | -| | | | | -| | | | Accept: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vTnNzK2p | -| | | | zb247cT0xLjA7Y2hhc | -| | | | nNldD11dGYtODt2ZXJ | -| | | | zaW9uPTIuMCxhcHBsa | -| | | | WNhdGlvbi9qc29uO3E | -| | | | 9MS4wO3ZlcnNpb249M | -| | | | i4wLCovKjtxPTEuMA= | -| | | | =>`__\ application | -| | | | /Nss+json;q=1.0;ch | -| | | | arset=utf-8;versio | -| | | | n=2.0,application/ | -| | | | json;q=1.0;version | -| | | | =2.0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vTnNzK3h | -| | | | tbDtxPTEuMDtjaGFyc | -| | | | 2V0PXV0Zi04O3ZlcnN | -| | | | pb249Mi4wLHRleHQve | -| | | | G1sO3E9MS4wO3ZlcnN | -| | | | pb249Mi4w>`__\ app | -| | | | lication/Nss+xml;q | -| | | | =1.0;charset=utf-8 | -| | | | ;version=2.0,text/ | -| | | | xml;q=1.0;version= | -| | | | 2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | GET | /authz/nss/childre | Return Child | -| | | n/:id | Namespaces | -| | | | | -| | | | Lists all Child | -| | | | Namespaces of | -| | | | Namespace :id | -| | | | | -| | | | Note: This is not | -| | | | a cached read | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | id : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 403, 404 | -| | | | | -| | | | Accept: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vTnNzK2p | -| | | | zb247cT0xLjA7Y2hhc | -| | | | nNldD11dGYtODt2ZXJ | -| | | | zaW9uPTIuMCxhcHBsa | -| | | | WNhdGlvbi9qc29uO3E | -| | | | 9MS4wO3ZlcnNpb249M | -| | | | i4wLCovKjtxPTEuMA= | -| | | | =>`__\ application | -| | | | /Nss+json;q=1.0;ch | -| | | | arset=utf-8;versio | -| | | | n=2.0,application/ | -| | | | json;q=1.0;version | -| | | | =2.0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vTnNzK3h | -| | | | tbDtxPTEuMDtjaGFyc | -| | | | 2V0PXV0Zi04O3ZlcnN | -| | | | pb249Mi4wLHRleHQve | -| | | | G1sO3E9MS4wO3ZlcnN | -| | | | pb249Mi4w>`__\ app | -| | | | lication/Nss+xml;q | -| | | | =1.0;charset=utf-8 | -| | | | ;version=2.0,text/ | -| | | | xml;q=1.0;version= | -| | | | 2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | GET | /authz/nss/either/ | Return Namespaces | -| | | :user | where User Admin | -| | | | or Owner | -| | | | | -| | | | Accept: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vTnNzK2p | -| | | | zb247cT0xLjA7Y2hhc | -| | | | nNldD11dGYtODt2ZXJ | -| | | | zaW9uPTIuMCxhcHBsa | -| | | | WNhdGlvbi9qc29uO3E | -| | | | 9MS4wO3ZlcnNpb249M | -| | | | i4wLCovKjtxPTAuOA= | -| | | | =>`__\ application | -| | | | /Nss+json;q=1.0;ch | -| | | | arset=utf-8;versio | -| | | | n=2.0,application/ | -| | | | json;q=1.0;version | -| | | | =2.0,\*/\*;q=0.8 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vTnNzK3h | -| | | | tbDtxPTEuMDtjaGFyc | -| | | | 2V0PXV0Zi04O3ZlcnN | -| | | | pb249Mi4wLHRleHQve | -| | | | G1sO3E9MS4wO3ZlcnN | -| | | | pb249Mi4w>`__\ app | -| | | | lication/Nss+xml;q | -| | | | =1.0;charset=utf-8 | -| | | | ;version=2.0,text/ | -| | | | xml;q=1.0;version= | -| | | | 2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | GET | /authz/nss/respons | Return Namespaces | -| | | ible/:user | where User is | -| | | | Responsible | -| | | | | -| | | | Accept: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vTnNzK2p | -| | | | zb247cT0xLjA7Y2hhc | -| | | | nNldD11dGYtODt2ZXJ | -| | | | zaW9uPTIuMCxhcHBsa | -| | | | WNhdGlvbi9qc29uO3E | -| | | | 9MS4wO3ZlcnNpb249M | -| | | | i4wLCovKjtxPTEuMA= | -| | | | =>`__\ application | -| | | | /Nss+json;q=1.0;ch | -| | | | arset=utf-8;versio | -| | | | n=2.0,application/ | -| | | | json;q=1.0;version | -| | | | =2.0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vTnNzK3h | -| | | | tbDtxPTEuMDtjaGFyc | -| | | | 2V0PXV0Zi04O3ZlcnN | -| | | | pb249Mi4wLHRleHQve | -| | | | G1sO3E9MS4wO3ZlcnN | -| | | | pb249Mi4w>`__\ app | -| | | | lication/Nss+xml;q | -| | | | =1.0;charset=utf-8 | -| | | | ;version=2.0,text/ | -| | | | xml;q=1.0;version= | -| | | | 2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| USER | GET | /authn/basicAuth | Is given BasicAuth | -| | | | valid? | -| | | | | -| | | | !!!! DEPRECATED | -| | | | without X509 | -| | | | Authentication | -| | | | STOP USING THIS | -| | | | API BY DECEMBER | -| | | | 2017, or use | -| | | | Certificates !!!! | -| | | | Use | -| | | | /authn/validate | -| | | | instead Note: | -| | | | Validate a | -| | | | Password using | -| | | | BasicAuth Base64 | -| | | | encoded Header. | -| | | | This HTTP/S call | -| | | | is intended as a | -| | | | fast User/Password | -| | | | lookup for | -| | | | Security | -| | | | Frameworks, and | -| | | | responds 200 if it | -| | | | passes BasicAuth | -| | | | security, and 403 | -| | | | if it does not. | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 403 | -| | | | | -| | | | Accept: | -| | | | | -| | | | text/plain | -+--------------------+--------------------+--------------------+--------------------+ -| | POST | /authn/validate | Is given | -| | | | Credential valid? | -| | | | | -| | | | Validate a | -| | | | Credential given a | -| | | | Credential | -| | | | Structure. This is | -| | | | a more | -| | | | comprehensive | -| | | | validation, can do | -| | | | more than | -| | | | BasicAuth as | -| | | | Credential types | -| | | | exp | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 403 | -| | | | | -| | | | ContentType: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vQ3JlZFJ | -| | | | lcXVlc3QranNvbjtxP | -| | | | TEuMDtjaGFyc2V0PXV | -| | | | 0Zi04O3ZlcnNpb249M | -| | | | i4wLGFwcGxpY2F0aW9 | -| | | | uL2pzb247cT0xLjA7d | -| | | | mVyc2lvbj0yLjAsKi8 | -| | | | qO3E9MS4w>`__\ app | -| | | | lication/CredReque | -| | | | st+json;q=1.0;char | -| | | | set=utf-8;version= | -| | | | 2.0,application/js | -| | | | on;q=1.0;version=2 | -| | | | .0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vQ3JlZFJ | -| | | | lcXVlc3QreG1sO3E9M | -| | | | S4wO2NoYXJzZXQ9dXR | -| | | | mLTg7dmVyc2lvbj0yL | -| | | | jAsdGV4dC94bWw7cT0 | -| | | | xLjA7dmVyc2lvbj0yL | -| | | | jA=>`__\ applicati | -| | | | on/CredRequest+xml | -| | | | ;q=1.0;charset=utf | -| | | | -8;version=2.0,tex | -| | | | t/xml;q=1.0;versio | -| | | | n=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | GET | /authz/users/:user | Get if User is In | -| | | /:role | Role | -| | | | | -| | | | Accept: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVXNlcnM | -| | | | ranNvbjtxPTEuMDtja | -| | | | GFyc2V0PXV0Zi04O3Z | -| | | | lcnNpb249Mi4wLGFwc | -| | | | GxpY2F0aW9uL2pzb24 | -| | | | 7cT0xLjA7dmVyc2lvb | -| | | | j0yLjAsKi8qO3E9MS4 | -| | | | w>`__\ application | -| | | | /Users+json;q=1.0; | -| | | | charset=utf-8;vers | -| | | | ion=2.0,applicatio | -| | | | n/json;q=1.0;versi | -| | | | on=2.0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVXNlcnM | -| | | | reG1sO3E9MS4wO2NoY | -| | | | XJzZXQ9dXRmLTg7dmV | -| | | | yc2lvbj0yLjAsdGV4d | -| | | | C94bWw7cT0xLjA7dmV | -| | | | yc2lvbj0yLjA=>`__\ | -| | | | application/Users | -| | | | +xml;q=1.0;charset | -| | | | =utf-8;version=2.0 | -| | | | ,text/xml;q=1.0;ve | -| | | | rsion=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | GET | /authz/users/perm/ | Get Users By | -| | | :type/:instance/:a | Permission | -| | | ction | | -| | | | List all Users | -| | | | that have | -| | | | Permission | -| | | | specified by :type | -| | | | :instance :action | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | type : string | -| | | | (Required) | -| | | | | -| | | | instance : string | -| | | | (Required) | -| | | | | -| | | | action : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 404, 406 | -| | | | | -| | | | Accept: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVXNlcnM | -| | | | ranNvbjtxPTEuMDtja | -| | | | GFyc2V0PXV0Zi04O3Z | -| | | | lcnNpb249Mi4wLGFwc | -| | | | GxpY2F0aW9uL2pzb24 | -| | | | 7cT0xLjA7dmVyc2lvb | -| | | | j0yLjAsKi8qO3E9MS4 | -| | | | w>`__\ application | -| | | | /Users+json;q=1.0; | -| | | | charset=utf-8;vers | -| | | | ion=2.0,applicatio | -| | | | n/json;q=1.0;versi | -| | | | on=2.0,\*/\*;q=1.0 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVXNlcnM | -| | | | reG1sO3E9MS4wO2NoY | -| | | | XJzZXQ9dXRmLTg7dmV | -| | | | yc2lvbj0yLjAsdGV4d | -| | | | C94bWw7cT0xLjA7dmV | -| | | | yc2lvbj0yLjA=>`__\ | -| | | | application/Users | -| | | | +xml;q=1.0;charset | -| | | | =utf-8;version=2.0 | -| | | | ,text/xml;q=1.0;ve | -| | | | rsion=2.0 | -+--------------------+--------------------+--------------------+--------------------+ -| | GET | /authz/users/role/ | Get Users By Role | -| | | :role | | -| | | | Returns the User | -| | | | (with Expiration | -| | | | date from listed | -| | | | User/Role) if it | -| | | | exists | -| | | | | -| | | | -------------- | -| | | | | -| | | | Parameters | -| | | | | -| | | | user : string | -| | | | (Required) | -| | | | | -| | | | role : string | -| | | | (Required) | -| | | | | -| | | | Expected HTTP Code | -| | | | | -| | | | 200 | -| | | | | -| | | | Explicit HTTP | -| | | | Error Codes | -| | | | | -| | | | 403, 404, 406 | -| | | | | -| | | | Accept: | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVXNlcnM | -| | | | ranNvbjtxPTEuMDtja | -| | | | GFyc2V0PXV0Zi04O3Z | -| | | | lcnNpb249Mi4wLGFwc | -| | | | GxpY2F0aW9uL2pzb24 | -| | | | 7cT0xLjA7dmVyc2lvb | -| | | | j0yLjAsKi8qO3E9MC4 | -| | | | y>`__\ application | -| | | | /Users+json;q=1.0; | -| | | | charset=utf-8;vers | -| | | | ion=2.0,applicatio | -| | | | n/json;q=1.0;versi | -| | | | on=2.0,\*/\*;q=0.2 | -| | | | | -| | | | ` <./example/YXBwb | -| | | | GljYXRpb24vVXNlcnM | -| | | | reG1sO3E9MS4wO2NoY | -| | | | XJzZXQ9dXRmLTg7dmV | -| | | | yc2lvbj0yLjAsdGV4d | -| | | | C94bWw7cT0xLjA7dmV | -| | | | yc2lvbj0yLjA=>`__\ | -| | | | application/Users | -| | | | +xml;q=1.0;charset | -| | | | =utf-8;version=2.0 | -| | | | ,text/xml;q=1.0;ve | -| | | | rsion=2.0 | -+--------------------+--------------------+--------------------+--------------------+ - diff --git a/docs/AAF-API-Documentation/AAF-API-Documentation.rst b/docs/AAF-API-Documentation/AAF-API-Documentation.rst new file mode 100644 index 00000000..05d516ec --- /dev/null +++ b/docs/AAF-API-Documentation/AAF-API-Documentation.rst @@ -0,0 +1,3206 @@ +AT&T Auth Tool +============== + +-------------- + +AAF 2.0 RESTful interface +========================= + +-------------- + +Accessing RESTful +----------------- + +AAF RESTful service is secured by the following: + +The Client must utilize HTTP/S. Non Secure HTTP is not acceptable + +The Client MUST supply an Identity validated by one of the following mechanisms + +- Valid Global Login Cookie (CSP) +- BASIC AUTH protocol using CSO Registered MechID, provisioned in AAF +- (Near Future) Application level Certificate & oAuth + +Responses + +Each API Entity listed shows what structure will be accepted by service (ContentType) or responded with by service (Accept). Therefore, use these in making your call. Critical for PUT/POST. + +Each API call may respond with JSON or XML. Choose the ContentType/Accept that has +json after the type for JSON or +xml after the Type for XML + +XSDs for Versions + + +AAF can support multiple Versions of the API. Choose the ContentType/Accept that has the appropriate version=?.? + + +Character Restrictions + +- Character Restrictions must depend on the Enforcement Point used +- Most AAF usage will be AAF Enforcement Point Characters for Instance and Action are: + *a-zA-Z0-9,.()\_-=%* + For Instance, you may declare a multi-dimensional key with : (colon) separator, example: + +Ask for a Consultation on how these are typically used, or, if your tool is the only Enforcement Point, if set may be expanded + ++--------------------+--------------------+--------------------+--------------------+ +| Entity | Method | Path Info | Description | ++====================+====================+====================+====================+ +| PERMISSION | POST | /authz/perm | Create a | +| | | | Permission | +| | | | | +| | | | Permission | +| | | | consists of: | +| | | | | +| | | | - type - a | +| | | | Namespace | +| | | | qualified | +| | | | identifier | +| | | | specifying what | +| | | | kind of | +| | | | resource is | +| | | | being protected | +| | | | - instance - a | +| | | | key, possibly | +| | | | multi-dimension | +| | | | al, | +| | | | that identifies | +| | | | a specific | +| | | | instance of the | +| | | | type | +| | | | - action - what | +| | | | kind of action | +| | | | is allowed | +| | | | | +| | | | Note: instance and | +| | | | action can be an | +| | | | \* | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 201 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 403, 404, 406, 409 | +| | | | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUGVybVJ | +| | | | lcXVlc3QranNvbjtxP | +| | | | TEuMDtjaGFyc2V0PXV | +| | | | 0Zi04O3ZlcnNpb249M | +| | | | i4wLGFwcGxpY2F0aW9 | +| | | | uL2pzb247cT0xLjA7d | +| | | | mVyc2lvbj0yLjAsKi8 | +| | | | qO3E9MS4w>`__\ app | +| | | | lication/PermReque | +| | | | st+json;q=1.0;char | +| | | | set=utf-8;version= | +| | | | 2.0,application/js | +| | | | on;q=1.0;version=2 | +| | | | .0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUGVybVJ | +| | | | lcXVlc3QreG1sO3E9M | +| | | | S4wO2NoYXJzZXQ9dXR | +| | | | mLTg7dmVyc2lvbj0yL | +| | | | jAsdGV4dC94bWw7cT0 | +| | | | xLjA7dmVyc2lvbj0yL | +| | | | jA=>`__\ applicati | +| | | | on/PermRequest+xml | +| | | | ;q=1.0;charset=utf | +| | | | -8;version=2.0,tex | +| | | | t/xml;q=1.0;versio | +| | | | n=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | PUT | /authz/perm | Set Description | +| | | | for Permission | +| | | | | +| | | | Add Description | +| | | | Data to Perm | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 404, 406 | +| | | | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUGVybVJ | +| | | | lcXVlc3QranNvbjtxP | +| | | | TEuMDtjaGFyc2V0PXV | +| | | | 0Zi04O3ZlcnNpb249M | +| | | | i4wLGFwcGxpY2F0aW9 | +| | | | uL2pzb247cT0xLjA7d | +| | | | mVyc2lvbj0yLjAsKi8 | +| | | | qO3E9MS4w>`__\ app | +| | | | lication/PermReque | +| | | | st+json;q=1.0;char | +| | | | set=utf-8;version= | +| | | | 2.0,application/js | +| | | | on;q=1.0;version=2 | +| | | | .0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUGVybVJ | +| | | | lcXVlc3QreG1sO3E9M | +| | | | S4wO2NoYXJzZXQ9dXR | +| | | | mLTg7dmVyc2lvbj0yL | +| | | | jAsdGV4dC94bWw7cT0 | +| | | | xLjA7dmVyc2lvbj0yL | +| | | | jA=>`__\ applicati | +| | | | on/PermRequest+xml | +| | | | ;q=1.0;charset=utf | +| | | | -8;version=2.0,tex | +| | | | t/xml;q=1.0;versio | +| | | | n=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | DELETE | /authz/perm | Delete a | +| | | | Permission | +| | | | | +| | | | Delete the | +| | | | Permission | +| | | | referenced by | +| | | | PermKey. | +| | | | | +| | | | You cannot | +| | | | normally delete a | +| | | | permission which | +| | | | is still granted | +| | | | to roles, | +| | | | | +| | | | however the | +| | | | "force" property | +| | | | allows you to do | +| | | | just that. To do | +| | | | this: Add | +| | | | | +| | | | 'force=true' as a | +| | | | query parameter. | +| | | | | +| | | | WARNING: Using | +| | | | force will ungrant | +| | | | this permission | +| | | | from all roles. | +| | | | Use with care. | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 404, 406 | +| | | | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUGVybVJ | +| | | | lcXVlc3QranNvbjtxP | +| | | | TEuMDtjaGFyc2V0PXV | +| | | | 0Zi04O3ZlcnNpb249M | +| | | | i4wLGFwcGxpY2F0aW9 | +| | | | uL2pzb247cT0xLjA7d | +| | | | mVyc2lvbj0yLjAsKi8 | +| | | | qO3E9MS4w>`__\ app | +| | | | lication/PermReque | +| | | | st+json;q=1.0;char | +| | | | set=utf-8;version= | +| | | | 2.0,application/js | +| | | | on;q=1.0;version=2 | +| | | | .0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUGVybVJ | +| | | | lcXVlc3QreG1sO3E9M | +| | | | S4wO2NoYXJzZXQ9dXR | +| | | | mLTg7dmVyc2lvbj0yL | +| | | | jAsdGV4dC94bWw7cT0 | +| | | | xLjA7dmVyc2lvbj0yL | +| | | | jA=>`__\ applicati | +| | | | on/PermRequest+xml | +| | | | ;q=1.0;charset=utf | +| | | | -8;version=2.0,tex | +| | | | t/xml;q=1.0;versio | +| | | | n=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | DELETE | /authz/perm/:name/ | Delete a | +| | | :type/:action | Permission | +| | | | | +| | | | Delete the | +| | | | Permission | +| | | | referenced by | +| | | | :type :instance | +| | | | :action | +| | | | | +| | | | You cannot | +| | | | normally delete a | +| | | | permission which | +| | | | is still granted | +| | | | to roles, | +| | | | | +| | | | however the | +| | | | "force" property | +| | | | allows you to do | +| | | | just that. To do | +| | | | this: Add | +| | | | | +| | | | 'force=true' as a | +| | | | query parameter | +| | | | | +| | | | WARNING: Using | +| | | | force will ungrant | +| | | | this permission | +| | | | from all roles. | +| | | | Use with care. | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | type : string | +| | | | (Required) | +| | | | | +| | | | instance : string | +| | | | (Required) | +| | | | | +| | | | action : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 404, 406 | +| | | | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUGVybUt | +| | | | leStqc29uO3E9MS4wO | +| | | | 2NoYXJzZXQ9dXRmLTg | +| | | | 7dmVyc2lvbj0yLjAsY | +| | | | XBwbGljYXRpb24vanN | +| | | | vbjtxPTEuMDt2ZXJza | +| | | | W9uPTIuMCwqLyo7cT0 | +| | | | xLjA=>`__\ applica | +| | | | tion/PermKey+json; | +| | | | q=1.0;charset=utf- | +| | | | 8;version=2.0,appl | +| | | | ication/json;q=1.0 | +| | | | ;version=2.0,\*/\* | +| | | | ;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUGVybUt | +| | | | leSt4bWw7cT0xLjA7Y | +| | | | 2hhcnNldD11dGYtODt | +| | | | 2ZXJzaW9uPTIuMCx0Z | +| | | | Xh0L3htbDtxPTEuMDt | +| | | | 2ZXJzaW9uPTIuMA==> | +| | | | `__\ application/P | +| | | | ermKey+xml;q=1.0;c | +| | | | harset=utf-8;versi | +| | | | on=2.0,text/xml;q= | +| | | | 1.0;version=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | PUT | /authz/perm/:type/ | Update a | +| | | :instance/:action | Permission | +| | | | | +| | | | Rename the | +| | | | Permission | +| | | | referenced by | +| | | | :type :instance | +| | | | :action, and | +| | | | rename | +| | | | (copy/delete) to | +| | | | the Permission | +| | | | described in | +| | | | PermRequest | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | type : string | +| | | | (Required) | +| | | | | +| | | | instance : string | +| | | | (Required) | +| | | | | +| | | | action : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 404, 406, 409 | +| | | | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUGVybVJ | +| | | | lcXVlc3QranNvbjtxP | +| | | | TEuMDtjaGFyc2V0PXV | +| | | | 0Zi04O3ZlcnNpb249M | +| | | | i4wLGFwcGxpY2F0aW9 | +| | | | uL2pzb247cT0xLjA7d | +| | | | mVyc2lvbj0yLjAsKi8 | +| | | | qO3E9MS4w>`__\ app | +| | | | lication/PermReque | +| | | | st+json;q=1.0;char | +| | | | set=utf-8;version= | +| | | | 2.0,application/js | +| | | | on;q=1.0;version=2 | +| | | | .0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUGVybVJ | +| | | | lcXVlc3QreG1sO3E9M | +| | | | S4wO2NoYXJzZXQ9dXR | +| | | | mLTg7dmVyc2lvbj0yL | +| | | | jAsdGV4dC94bWw7cT0 | +| | | | xLjA7dmVyc2lvbj0yL | +| | | | jA=>`__\ applicati | +| | | | on/PermRequest+xml | +| | | | ;q=1.0;charset=utf | +| | | | -8;version=2.0,tex | +| | | | t/xml;q=1.0;versio | +| | | | n=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | GET | /authz/perms/:type | Get Permissions by | +| | | | Type | +| | | | | +| | | | List All | +| | | | Permissions that | +| | | | match the :type | +| | | | element of the key | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | type : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 404, 406 | +| | | | | +| | | | Accept: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUGVybXM | +| | | | ranNvbjtxPTEuMDtja | +| | | | GFyc2V0PXV0Zi04O3Z | +| | | | lcnNpb249Mi4wLGFwc | +| | | | GxpY2F0aW9uL2pzb24 | +| | | | 7cT0xLjA7dmVyc2lvb | +| | | | j0yLjAsKi8qO3E9MS4 | +| | | | w>`__\ application | +| | | | /Perms+json;q=1.0; | +| | | | charset=utf-8;vers | +| | | | ion=2.0,applicatio | +| | | | n/json;q=1.0;versi | +| | | | on=2.0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUGVybXM | +| | | | reG1sO3E9MS4wO2NoY | +| | | | XJzZXQ9dXRmLTg7dmV | +| | | | yc2lvbj0yLjAsdGV4d | +| | | | C94bWw7cT0xLjA7dmV | +| | | | yc2lvbj0yLjA=>`__\ | +| | | | application/Perms | +| | | | +xml;q=1.0;charset | +| | | | =utf-8;version=2.0 | +| | | | ,text/xml;q=1.0;ve | +| | | | rsion=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | GET | /authz/perms/:type | Get Permissions by | +| | | /:instance/:action | Key | +| | | | | +| | | | List Permissions | +| | | | that match key; | +| | | | :type, :instance | +| | | | and :action | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | type : string | +| | | | (Required) | +| | | | | +| | | | instance : string | +| | | | (Required) | +| | | | | +| | | | action : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 404, 406 | +| | | | | +| | | | Accept: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUGVybXM | +| | | | ranNvbjtxPTEuMDtja | +| | | | GFyc2V0PXV0Zi04O3Z | +| | | | lcnNpb249Mi4wLGFwc | +| | | | GxpY2F0aW9uL2pzb24 | +| | | | 7cT0xLjA7dmVyc2lvb | +| | | | j0yLjAsKi8qO3E9MS4 | +| | | | w>`__\ application | +| | | | /Perms+json;q=1.0; | +| | | | charset=utf-8;vers | +| | | | ion=2.0,applicatio | +| | | | n/json;q=1.0;versi | +| | | | on=2.0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUGVybXM | +| | | | reG1sO3E9MS4wO2NoY | +| | | | XJzZXQ9dXRmLTg7dmV | +| | | | yc2lvbj0yLjAsdGV4d | +| | | | C94bWw7cT0xLjA7dmV | +| | | | yc2lvbj0yLjA=>`__\ | +| | | | application/Perms | +| | | | +xml;q=1.0;charset | +| | | | =utf-8;version=2.0 | +| | | | ,text/xml;q=1.0;ve | +| | | | rsion=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | GET | /authz/perms/ns/:n | Get PermsByNS | +| | | s | | +| | | | List All | +| | | | Permissions that | +| | | | are in Namespace | +| | | | :ns | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | ns : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 404, 406 | +| | | | | +| | | | Accept: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUGVybXM | +| | | | ranNvbjtxPTEuMDtja | +| | | | GFyc2V0PXV0Zi04O3Z | +| | | | lcnNpb249Mi4wLGFwc | +| | | | GxpY2F0aW9uL2pzb24 | +| | | | 7cT0xLjA7dmVyc2lvb | +| | | | j0yLjAsKi8qO3E9MC4 | +| | | | y>`__\ application | +| | | | /Perms+json;q=1.0; | +| | | | charset=utf-8;vers | +| | | | ion=2.0,applicatio | +| | | | n/json;q=1.0;versi | +| | | | on=2.0,\*/\*;q=0.2 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUGVybXM | +| | | | reG1sO3E9MS4wO2NoY | +| | | | XJzZXQ9dXRmLTg7dmV | +| | | | yc2lvbj0yLjAsdGV4d | +| | | | C94bWw7cT0xLjA7dmV | +| | | | yc2lvbj0yLjA=>`__\ | +| | | | application/Perms | +| | | | +xml;q=1.0;charset | +| | | | =utf-8;version=2.0 | +| | | | ,text/xml;q=1.0;ve | +| | | | rsion=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | GET | /authz/perms/role/ | Get Permissions by | +| | | :role | Role | +| | | | | +| | | | List All | +| | | | Permissions that | +| | | | are granted to | +| | | | :role | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | role : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 404, 406 | +| | | | | +| | | | Accept: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUGVybXM | +| | | | ranNvbjtxPTEuMDtja | +| | | | GFyc2V0PXV0Zi04O3Z | +| | | | lcnNpb249Mi4wLGFwc | +| | | | GxpY2F0aW9uL2pzb24 | +| | | | 7cT0xLjA7dmVyc2lvb | +| | | | j0yLjAsKi8qO3E9MS4 | +| | | | w>`__\ application | +| | | | /Perms+json;q=1.0; | +| | | | charset=utf-8;vers | +| | | | ion=2.0,applicatio | +| | | | n/json;q=1.0;versi | +| | | | on=2.0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUGVybXM | +| | | | reG1sO3E9MS4wO2NoY | +| | | | XJzZXQ9dXRmLTg7dmV | +| | | | yc2lvbj0yLjAsdGV4d | +| | | | C94bWw7cT0xLjA7dmV | +| | | | yc2lvbj0yLjA=>`__\ | +| | | | application/Perms | +| | | | +xml;q=1.0;charset | +| | | | =utf-8;version=2.0 | +| | | | ,text/xml;q=1.0;ve | +| | | | rsion=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | POST | /authz/perms/user/ | Get Permissions by | +| | | :user | User, Query AAF | +| | | | Perms | +| | | | | +| | | | List All | +| | | | Permissions that | +| | | | match user :user | +| | | | | +| | | | 'user' must be | +| | | | expressed as full | +| | | | identity (ex: | +| | | | id@full.domain.com | +| | | | ) | +| | | | | +| | | | Present Queries as | +| | | | one or more | +| | | | Permissions (see | +| | | | ContentType Links | +| | | | below for format). | +| | | | | +| | | | If the Caller is | +| | | | Granted this | +| | | | specific | +| | | | Permission, and | +| | | | the Permission is | +| | | | valid | +| | | | | +| | | | for the User, it | +| | | | will be included | +| | | | in response | +| | | | Permissions, along | +| | | | with | +| | | | | +| | | | all the normal | +| | | | permissions on the | +| | | | 'GET' version of | +| | | | this call. If it | +| | | | is not | +| | | | | +| | | | valid, or Caller | +| | | | does not have | +| | | | permission to see, | +| | | | it will be removed | +| | | | from the list | +| | | | | +| | | | \*Note: This | +| | | | design allows you | +| | | | to make one call | +| | | | for all expected | +| | | | permissions | +| | | | | +| | | | The permission to | +| | | | be included MUST | +| | | | be: | +| | | | | +| | | | .access\|:[:key]\| | +| | | | | +| | | | examples: | +| | | | | +| | | | com.onap.myns.acces | +| | | | s\|:ns\|write | +| | | | | +| | | | com.onap.myns.acces | +| | | | s\|:role:myrole\|c | +| | | | reate | +| | | | | +| | | | com.onap.myns.acces | +| | | | s\|:perm:mytype:my | +| | | | instance:myaction\ | +| | | | |read | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | user : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 404, 406 | +| | | | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUGVybXM | +| | | | ranNvbjtxPTEuMDtja | +| | | | GFyc2V0PXV0Zi04O3Z | +| | | | lcnNpb249Mi4wLGFwc | +| | | | GxpY2F0aW9uL2pzb24 | +| | | | 7cT0xLjA7dmVyc2lvb | +| | | | j0yLjAsKi8qO3E9MS4 | +| | | | w>`__\ application | +| | | | /Perms+json;q=1.0; | +| | | | charset=utf-8;vers | +| | | | ion=2.0,applicatio | +| | | | n/json;q=1.0;versi | +| | | | on=2.0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUGVybXM | +| | | | reG1sO3E9MS4wO2NoY | +| | | | XJzZXQ9dXRmLTg7dmV | +| | | | yc2lvbj0yLjAsdGV4d | +| | | | C94bWw7cT0xLjA7dmV | +| | | | yc2lvbj0yLjA=>`__\ | +| | | | application/Perms | +| | | | +xml;q=1.0;charset | +| | | | =utf-8;version=2.0 | +| | | | ,text/xml;q=1.0;ve | +| | | | rsion=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | GET | /authz/perms/user/ | Get Permissions by | +| | | :user | User | +| | | | | +| | | | List All | +| | | | Permissions that | +| | | | match user :user | +| | | | | +| | | | 'user' must be | +| | | | expressed as full | +| | | | identity (ex: | +| | | | id@full.domain.com | +| | | | ) | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | user : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 404, 406 | +| | | | | +| | | | Accept: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUGVybXM | +| | | | ranNvbjtxPTEuMDtja | +| | | | GFyc2V0PXV0Zi04O3Z | +| | | | lcnNpb249Mi4wLGFwc | +| | | | GxpY2F0aW9uL2pzb24 | +| | | | 7cT0xLjA7dmVyc2lvb | +| | | | j0yLjAsKi8qO3E9MC4 | +| | | | y>`__\ application | +| | | | /Perms+json;q=1.0; | +| | | | charset=utf-8;vers | +| | | | ion=2.0,applicatio | +| | | | n/json;q=1.0;versi | +| | | | on=2.0,\*/\*;q=0.2 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUGVybXM | +| | | | reG1sO3E9MS4wO2NoY | +| | | | XJzZXQ9dXRmLTg7dmV | +| | | | yc2lvbj0yLjAsdGV4d | +| | | | C94bWw7cT0xLjA7dmV | +| | | | yc2lvbj0yLjA=>`__\ | +| | | | application/Perms | +| | | | +xml;q=1.0;charset | +| | | | =utf-8;version=2.0 | +| | | | ,text/xml;q=1.0;ve | +| | | | rsion=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| ROLE | POST | /authz/role | Create Role | +| | | | | +| | | | Roles are part of | +| | | | Namespaces | +| | | | | +| | | | Examples: | +| | | | | +| | | | - com.onap.aaf - | +| | | | The team that | +| | | | created and | +| | | | maintains AAF | +| | | | - com.onap.csp - | +| | | | The team that | +| | | | created Global | +| | | | Login | +| | | | | +| | | | Roles do not | +| | | | include implied | +| | | | permissions for an | +| | | | App. Instead, they | +| | | | contain explicit | +| | | | Granted | +| | | | Permissions by any | +| | | | Namespace in AAF | +| | | | (See Permissions) | +| | | | | +| | | | Restrictions on | +| | | | Role Names: | +| | | | | +| | | | - Must start with | +| | | | valid Namespace | +| | | | name, | +| | | | terminated by . | +| | | | (dot/period) | +| | | | - Allowed | +| | | | Characters are | +| | | | a-zA-Z0-9.\_- | +| | | | - role names are | +| | | | Case Sensitive | +| | | | | +| | | | The right | +| | | | questions to ask | +| | | | for defining and | +| | | | populating a Role | +| | | | in AAF, therefore, | +| | | | are: | +| | | | | +| | | | - 'What Job | +| | | | Function does | +| | | | this | +| | | | represent?' | +| | | | - 'Does this | +| | | | person perform | +| | | | this Job | +| | | | Function?' | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 201 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 403, 404, 406, 409 | +| | | | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUm9sZVJ | +| | | | lcXVlc3QranNvbjtxP | +| | | | TEuMDtjaGFyc2V0PXV | +| | | | 0Zi04O3ZlcnNpb249M | +| | | | i4wLGFwcGxpY2F0aW9 | +| | | | uL2pzb247cT0xLjA7d | +| | | | mVyc2lvbj0yLjAsKi8 | +| | | | qO3E9MS4w>`__\ app | +| | | | lication/RoleReque | +| | | | st+json;q=1.0;char | +| | | | set=utf-8;version= | +| | | | 2.0,application/js | +| | | | on;q=1.0;version=2 | +| | | | .0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUm9sZVJ | +| | | | lcXVlc3QreG1sO3E9M | +| | | | S4wO2NoYXJzZXQ9dXR | +| | | | mLTg7dmVyc2lvbj0yL | +| | | | jAsdGV4dC94bWw7cT0 | +| | | | xLjA7dmVyc2lvbj0yL | +| | | | jA=>`__\ applicati | +| | | | on/RoleRequest+xml | +| | | | ;q=1.0;charset=utf | +| | | | -8;version=2.0,tex | +| | | | t/xml;q=1.0;versio | +| | | | n=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | PUT | /authz/role | Set Description | +| | | | for role | +| | | | | +| | | | Add Description | +| | | | Data to a Role | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 404, 406 | +| | | | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUm9sZVJ | +| | | | lcXVlc3QranNvbjtxP | +| | | | TEuMDtjaGFyc2V0PXV | +| | | | 0Zi04O3ZlcnNpb249M | +| | | | i4wLGFwcGxpY2F0aW9 | +| | | | uL2pzb247cT0xLjA7d | +| | | | mVyc2lvbj0yLjAsKi8 | +| | | | qO3E9MS4w>`__\ app | +| | | | lication/RoleReque | +| | | | st+json;q=1.0;char | +| | | | set=utf-8;version= | +| | | | 2.0,application/js | +| | | | on;q=1.0;version=2 | +| | | | .0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUm9sZVJ | +| | | | lcXVlc3QreG1sO3E9M | +| | | | S4wO2NoYXJzZXQ9dXR | +| | | | mLTg7dmVyc2lvbj0yL | +| | | | jAsdGV4dC94bWw7cT0 | +| | | | xLjA7dmVyc2lvbj0yL | +| | | | jA=>`__\ applicati | +| | | | on/RoleRequest+xml | +| | | | ;q=1.0;charset=utf | +| | | | -8;version=2.0,tex | +| | | | t/xml;q=1.0;versio | +| | | | n=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | DELETE | /authz/role | Delete Role | +| | | | | +| | | | Delete the Role | +| | | | referenced by | +| | | | RoleKey | +| | | | | +| | | | You cannot | +| | | | normally delete a | +| | | | role which still | +| | | | has permissions | +| | | | granted or users | +| | | | assigned to it, | +| | | | | +| | | | however the | +| | | | "force" property | +| | | | allows you to do | +| | | | just that. To do | +| | | | this: Add | +| | | | 'force=true' | +| | | | | +| | | | as a query | +| | | | parameter. | +| | | | | +| | | | WARNING: Using | +| | | | force will remove | +| | | | all users and | +| | | | permission from | +| | | | this role. Use | +| | | | with care. | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 404, 406 | +| | | | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUm9sZVJ | +| | | | lcXVlc3QranNvbjtxP | +| | | | TEuMDtjaGFyc2V0PXV | +| | | | 0Zi04O3ZlcnNpb249M | +| | | | i4wLGFwcGxpY2F0aW9 | +| | | | uL2pzb247cT0xLjA7d | +| | | | mVyc2lvbj0yLjAsKi8 | +| | | | qO3E9MS4w>`__\ app | +| | | | lication/RoleReque | +| | | | st+json;q=1.0;char | +| | | | set=utf-8;version= | +| | | | 2.0,application/js | +| | | | on;q=1.0;version=2 | +| | | | .0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUm9sZVJ | +| | | | lcXVlc3QreG1sO3E9M | +| | | | S4wO2NoYXJzZXQ9dXR | +| | | | mLTg7dmVyc2lvbj0yL | +| | | | jAsdGV4dC94bWw7cT0 | +| | | | xLjA7dmVyc2lvbj0yL | +| | | | jA=>`__\ applicati | +| | | | on/RoleRequest+xml | +| | | | ;q=1.0;charset=utf | +| | | | -8;version=2.0,tex | +| | | | t/xml;q=1.0;versio | +| | | | n=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | DELETE | /authz/role/:role | Delete Role | +| | | | | +| | | | Delete the Role | +| | | | named :role | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | role : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 404, 406 | +| | | | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUm9sZSt | +| | | | qc29uO3E9MS4wO2NoY | +| | | | XJzZXQ9dXRmLTg7dmV | +| | | | yc2lvbj0yLjAsYXBwb | +| | | | GljYXRpb24vanNvbjt | +| | | | xPTEuMDt2ZXJzaW9uP | +| | | | TIuMCwqLyo7cT0xLjA | +| | | | =>`__\ application | +| | | | /Role+json;q=1.0;c | +| | | | harset=utf-8;versi | +| | | | on=2.0,application | +| | | | /json;q=1.0;versio | +| | | | n=2.0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUm9sZSt | +| | | | 4bWw7cT0xLjA7Y2hhc | +| | | | nNldD11dGYtODt2ZXJ | +| | | | zaW9uPTIuMCx0ZXh0L | +| | | | 3htbDtxPTEuMDt2ZXJ | +| | | | zaW9uPTIuMA==>`__\ | +| | | | application/Role+ | +| | | | xml;q=1.0;charset= | +| | | | utf-8;version=2.0, | +| | | | text/xml;q=1.0;ver | +| | | | sion=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | DELETE | /authz/role/:role/ | Delete Permission | +| | | perm | from Role | +| | | | | +| | | | Ungrant a | +| | | | permission from | +| | | | Role :role | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | role : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 404, 406 | +| | | | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUm9sZVB | +| | | | lcm1SZXF1ZXN0K2pzb | +| | | | 247cT0xLjA7Y2hhcnN | +| | | | ldD11dGYtODt2ZXJza | +| | | | W9uPTIuMCxhcHBsaWN | +| | | | hdGlvbi9qc29uO3E9M | +| | | | S4wO3ZlcnNpb249Mi4 | +| | | | wLCovKjtxPTEuMA==> | +| | | | `__\ application/R | +| | | | olePermRequest+jso | +| | | | n;q=1.0;charset=ut | +| | | | f-8;version=2.0,ap | +| | | | plication/json;q=1 | +| | | | .0;version=2.0,\*/ | +| | | | \*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUm9sZVB | +| | | | lcm1SZXF1ZXN0K3htb | +| | | | DtxPTEuMDtjaGFyc2V | +| | | | 0PXV0Zi04O3ZlcnNpb | +| | | | 249Mi4wLHRleHQveG1 | +| | | | sO3E9MS4wO3ZlcnNpb | +| | | | 249Mi4w>`__\ appli | +| | | | cation/RolePermReq | +| | | | uest+xml;q=1.0;cha | +| | | | rset=utf-8;version | +| | | | =2.0,text/xml;q=1. | +| | | | 0;version=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | POST | /authz/role/perm | Add Permission to | +| | | | Role | +| | | | | +| | | | Grant a Permission | +| | | | to a Role | +| | | | | +| | | | Permission | +| | | | consists of: | +| | | | | +| | | | - type - a | +| | | | Namespace | +| | | | qualified | +| | | | identifier | +| | | | specifying what | +| | | | kind of | +| | | | resource is | +| | | | being protected | +| | | | - instance - a | +| | | | key, possibly | +| | | | multi-dimension | +| | | | al, | +| | | | that identifies | +| | | | a specific | +| | | | instance of the | +| | | | type | +| | | | - action - what | +| | | | kind of action | +| | | | is allowed | +| | | | | +| | | | Note: instance and | +| | | | action can be an | +| | | | \* | +| | | | | +| | | | Note: Using the | +| | | | "force" property | +| | | | will create the | +| | | | Permission, if it | +| | | | doesn't exist AND | +| | | | the requesting ID | +| | | | is allowed to | +| | | | create. It will | +| | | | then grant | +| | | | | +| | | | the permission to | +| | | | the role in one | +| | | | step. To do this: | +| | | | add 'force=true' | +| | | | as a query | +| | | | parameter. | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 201 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 403, 404, 406, 409 | +| | | | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUm9sZVB | +| | | | lcm1SZXF1ZXN0K2pzb | +| | | | 247cT0xLjA7Y2hhcnN | +| | | | ldD11dGYtODt2ZXJza | +| | | | W9uPTIuMCxhcHBsaWN | +| | | | hdGlvbi9qc29uO3E9M | +| | | | S4wO3ZlcnNpb249Mi4 | +| | | | wLCovKjtxPTEuMA==> | +| | | | `__\ application/R | +| | | | olePermRequest+jso | +| | | | n;q=1.0;charset=ut | +| | | | f-8;version=2.0,ap | +| | | | plication/json;q=1 | +| | | | .0;version=2.0,\*/ | +| | | | \*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUm9sZVB | +| | | | lcm1SZXF1ZXN0K3htb | +| | | | DtxPTEuMDtjaGFyc2V | +| | | | 0PXV0Zi04O3ZlcnNpb | +| | | | 249Mi4wLHRleHQveG1 | +| | | | sO3E9MS4wO3ZlcnNpb | +| | | | 249Mi4w>`__\ appli | +| | | | cation/RolePermReq | +| | | | uest+xml;q=1.0;cha | +| | | | rset=utf-8;version | +| | | | =2.0,text/xml;q=1. | +| | | | 0;version=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | PUT | /authz/role/perm | Set a Permission's | +| | | | Roles | +| | | | | +| | | | Set a permission's | +| | | | roles to roles | +| | | | given | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 201 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 403, 404, 406, 409 | +| | | | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUm9sZVB | +| | | | lcm1SZXF1ZXN0K2pzb | +| | | | 247cT0xLjA7Y2hhcnN | +| | | | ldD11dGYtODt2ZXJza | +| | | | W9uPTIuMCxhcHBsaWN | +| | | | hdGlvbi9qc29uO3E9M | +| | | | S4wO3ZlcnNpb249Mi4 | +| | | | wLCovKjtxPTEuMA==> | +| | | | `__\ application/R | +| | | | olePermRequest+jso | +| | | | n;q=1.0;charset=ut | +| | | | f-8;version=2.0,ap | +| | | | plication/json;q=1 | +| | | | .0;version=2.0,\*/ | +| | | | \*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUm9sZVB | +| | | | lcm1SZXF1ZXN0K3htb | +| | | | DtxPTEuMDtjaGFyc2V | +| | | | 0PXV0Zi04O3ZlcnNpb | +| | | | 249Mi4wLHRleHQveG1 | +| | | | sO3E9MS4wO3ZlcnNpb | +| | | | 249Mi4w>`__\ appli | +| | | | cation/RolePermReq | +| | | | uest+xml;q=1.0;cha | +| | | | rset=utf-8;version | +| | | | =2.0,text/xml;q=1. | +| | | | 0;version=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | GET | /authz/roles/:role | GetRolesByFullName | +| | | | | +| | | | List Roles that | +| | | | match :role | +| | | | | +| | | | Note: You must | +| | | | have permission to | +| | | | see any given role | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | role : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 404, 406 | +| | | | | +| | | | Accept: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUm9sZXM | +| | | | ranNvbjtxPTEuMDtja | +| | | | GFyc2V0PXV0Zi04O3Z | +| | | | lcnNpb249Mi4wLGFwc | +| | | | GxpY2F0aW9uL2pzb24 | +| | | | 7cT0xLjA7dmVyc2lvb | +| | | | j0yLjAsKi8qO3E9MS4 | +| | | | w>`__\ application | +| | | | /Roles+json;q=1.0; | +| | | | charset=utf-8;vers | +| | | | ion=2.0,applicatio | +| | | | n/json;q=1.0;versi | +| | | | on=2.0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUm9sZXM | +| | | | reG1sO3E9MS4wO2NoY | +| | | | XJzZXQ9dXRmLTg7dmV | +| | | | yc2lvbj0yLjAsdGV4d | +| | | | C94bWw7cT0xLjA7dmV | +| | | | yc2lvbj0yLjA=>`__\ | +| | | | application/Roles | +| | | | +xml;q=1.0;charset | +| | | | =utf-8;version=2.0 | +| | | | ,text/xml;q=1.0;ve | +| | | | rsion=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | GET | /authz/roles/name/ | GetRolesByNameOnly | +| | | :name | | +| | | | List all Roles for | +| | | | only the Name of | +| | | | Role (without | +| | | | Namespace) | +| | | | | +| | | | Note: You must | +| | | | have permission to | +| | | | see any given role | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | name : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 404, 406 | +| | | | | +| | | | Accept: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUm9sZXM | +| | | | ranNvbjtxPTEuMDtja | +| | | | GFyc2V0PXV0Zi04O3Z | +| | | | lcnNpb249Mi4wLGFwc | +| | | | GxpY2F0aW9uL2pzb24 | +| | | | 7cT0xLjA7dmVyc2lvb | +| | | | j0yLjAsKi8qO3E9MS4 | +| | | | w>`__\ application | +| | | | /Roles+json;q=1.0; | +| | | | charset=utf-8;vers | +| | | | ion=2.0,applicatio | +| | | | n/json;q=1.0;versi | +| | | | on=2.0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUm9sZXM | +| | | | reG1sO3E9MS4wO2NoY | +| | | | XJzZXQ9dXRmLTg7dmV | +| | | | yc2lvbj0yLjAsdGV4d | +| | | | C94bWw7cT0xLjA7dmV | +| | | | yc2lvbj0yLjA=>`__\ | +| | | | application/Roles | +| | | | +xml;q=1.0;charset | +| | | | =utf-8;version=2.0 | +| | | | ,text/xml;q=1.0;ve | +| | | | rsion=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | GET | /authz/roles/ns/:n | GetRolesByNS | +| | | s | | +| | | | List all Roles for | +| | | | the Namespace :ns | +| | | | | +| | | | Note: You must | +| | | | have permission to | +| | | | see any given role | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | ns : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 404, 406 | +| | | | | +| | | | Accept: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUm9sZXM | +| | | | ranNvbjtxPTEuMDtja | +| | | | GFyc2V0PXV0Zi04O3Z | +| | | | lcnNpb249Mi4wLGFwc | +| | | | GxpY2F0aW9uL2pzb24 | +| | | | 7cT0xLjA7dmVyc2lvb | +| | | | j0yLjAsKi8qO3E9MC4 | +| | | | y>`__\ application | +| | | | /Roles+json;q=1.0; | +| | | | charset=utf-8;vers | +| | | | ion=2.0,applicatio | +| | | | n/json;q=1.0;versi | +| | | | on=2.0,\*/\*;q=0.2 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUm9sZXM | +| | | | reG1sO3E9MS4wO2NoY | +| | | | XJzZXQ9dXRmLTg7dmV | +| | | | yc2lvbj0yLjAsdGV4d | +| | | | C94bWw7cT0xLjA7dmV | +| | | | yc2lvbj0yLjA=>`__\ | +| | | | application/Roles | +| | | | +xml;q=1.0;charset | +| | | | =utf-8;version=2.0 | +| | | | ,text/xml;q=1.0;ve | +| | | | rsion=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | GET | /authz/roles/perm/ | GetRolesByPerm | +| | | :type/:instance/:a | | +| | | ction | Find all Roles | +| | | | containing the | +| | | | given | +| | | | Permission.Permiss | +| | | | ion | +| | | | consists of: | +| | | | | +| | | | - type - a | +| | | | Namespace | +| | | | qualified | +| | | | identifier | +| | | | specifying what | +| | | | kind of | +| | | | resource is | +| | | | being protected | +| | | | - instance - a | +| | | | key, possibly | +| | | | multi-dimension | +| | | | al, | +| | | | that identifies | +| | | | a specific | +| | | | instance of the | +| | | | type | +| | | | - action - what | +| | | | kind of action | +| | | | is allowed | +| | | | | +| | | | Notes: instance | +| | | | and action can be | +| | | | an \* | +| | | | | +| | | | You must have | +| | | | permission to see | +| | | | any given role | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | type : string | +| | | | (Required) | +| | | | | +| | | | instance : string | +| | | | (Required) | +| | | | | +| | | | action : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 404, 406 | +| | | | | +| | | | Accept: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUm9sZXM | +| | | | ranNvbjtxPTEuMDtja | +| | | | GFyc2V0PXV0Zi04O3Z | +| | | | lcnNpb249Mi4wLGFwc | +| | | | GxpY2F0aW9uL2pzb24 | +| | | | 7cT0xLjA7dmVyc2lvb | +| | | | j0yLjAsKi8qO3E9MS4 | +| | | | w>`__\ application | +| | | | /Roles+json;q=1.0; | +| | | | charset=utf-8;vers | +| | | | ion=2.0,applicatio | +| | | | n/json;q=1.0;versi | +| | | | on=2.0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUm9sZXM | +| | | | reG1sO3E9MS4wO2NoY | +| | | | XJzZXQ9dXRmLTg7dmV | +| | | | yc2lvbj0yLjAsdGV4d | +| | | | C94bWw7cT0xLjA7dmV | +| | | | yc2lvbj0yLjA=>`__\ | +| | | | application/Roles | +| | | | +xml;q=1.0;charset | +| | | | =utf-8;version=2.0 | +| | | | ,text/xml;q=1.0;ve | +| | | | rsion=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | GET | /authz/roles/user/ | GetRolesByUser | +| | | :name | | +| | | | List all Roles | +| | | | that match user | +| | | | :name | +| | | | | +| | | | 'user' must be | +| | | | expressed as full | +| | | | identity (ex: | +| | | | id@full.domain.com | +| | | | ) | +| | | | | +| | | | Note: You must | +| | | | have permission to | +| | | | see any given role | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | name : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 404, 406 | +| | | | | +| | | | Accept: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUm9sZXM | +| | | | ranNvbjtxPTEuMDtja | +| | | | GFyc2V0PXV0Zi04O3Z | +| | | | lcnNpb249Mi4wLGFwc | +| | | | GxpY2F0aW9uL2pzb24 | +| | | | 7cT0xLjA7dmVyc2lvb | +| | | | j0yLjAsKi8qO3E9MS4 | +| | | | w>`__\ application | +| | | | /Roles+json;q=1.0; | +| | | | charset=utf-8;vers | +| | | | ion=2.0,applicatio | +| | | | n/json;q=1.0;versi | +| | | | on=2.0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vUm9sZXM | +| | | | reG1sO3E9MS4wO2NoY | +| | | | XJzZXQ9dXRmLTg7dmV | +| | | | yc2lvbj0yLjAsdGV4d | +| | | | C94bWw7cT0xLjA7dmV | +| | | | yc2lvbj0yLjA=>`__\ | +| | | | application/Roles | +| | | | +xml;q=1.0;charset | +| | | | =utf-8;version=2.0 | +| | | | ,text/xml;q=1.0;ve | +| | | | rsion=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | POST | /authz/userRole | Request User Role | +| | | | Access | +| | | | | +| | | | Create a UserRole | +| | | | relationship (add | +| | | | User to Role) | +| | | | | +| | | | A UserRole is an | +| | | | object | +| | | | Representation of | +| | | | membership of a | +| | | | Role for limited | +| | | | time. | +| | | | | +| | | | If a shorter | +| | | | amount of time for | +| | | | Role ownership is | +| | | | required, use the | +| | | | 'End' field. | +| | | | | +| | | | \*\* Note: Owners | +| | | | of Namespaces will | +| | | | be required to | +| | | | revalidate users | +| | | | in these roles | +| | | | | +| | | | before Expirations | +| | | | expire. Namespace | +| | | | owners will be | +| | | | notified by email. | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 201 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 403, 404, 406, 409 | +| | | | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVXNlclJ | +| | | | vbGVSZXF1ZXN0K2pzb | +| | | | 247cT0xLjA7Y2hhcnN | +| | | | ldD11dGYtODt2ZXJza | +| | | | W9uPTIuMCxhcHBsaWN | +| | | | hdGlvbi9qc29uO3E9M | +| | | | S4wO3ZlcnNpb249Mi4 | +| | | | wLCovKjtxPTEuMA==> | +| | | | `__\ application/U | +| | | | serRoleRequest+jso | +| | | | n;q=1.0;charset=ut | +| | | | f-8;version=2.0,ap | +| | | | plication/json;q=1 | +| | | | .0;version=2.0,\*/ | +| | | | \*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVXNlclJ | +| | | | vbGVSZXF1ZXN0K3htb | +| | | | DtxPTEuMDtjaGFyc2V | +| | | | 0PXV0Zi04O3ZlcnNpb | +| | | | 249Mi4wLHRleHQveG1 | +| | | | sO3E9MS4wO3ZlcnNpb | +| | | | 249Mi4w>`__\ appli | +| | | | cation/UserRoleReq | +| | | | uest+xml;q=1.0;cha | +| | | | rset=utf-8;version | +| | | | =2.0,text/xml;q=1. | +| | | | 0;version=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | GET | /authz/userRole/:u | Get if User is In | +| | | ser/:role | Role | +| | | | | +| | | | Returns the User | +| | | | (with Expiration | +| | | | date from listed | +| | | | User/Role) if it | +| | | | exists | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | user : string | +| | | | (Required) | +| | | | | +| | | | role : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 403, 404, 406 | +| | | | | +| | | | Accept: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVXNlcnM | +| | | | ranNvbjtxPTEuMDtja | +| | | | GFyc2V0PXV0Zi04O3Z | +| | | | lcnNpb249Mi4wLGFwc | +| | | | GxpY2F0aW9uL2pzb24 | +| | | | 7cT0xLjA7dmVyc2lvb | +| | | | j0yLjAsKi8qO3E9MS4 | +| | | | w>`__\ application | +| | | | /Users+json;q=1.0; | +| | | | charset=utf-8;vers | +| | | | ion=2.0,applicatio | +| | | | n/json;q=1.0;versi | +| | | | on=2.0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVXNlcnM | +| | | | reG1sO3E9MS4wO2NoY | +| | | | XJzZXQ9dXRmLTg7dmV | +| | | | yc2lvbj0yLjAsdGV4d | +| | | | C94bWw7cT0xLjA7dmV | +| | | | yc2lvbj0yLjA=>`__\ | +| | | | application/Users | +| | | | +xml;q=1.0;charset | +| | | | =utf-8;version=2.0 | +| | | | ,text/xml;q=1.0;ve | +| | | | rsion=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | DELETE | /authz/userRole/:u | Delete User Role | +| | | ser/:role | | +| | | | Remove Role :role | +| | | | from User :user. | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | user : string | +| | | | (Required) | +| | | | | +| | | | role : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 403, 404, 406 | +| | | | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVm9pZCt | +| | | | qc29uO3E9MS4wO2NoY | +| | | | XJzZXQ9dXRmLTg7dmV | +| | | | yc2lvbj0yLjAsYXBwb | +| | | | GljYXRpb24vanNvbjt | +| | | | xPTEuMDt2ZXJzaW9uP | +| | | | TIuMCwqLyo7cT0xLjA | +| | | | =>`__\ application | +| | | | /Void+json;q=1.0;c | +| | | | harset=utf-8;versi | +| | | | on=2.0,application | +| | | | /json;q=1.0;versio | +| | | | n=2.0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVm9pZCt | +| | | | 4bWw7cT0xLjA7Y2hhc | +| | | | nNldD11dGYtODt2ZXJ | +| | | | zaW9uPTIuMCx0ZXh0L | +| | | | 3htbDtxPTEuMDt2ZXJ | +| | | | zaW9uPTIuMA==>`__\ | +| | | | application/Void+ | +| | | | xml;q=1.0;charset= | +| | | | utf-8;version=2.0, | +| | | | text/xml;q=1.0;ver | +| | | | sion=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | PUT | /authz/userRole/ex | Extend Expiration | +| | | tend/:user/:role | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVm9pZCt | +| | | | qc29uO3E9MS4wO2NoY | +| | | | XJzZXQ9dXRmLTg7dmV | +| | | | yc2lvbj0yLjAsYXBwb | +| | | | GljYXRpb24vanNvbjt | +| | | | xPTEuMDt2ZXJzaW9uP | +| | | | TIuMCwqLyo7cT0xLjA | +| | | | =>`__\ application | +| | | | /Void+json;q=1.0;c | +| | | | harset=utf-8;versi | +| | | | on=2.0,application | +| | | | /json;q=1.0;versio | +| | | | n=2.0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVm9pZCt | +| | | | 4bWw7cT0xLjA7Y2hhc | +| | | | nNldD11dGYtODt2ZXJ | +| | | | zaW9uPTIuMCx0ZXh0L | +| | | | 3htbDtxPTEuMDt2ZXJ | +| | | | zaW9uPTIuMA==>`__\ | +| | | | application/Void+ | +| | | | xml;q=1.0;charset= | +| | | | utf-8;version=2.0, | +| | | | text/xml;q=1.0;ver | +| | | | sion=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | PUT | /authz/userRole/ro | Update Users for a | +| | | le | role | +| | | | | +| | | | Set a Role's users | +| | | | to the users | +| | | | specified in the | +| | | | UserRoleRequest | +| | | | object. | +| | | | | +| | | | WARNING: Users | +| | | | supplied will be | +| | | | the ONLY users | +| | | | attached to this | +| | | | role | +| | | | | +| | | | If no users are | +| | | | supplied, role's | +| | | | users are reset. | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 403, 404, 406 | +| | | | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVXNlclJ | +| | | | vbGVSZXF1ZXN0K2pzb | +| | | | 247cT0xLjA7Y2hhcnN | +| | | | ldD11dGYtODt2ZXJza | +| | | | W9uPTIuMCxhcHBsaWN | +| | | | hdGlvbi9qc29uO3E9M | +| | | | S4wO3ZlcnNpb249Mi4 | +| | | | wLCovKjtxPTEuMA==> | +| | | | `__\ application/U | +| | | | serRoleRequest+jso | +| | | | n;q=1.0;charset=ut | +| | | | f-8;version=2.0,ap | +| | | | plication/json;q=1 | +| | | | .0;version=2.0,\*/ | +| | | | \*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVXNlclJ | +| | | | vbGVSZXF1ZXN0K3htb | +| | | | DtxPTEuMDtjaGFyc2V | +| | | | 0PXV0Zi04O3ZlcnNpb | +| | | | 249Mi4wLHRleHQveG1 | +| | | | sO3E9MS4wO3ZlcnNpb | +| | | | 249Mi4w>`__\ appli | +| | | | cation/UserRoleReq | +| | | | uest+xml;q=1.0;cha | +| | | | rset=utf-8;version | +| | | | =2.0,text/xml;q=1. | +| | | | 0;version=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | PUT | /authz/userRole/us | Update Roles for a | +| | | er | user | +| | | | | +| | | | Set a User's roles | +| | | | to the roles | +| | | | specified in the | +| | | | UserRoleRequest | +| | | | object. | +| | | | | +| | | | WARNING: Roles | +| | | | supplied will be | +| | | | the ONLY roles | +| | | | attached to this | +| | | | user | +| | | | | +| | | | If no roles are | +| | | | supplied, user's | +| | | | roles are reset. | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 403, 404, 406 | +| | | | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVXNlclJ | +| | | | vbGVSZXF1ZXN0K2pzb | +| | | | 247cT0xLjA7Y2hhcnN | +| | | | ldD11dGYtODt2ZXJza | +| | | | W9uPTIuMCxhcHBsaWN | +| | | | hdGlvbi9qc29uO3E9M | +| | | | S4wO3ZlcnNpb249Mi4 | +| | | | wLCovKjtxPTEuMA==> | +| | | | `__\ application/U | +| | | | serRoleRequest+jso | +| | | | n;q=1.0;charset=ut | +| | | | f-8;version=2.0,ap | +| | | | plication/json;q=1 | +| | | | .0;version=2.0,\*/ | +| | | | \*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVXNlclJ | +| | | | vbGVSZXF1ZXN0K3htb | +| | | | DtxPTEuMDtjaGFyc2V | +| | | | 0PXV0Zi04O3ZlcnNpb | +| | | | 249Mi4wLHRleHQveG1 | +| | | | sO3E9MS4wO3ZlcnNpb | +| | | | 249Mi4w>`__\ appli | +| | | | cation/UserRoleReq | +| | | | uest+xml;q=1.0;cha | +| | | | rset=utf-8;version | +| | | | =2.0,text/xml;q=1. | +| | | | 0;version=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | GET | /authz/userRoles/r | Get UserRoles by | +| | | ole/:role | Role | +| | | | | +| | | | List all Users | +| | | | that are attached | +| | | | to Role specified | +| | | | in :role | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | role : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 404, 406 | +| | | | | +| | | | Accept: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVXNlclJ | +| | | | vbGVzK2pzb247cT0xL | +| | | | jA7Y2hhcnNldD11dGY | +| | | | tODt2ZXJzaW9uPTIuM | +| | | | CxhcHBsaWNhdGlvbi9 | +| | | | qc29uO3E9MS4wO3Zlc | +| | | | nNpb249Mi4wLCovKjt | +| | | | xPTAuMg==>`__\ app | +| | | | lication/UserRoles | +| | | | +json;q=1.0;charse | +| | | | t=utf-8;version=2. | +| | | | 0,application/json | +| | | | ;q=1.0;version=2.0 | +| | | | ,\*/\*;q=0.2 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVXNlclJ | +| | | | vbGVzK3htbDtxPTEuM | +| | | | DtjaGFyc2V0PXV0Zi0 | +| | | | 4O3ZlcnNpb249Mi4wL | +| | | | HRleHQveG1sO3E9MS4 | +| | | | wO3ZlcnNpb249Mi4w> | +| | | | `__\ application/U | +| | | | serRoles+xml;q=1.0 | +| | | | ;charset=utf-8;ver | +| | | | sion=2.0,text/xml; | +| | | | q=1.0;version=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | GET | /authz/userRoles/u | Get UserRoles by | +| | | ser/:user | User | +| | | | | +| | | | List all UserRoles | +| | | | for :user | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | role : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 404, 406 | +| | | | | +| | | | Accept: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVXNlclJ | +| | | | vbGVzK2pzb247cT0xL | +| | | | jA7Y2hhcnNldD11dGY | +| | | | tODt2ZXJzaW9uPTIuM | +| | | | CxhcHBsaWNhdGlvbi9 | +| | | | qc29uO3E9MS4wO3Zlc | +| | | | nNpb249Mi4wLCovKjt | +| | | | xPTAuMg==>`__\ app | +| | | | lication/UserRoles | +| | | | +json;q=1.0;charse | +| | | | t=utf-8;version=2. | +| | | | 0,application/json | +| | | | ;q=1.0;version=2.0 | +| | | | ,\*/\*;q=0.2 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVXNlclJ | +| | | | vbGVzK3htbDtxPTEuM | +| | | | DtjaGFyc2V0PXV0Zi0 | +| | | | 4O3ZlcnNpb249Mi4wL | +| | | | HRleHQveG1sO3E9MS4 | +| | | | wO3ZlcnNpb249Mi4w> | +| | | | `__\ application/U | +| | | | serRoles+xml;q=1.0 | +| | | | ;charset=utf-8;ver | +| | | | sion=2.0,text/xml; | +| | | | q=1.0;version=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| NAMESPACE | POST | /authz/ns | Create a Namespace | +| | | | | +| | | | Namespace consists | +| | | | of: | +| | | | | +| | | | - name - What you | +| | | | want to call | +| | | | this Namespace | +| | | | - responsible(s) | +| | | | - Person(s) who | +| | | | receive | +| | | | Notifications | +| | | | and approves | +| | | | Requests | +| | | | | +| | | | regarding this | +| | | | Namespace. | +| | | | Companies have | +| | | | Policies as to | +| | | | who may take on | +| | | | | +| | | | this | +| | | | Responsibility. | +| | | | Separate | +| | | | multiple | +| | | | identities with | +| | | | commas | +| | | | | +| | | | - admin(s) - | +| | | | Person(s) who | +| | | | are allowed to | +| | | | make changes on | +| | | | the namespace, | +| | | | | +| | | | including | +| | | | creating Roles, | +| | | | Permissions and | +| | | | Credentials. | +| | | | Separate | +| | | | multiple | +| | | | | +| | | | identities with | +| | | | commas | +| | | | | +| | | | Note: Namespaces | +| | | | are dot-delimited | +| | | | (i.e. | +| | | | com.myCompany.myAp | +| | | | p) | +| | | | and must be | +| | | | | +| | | | created with | +| | | | parent credentials | +| | | | (i.e. To create | +| | | | com.myCompany.myAp | +| | | | p, | +| | | | you must | +| | | | | +| | | | be an admin of | +| | | | com.myCompany or | +| | | | com | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 201 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 403, 404, 406, 409 | +| | | | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vTnNSZXF | +| | | | 1ZXN0K2pzb247cT0xL | +| | | | jA7Y2hhcnNldD11dGY | +| | | | tODt2ZXJzaW9uPTIuM | +| | | | CxhcHBsaWNhdGlvbi9 | +| | | | qc29uO3E9MS4wO3Zlc | +| | | | nNpb249Mi4wLCovKjt | +| | | | xPTEuMA==>`__\ app | +| | | | lication/NsRequest | +| | | | +json;q=1.0;charse | +| | | | t=utf-8;version=2. | +| | | | 0,application/json | +| | | | ;q=1.0;version=2.0 | +| | | | ,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vTnNSZXF | +| | | | 1ZXN0K3htbDtxPTEuM | +| | | | DtjaGFyc2V0PXV0Zi0 | +| | | | 4O3ZlcnNpb249Mi4wL | +| | | | HRleHQveG1sO3E9MS4 | +| | | | wO3ZlcnNpb249Mi4w> | +| | | | `__\ application/N | +| | | | sRequest+xml;q=1.0 | +| | | | ;charset=utf-8;ver | +| | | | sion=2.0,text/xml; | +| | | | q=1.0;version=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | PUT | /authz/ns | Set a Description | +| | | | for a Namespace | +| | | | | +| | | | Replace the | +| | | | Current | +| | | | Description of a | +| | | | Namespace with a | +| | | | new one | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 403, 404, 406 | +| | | | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vTnNSZXF | +| | | | 1ZXN0K2pzb247cT0xL | +| | | | jA7Y2hhcnNldD11dGY | +| | | | tODt2ZXJzaW9uPTIuM | +| | | | CxhcHBsaWNhdGlvbi9 | +| | | | qc29uO3E9MS4wO3Zlc | +| | | | nNpb249Mi4wLCovKjt | +| | | | xPTEuMA==>`__\ app | +| | | | lication/NsRequest | +| | | | +json;q=1.0;charse | +| | | | t=utf-8;version=2. | +| | | | 0,application/json | +| | | | ;q=1.0;version=2.0 | +| | | | ,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vTnNSZXF | +| | | | 1ZXN0K3htbDtxPTEuM | +| | | | DtjaGFyc2V0PXV0Zi0 | +| | | | 4O3ZlcnNpb249Mi4wL | +| | | | HRleHQveG1sO3E9MS4 | +| | | | wO3ZlcnNpb249Mi4w> | +| | | | `__\ application/N | +| | | | sRequest+xml;q=1.0 | +| | | | ;charset=utf-8;ver | +| | | | sion=2.0,text/xml; | +| | | | q=1.0;version=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | DELETE | /authz/ns/:ns | Delete a Namespace | +| | | | | +| | | | Delete the | +| | | | Namespace :ns. | +| | | | Namespaces cannot | +| | | | normally be | +| | | | deleted when there | +| | | | | +| | | | are still | +| | | | credentials | +| | | | associated with | +| | | | them, but they can | +| | | | be deleted by | +| | | | setting | +| | | | | +| | | | the "force" | +| | | | property. To do | +| | | | this: Add | +| | | | 'force=true' as a | +| | | | query parameter | +| | | | | +| | | | WARNING: Using | +| | | | force will delete | +| | | | all credentials | +| | | | attached to this | +| | | | namespace. Use | +| | | | with care. | +| | | | | +| | | | if the "force" | +| | | | property is set to | +| | | | 'force=move', then | +| | | | Permissions and | +| | | | Roles are not | +| | | | deleted,but are | +| | | | retained, and | +| | | | assigned to the | +| | | | Parent Namespace. | +| | | | 'force=move' is | +| | | | not permitted at | +| | | | or below | +| | | | Application Scope | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | ns : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 403, 404, 424 | +| | | | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVm9pZCt | +| | | | qc29uO3E9MS4wO2NoY | +| | | | XJzZXQ9dXRmLTg7dmV | +| | | | yc2lvbj0yLjAsYXBwb | +| | | | GljYXRpb24vanNvbjt | +| | | | xPTEuMDt2ZXJzaW9uP | +| | | | TIuMCwqLyo7cT0xLjA | +| | | | =>`__\ application | +| | | | /Void+json;q=1.0;c | +| | | | harset=utf-8;versi | +| | | | on=2.0,application | +| | | | /json;q=1.0;versio | +| | | | n=2.0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVm9pZCt | +| | | | 4bWw7cT0xLjA7Y2hhc | +| | | | nNldD11dGYtODt2ZXJ | +| | | | zaW9uPTIuMCx0ZXh0L | +| | | | 3htbDtxPTEuMDt2ZXJ | +| | | | zaW9uPTIuMA==>`__\ | +| | | | application/Void+ | +| | | | xml;q=1.0;charset= | +| | | | utf-8;version=2.0, | +| | | | text/xml;q=1.0;ver | +| | | | sion=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | POST | /authz/ns/:ns/admi | Add an Admin to a | +| | | n/:id | Namespace | +| | | | | +| | | | Add an Identity | +| | | | :id to the list of | +| | | | Admins for the | +| | | | Namespace :ns | +| | | | | +| | | | Note: :id must be | +| | | | fully qualified | +| | | | | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | ns : string | +| | | | (Required) | +| | | | | +| | | | id : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 201 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 403, 404, 406, 409 | +| | | | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVm9pZCt | +| | | | qc29uO3E9MS4wO2NoY | +| | | | XJzZXQ9dXRmLTg7dmV | +| | | | yc2lvbj0yLjAsYXBwb | +| | | | GljYXRpb24vanNvbjt | +| | | | xPTEuMDt2ZXJzaW9uP | +| | | | TIuMCwqLyo7cT0xLjA | +| | | | =>`__\ application | +| | | | /Void+json;q=1.0;c | +| | | | harset=utf-8;versi | +| | | | on=2.0,application | +| | | | /json;q=1.0;versio | +| | | | n=2.0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVm9pZCt | +| | | | 4bWw7cT0xLjA7Y2hhc | +| | | | nNldD11dGYtODt2ZXJ | +| | | | zaW9uPTIuMCx0ZXh0L | +| | | | 3htbDtxPTEuMDt2ZXJ | +| | | | zaW9uPTIuMA==>`__\ | +| | | | application/Void+ | +| | | | xml;q=1.0;charset= | +| | | | utf-8;version=2.0, | +| | | | text/xml;q=1.0;ver | +| | | | sion=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | DELETE | /authz/ns/:ns/admi | Remove an Admin | +| | | n/:id | from a Namespace | +| | | | | +| | | | Remove an Identity | +| | | | :id from the list | +| | | | of Admins for the | +| | | | Namespace :ns | +| | | | | +| | | | Note: :id must be | +| | | | fully qualified | +| | | | | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | ns : string | +| | | | (Required) | +| | | | | +| | | | id : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 403, 404 | +| | | | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVm9pZCt | +| | | | qc29uO3E9MS4wO2NoY | +| | | | XJzZXQ9dXRmLTg7dmV | +| | | | yc2lvbj0yLjAsYXBwb | +| | | | GljYXRpb24vanNvbjt | +| | | | xPTEuMDt2ZXJzaW9uP | +| | | | TIuMCwqLyo7cT0xLjA | +| | | | =>`__\ application | +| | | | /Void+json;q=1.0;c | +| | | | harset=utf-8;versi | +| | | | on=2.0,application | +| | | | /json;q=1.0;versio | +| | | | n=2.0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVm9pZCt | +| | | | 4bWw7cT0xLjA7Y2hhc | +| | | | nNldD11dGYtODt2ZXJ | +| | | | zaW9uPTIuMCx0ZXh0L | +| | | | 3htbDtxPTEuMDt2ZXJ | +| | | | zaW9uPTIuMA==>`__\ | +| | | | application/Void+ | +| | | | xml;q=1.0;charset= | +| | | | utf-8;version=2.0, | +| | | | text/xml;q=1.0;ver | +| | | | sion=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | DELETE | /authz/ns/:ns/attr | delete an | +| | | ib/:key | Attribute from a | +| | | | Namespace | +| | | | | +| | | | Delete an | +| | | | attribute in the | +| | | | Namespace | +| | | | | +| | | | You must be given | +| | | | direct permission | +| | | | for key by AAF | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | ns : string | +| | | | (Required) | +| | | | | +| | | | key : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 403, 404 | +| | | | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVm9pZCt | +| | | | qc29uO3E9MS4wO2NoY | +| | | | XJzZXQ9dXRmLTg7dmV | +| | | | yc2lvbj0yLjAsYXBwb | +| | | | GljYXRpb24vanNvbjt | +| | | | xPTEuMDt2ZXJzaW9uP | +| | | | TIuMCwqLyo7cT0xLjA | +| | | | =>`__\ application | +| | | | /Void+json;q=1.0;c | +| | | | harset=utf-8;versi | +| | | | on=2.0,application | +| | | | /json;q=1.0;versio | +| | | | n=2.0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVm9pZCt | +| | | | 4bWw7cT0xLjA7Y2hhc | +| | | | nNldD11dGYtODt2ZXJ | +| | | | zaW9uPTIuMCx0ZXh0L | +| | | | 3htbDtxPTEuMDt2ZXJ | +| | | | zaW9uPTIuMA==>`__\ | +| | | | application/Void+ | +| | | | xml;q=1.0;charset= | +| | | | utf-8;version=2.0, | +| | | | text/xml;q=1.0;ver | +| | | | sion=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | POST | /authz/ns/:ns/attr | Add an Attribute | +| | | ib/:key/:value | from a Namespace | +| | | | | +| | | | Create an | +| | | | attribute in the | +| | | | Namespace | +| | | | | +| | | | You must be given | +| | | | direct permission | +| | | | for key by AAF | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | ns : string | +| | | | (Required) | +| | | | | +| | | | key : string | +| | | | (Required) | +| | | | | +| | | | value : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 201 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 403, 404, 406, 409 | +| | | | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVm9pZCt | +| | | | qc29uO3E9MS4wO2NoY | +| | | | XJzZXQ9dXRmLTg7dmV | +| | | | yc2lvbj0yLjAsYXBwb | +| | | | GljYXRpb24vanNvbjt | +| | | | xPTEuMDt2ZXJzaW9uP | +| | | | TIuMCwqLyo7cT0xLjA | +| | | | =>`__\ application | +| | | | /Void+json;q=1.0;c | +| | | | harset=utf-8;versi | +| | | | on=2.0,application | +| | | | /json;q=1.0;versio | +| | | | n=2.0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVm9pZCt | +| | | | 4bWw7cT0xLjA7Y2hhc | +| | | | nNldD11dGYtODt2ZXJ | +| | | | zaW9uPTIuMCx0ZXh0L | +| | | | 3htbDtxPTEuMDt2ZXJ | +| | | | zaW9uPTIuMA==>`__\ | +| | | | application/Void+ | +| | | | xml;q=1.0;charset= | +| | | | utf-8;version=2.0, | +| | | | text/xml;q=1.0;ver | +| | | | sion=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | PUT | /authz/ns/:ns/attr | update an | +| | | ib/:key/:value | Attribute from a | +| | | | Namespace | +| | | | | +| | | | Update Value on an | +| | | | existing attribute | +| | | | in the Namespace | +| | | | | +| | | | You must be given | +| | | | direct permission | +| | | | for key by AAF | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | ns : string | +| | | | (Required) | +| | | | | +| | | | key : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 403, 404 | +| | | | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVm9pZCt | +| | | | qc29uO3E9MS4wO2NoY | +| | | | XJzZXQ9dXRmLTg7dmV | +| | | | yc2lvbj0yLjAsYXBwb | +| | | | GljYXRpb24vanNvbjt | +| | | | xPTEuMDt2ZXJzaW9uP | +| | | | TIuMCwqLyo7cT0xLjA | +| | | | =>`__\ application | +| | | | /Void+json;q=1.0;c | +| | | | harset=utf-8;versi | +| | | | on=2.0,application | +| | | | /json;q=1.0;versio | +| | | | n=2.0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVm9pZCt | +| | | | 4bWw7cT0xLjA7Y2hhc | +| | | | nNldD11dGYtODt2ZXJ | +| | | | zaW9uPTIuMCx0ZXh0L | +| | | | 3htbDtxPTEuMDt2ZXJ | +| | | | zaW9uPTIuMA==>`__\ | +| | | | application/Void+ | +| | | | xml;q=1.0;charset= | +| | | | utf-8;version=2.0, | +| | | | text/xml;q=1.0;ver | +| | | | sion=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | POST | /authz/ns/:ns/resp | Add a Responsible | +| | | onsible/:id | Identity to a | +| | | | Namespace | +| | | | | +| | | | Add an Identity | +| | | | :id to the list of | +| | | | Responsibles for | +| | | | the Namespace :ns | +| | | | | +| | | | Note: :id must be | +| | | | fully qualified | +| | | | | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | ns : string | +| | | | (Required) | +| | | | | +| | | | id : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 201 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 403, 404, 406, 409 | +| | | | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVm9pZCt | +| | | | qc29uO3E9MS4wO2NoY | +| | | | XJzZXQ9dXRmLTg7dmV | +| | | | yc2lvbj0yLjAsYXBwb | +| | | | GljYXRpb24vanNvbjt | +| | | | xPTEuMDt2ZXJzaW9uP | +| | | | TIuMCwqLyo7cT0xLjA | +| | | | =>`__\ application | +| | | | /Void+json;q=1.0;c | +| | | | harset=utf-8;versi | +| | | | on=2.0,application | +| | | | /json;q=1.0;versio | +| | | | n=2.0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVm9pZCt | +| | | | 4bWw7cT0xLjA7Y2hhc | +| | | | nNldD11dGYtODt2ZXJ | +| | | | zaW9uPTIuMCx0ZXh0L | +| | | | 3htbDtxPTEuMDt2ZXJ | +| | | | zaW9uPTIuMA==>`__\ | +| | | | application/Void+ | +| | | | xml;q=1.0;charset= | +| | | | utf-8;version=2.0, | +| | | | text/xml;q=1.0;ver | +| | | | sion=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | DELETE | /authz/ns/:ns/resp | Remove a | +| | | onsible/:id | Responsible | +| | | | Identity from | +| | | | Namespace | +| | | | | +| | | | Remove an Identity | +| | | | :id to the list of | +| | | | Responsibles for | +| | | | the Namespace :ns | +| | | | | +| | | | Note: :id must be | +| | | | fully qualified | +| | | | | +| | | | | +| | | | Note: A namespace | +| | | | must have at least | +| | | | 1 responsible | +| | | | party | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | ns : string | +| | | | (Required) | +| | | | | +| | | | id : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 403, 404 | +| | | | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVm9pZCt | +| | | | qc29uO3E9MS4wO2NoY | +| | | | XJzZXQ9dXRmLTg7dmV | +| | | | yc2lvbj0yLjAsYXBwb | +| | | | GljYXRpb24vanNvbjt | +| | | | xPTEuMDt2ZXJzaW9uP | +| | | | TIuMCwqLyo7cT0xLjA | +| | | | =>`__\ application | +| | | | /Void+json;q=1.0;c | +| | | | harset=utf-8;versi | +| | | | on=2.0,application | +| | | | /json;q=1.0;versio | +| | | | n=2.0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVm9pZCt | +| | | | 4bWw7cT0xLjA7Y2hhc | +| | | | nNldD11dGYtODt2ZXJ | +| | | | zaW9uPTIuMCx0ZXh0L | +| | | | 3htbDtxPTEuMDt2ZXJ | +| | | | zaW9uPTIuMA==>`__\ | +| | | | application/Void+ | +| | | | xml;q=1.0;charset= | +| | | | utf-8;version=2.0, | +| | | | text/xml;q=1.0;ver | +| | | | sion=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | GET | /authz/ns/attrib/: | get Ns Key List | +| | | key | From Attribute | +| | | | | +| | | | Read Attributes | +| | | | for Namespace | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | key : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 403, 404 | +| | | | | +| | | | Accept: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vS2V5cyt | +| | | | qc29uO3E9MS4wO2NoY | +| | | | XJzZXQ9dXRmLTg7dmV | +| | | | yc2lvbj0yLjAsYXBwb | +| | | | GljYXRpb24vanNvbjt | +| | | | xPTEuMDt2ZXJzaW9uP | +| | | | TIuMCwqLyo7cT0xLjA | +| | | | =>`__\ application | +| | | | /Keys+json;q=1.0;c | +| | | | harset=utf-8;versi | +| | | | on=2.0,application | +| | | | /json;q=1.0;versio | +| | | | n=2.0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vS2V5cyt | +| | | | 4bWw7cT0xLjA7Y2hhc | +| | | | nNldD11dGYtODt2ZXJ | +| | | | zaW9uPTIuMCx0ZXh0L | +| | | | 3htbDtxPTEuMDt2ZXJ | +| | | | zaW9uPTIuMA==>`__\ | +| | | | application/Keys+ | +| | | | xml;q=1.0;charset= | +| | | | utf-8;version=2.0, | +| | | | text/xml;q=1.0;ver | +| | | | sion=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | GET | /authz/nss/:id | Return Information | +| | | | about Namespaces | +| | | | | +| | | | Lists the | +| | | | Admin(s), | +| | | | Responsible | +| | | | Party(s), Role(s), | +| | | | Permission(s) | +| | | | | +| | | | Credential(s) and | +| | | | Expiration of | +| | | | Credential(s) in | +| | | | Namespace :id | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | id : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 404, 406 | +| | | | | +| | | | Accept: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vTnNzK2p | +| | | | zb247cT0xLjA7Y2hhc | +| | | | nNldD11dGYtODt2ZXJ | +| | | | zaW9uPTIuMCxhcHBsa | +| | | | WNhdGlvbi9qc29uO3E | +| | | | 9MS4wO3ZlcnNpb249M | +| | | | i4wLCovKjtxPTEuMA= | +| | | | =>`__\ application | +| | | | /Nss+json;q=1.0;ch | +| | | | arset=utf-8;versio | +| | | | n=2.0,application/ | +| | | | json;q=1.0;version | +| | | | =2.0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vTnNzK3h | +| | | | tbDtxPTEuMDtjaGFyc | +| | | | 2V0PXV0Zi04O3ZlcnN | +| | | | pb249Mi4wLHRleHQve | +| | | | G1sO3E9MS4wO3ZlcnN | +| | | | pb249Mi4w>`__\ app | +| | | | lication/Nss+xml;q | +| | | | =1.0;charset=utf-8 | +| | | | ;version=2.0,text/ | +| | | | xml;q=1.0;version= | +| | | | 2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | GET | /authz/nss/admin/: | Return Namespaces | +| | | user | where User is an | +| | | | Admin | +| | | | | +| | | | Accept: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vTnNzK2p | +| | | | zb247cT0xLjA7Y2hhc | +| | | | nNldD11dGYtODt2ZXJ | +| | | | zaW9uPTIuMCxhcHBsa | +| | | | WNhdGlvbi9qc29uO3E | +| | | | 9MS4wO3ZlcnNpb249M | +| | | | i4wLCovKjtxPTEuMA= | +| | | | =>`__\ application | +| | | | /Nss+json;q=1.0;ch | +| | | | arset=utf-8;versio | +| | | | n=2.0,application/ | +| | | | json;q=1.0;version | +| | | | =2.0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vTnNzK3h | +| | | | tbDtxPTEuMDtjaGFyc | +| | | | 2V0PXV0Zi04O3ZlcnN | +| | | | pb249Mi4wLHRleHQve | +| | | | G1sO3E9MS4wO3ZlcnN | +| | | | pb249Mi4w>`__\ app | +| | | | lication/Nss+xml;q | +| | | | =1.0;charset=utf-8 | +| | | | ;version=2.0,text/ | +| | | | xml;q=1.0;version= | +| | | | 2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | GET | /authz/nss/childre | Return Child | +| | | n/:id | Namespaces | +| | | | | +| | | | Lists all Child | +| | | | Namespaces of | +| | | | Namespace :id | +| | | | | +| | | | Note: This is not | +| | | | a cached read | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | id : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 403, 404 | +| | | | | +| | | | Accept: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vTnNzK2p | +| | | | zb247cT0xLjA7Y2hhc | +| | | | nNldD11dGYtODt2ZXJ | +| | | | zaW9uPTIuMCxhcHBsa | +| | | | WNhdGlvbi9qc29uO3E | +| | | | 9MS4wO3ZlcnNpb249M | +| | | | i4wLCovKjtxPTEuMA= | +| | | | =>`__\ application | +| | | | /Nss+json;q=1.0;ch | +| | | | arset=utf-8;versio | +| | | | n=2.0,application/ | +| | | | json;q=1.0;version | +| | | | =2.0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vTnNzK3h | +| | | | tbDtxPTEuMDtjaGFyc | +| | | | 2V0PXV0Zi04O3ZlcnN | +| | | | pb249Mi4wLHRleHQve | +| | | | G1sO3E9MS4wO3ZlcnN | +| | | | pb249Mi4w>`__\ app | +| | | | lication/Nss+xml;q | +| | | | =1.0;charset=utf-8 | +| | | | ;version=2.0,text/ | +| | | | xml;q=1.0;version= | +| | | | 2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | GET | /authz/nss/either/ | Return Namespaces | +| | | :user | where User Admin | +| | | | or Owner | +| | | | | +| | | | Accept: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vTnNzK2p | +| | | | zb247cT0xLjA7Y2hhc | +| | | | nNldD11dGYtODt2ZXJ | +| | | | zaW9uPTIuMCxhcHBsa | +| | | | WNhdGlvbi9qc29uO3E | +| | | | 9MS4wO3ZlcnNpb249M | +| | | | i4wLCovKjtxPTAuOA= | +| | | | =>`__\ application | +| | | | /Nss+json;q=1.0;ch | +| | | | arset=utf-8;versio | +| | | | n=2.0,application/ | +| | | | json;q=1.0;version | +| | | | =2.0,\*/\*;q=0.8 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vTnNzK3h | +| | | | tbDtxPTEuMDtjaGFyc | +| | | | 2V0PXV0Zi04O3ZlcnN | +| | | | pb249Mi4wLHRleHQve | +| | | | G1sO3E9MS4wO3ZlcnN | +| | | | pb249Mi4w>`__\ app | +| | | | lication/Nss+xml;q | +| | | | =1.0;charset=utf-8 | +| | | | ;version=2.0,text/ | +| | | | xml;q=1.0;version= | +| | | | 2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | GET | /authz/nss/respons | Return Namespaces | +| | | ible/:user | where User is | +| | | | Responsible | +| | | | | +| | | | Accept: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vTnNzK2p | +| | | | zb247cT0xLjA7Y2hhc | +| | | | nNldD11dGYtODt2ZXJ | +| | | | zaW9uPTIuMCxhcHBsa | +| | | | WNhdGlvbi9qc29uO3E | +| | | | 9MS4wO3ZlcnNpb249M | +| | | | i4wLCovKjtxPTEuMA= | +| | | | =>`__\ application | +| | | | /Nss+json;q=1.0;ch | +| | | | arset=utf-8;versio | +| | | | n=2.0,application/ | +| | | | json;q=1.0;version | +| | | | =2.0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vTnNzK3h | +| | | | tbDtxPTEuMDtjaGFyc | +| | | | 2V0PXV0Zi04O3ZlcnN | +| | | | pb249Mi4wLHRleHQve | +| | | | G1sO3E9MS4wO3ZlcnN | +| | | | pb249Mi4w>`__\ app | +| | | | lication/Nss+xml;q | +| | | | =1.0;charset=utf-8 | +| | | | ;version=2.0,text/ | +| | | | xml;q=1.0;version= | +| | | | 2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| USER | GET | /authn/basicAuth | Is given BasicAuth | +| | | | valid? | +| | | | | +| | | | !!!! DEPRECATED | +| | | | without X509 | +| | | | Authentication | +| | | | STOP USING THIS | +| | | | API BY DECEMBER | +| | | | 2017, or use | +| | | | Certificates !!!! | +| | | | Use | +| | | | /authn/validate | +| | | | instead Note: | +| | | | Validate a | +| | | | Password using | +| | | | BasicAuth Base64 | +| | | | encoded Header. | +| | | | This HTTP/S call | +| | | | is intended as a | +| | | | fast User/Password | +| | | | lookup for | +| | | | Security | +| | | | Frameworks, and | +| | | | responds 200 if it | +| | | | passes BasicAuth | +| | | | security, and 403 | +| | | | if it does not. | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 403 | +| | | | | +| | | | Accept: | +| | | | | +| | | | text/plain | ++--------------------+--------------------+--------------------+--------------------+ +| | POST | /authn/validate | Is given | +| | | | Credential valid? | +| | | | | +| | | | Validate a | +| | | | Credential given a | +| | | | Credential | +| | | | Structure. This is | +| | | | a more | +| | | | comprehensive | +| | | | validation, can do | +| | | | more than | +| | | | BasicAuth as | +| | | | Credential types | +| | | | exp | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 403 | +| | | | | +| | | | ContentType: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vQ3JlZFJ | +| | | | lcXVlc3QranNvbjtxP | +| | | | TEuMDtjaGFyc2V0PXV | +| | | | 0Zi04O3ZlcnNpb249M | +| | | | i4wLGFwcGxpY2F0aW9 | +| | | | uL2pzb247cT0xLjA7d | +| | | | mVyc2lvbj0yLjAsKi8 | +| | | | qO3E9MS4w>`__\ app | +| | | | lication/CredReque | +| | | | st+json;q=1.0;char | +| | | | set=utf-8;version= | +| | | | 2.0,application/js | +| | | | on;q=1.0;version=2 | +| | | | .0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vQ3JlZFJ | +| | | | lcXVlc3QreG1sO3E9M | +| | | | S4wO2NoYXJzZXQ9dXR | +| | | | mLTg7dmVyc2lvbj0yL | +| | | | jAsdGV4dC94bWw7cT0 | +| | | | xLjA7dmVyc2lvbj0yL | +| | | | jA=>`__\ applicati | +| | | | on/CredRequest+xml | +| | | | ;q=1.0;charset=utf | +| | | | -8;version=2.0,tex | +| | | | t/xml;q=1.0;versio | +| | | | n=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | GET | /authz/users/:user | Get if User is In | +| | | /:role | Role | +| | | | | +| | | | Accept: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVXNlcnM | +| | | | ranNvbjtxPTEuMDtja | +| | | | GFyc2V0PXV0Zi04O3Z | +| | | | lcnNpb249Mi4wLGFwc | +| | | | GxpY2F0aW9uL2pzb24 | +| | | | 7cT0xLjA7dmVyc2lvb | +| | | | j0yLjAsKi8qO3E9MS4 | +| | | | w>`__\ application | +| | | | /Users+json;q=1.0; | +| | | | charset=utf-8;vers | +| | | | ion=2.0,applicatio | +| | | | n/json;q=1.0;versi | +| | | | on=2.0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVXNlcnM | +| | | | reG1sO3E9MS4wO2NoY | +| | | | XJzZXQ9dXRmLTg7dmV | +| | | | yc2lvbj0yLjAsdGV4d | +| | | | C94bWw7cT0xLjA7dmV | +| | | | yc2lvbj0yLjA=>`__\ | +| | | | application/Users | +| | | | +xml;q=1.0;charset | +| | | | =utf-8;version=2.0 | +| | | | ,text/xml;q=1.0;ve | +| | | | rsion=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | GET | /authz/users/perm/ | Get Users By | +| | | :type/:instance/:a | Permission | +| | | ction | | +| | | | List all Users | +| | | | that have | +| | | | Permission | +| | | | specified by :type | +| | | | :instance :action | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | type : string | +| | | | (Required) | +| | | | | +| | | | instance : string | +| | | | (Required) | +| | | | | +| | | | action : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 404, 406 | +| | | | | +| | | | Accept: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVXNlcnM | +| | | | ranNvbjtxPTEuMDtja | +| | | | GFyc2V0PXV0Zi04O3Z | +| | | | lcnNpb249Mi4wLGFwc | +| | | | GxpY2F0aW9uL2pzb24 | +| | | | 7cT0xLjA7dmVyc2lvb | +| | | | j0yLjAsKi8qO3E9MS4 | +| | | | w>`__\ application | +| | | | /Users+json;q=1.0; | +| | | | charset=utf-8;vers | +| | | | ion=2.0,applicatio | +| | | | n/json;q=1.0;versi | +| | | | on=2.0,\*/\*;q=1.0 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVXNlcnM | +| | | | reG1sO3E9MS4wO2NoY | +| | | | XJzZXQ9dXRmLTg7dmV | +| | | | yc2lvbj0yLjAsdGV4d | +| | | | C94bWw7cT0xLjA7dmV | +| | | | yc2lvbj0yLjA=>`__\ | +| | | | application/Users | +| | | | +xml;q=1.0;charset | +| | | | =utf-8;version=2.0 | +| | | | ,text/xml;q=1.0;ve | +| | | | rsion=2.0 | ++--------------------+--------------------+--------------------+--------------------+ +| | GET | /authz/users/role/ | Get Users By Role | +| | | :role | | +| | | | Returns the User | +| | | | (with Expiration | +| | | | date from listed | +| | | | User/Role) if it | +| | | | exists | +| | | | | +| | | | -------------- | +| | | | | +| | | | Parameters | +| | | | | +| | | | user : string | +| | | | (Required) | +| | | | | +| | | | role : string | +| | | | (Required) | +| | | | | +| | | | Expected HTTP Code | +| | | | | +| | | | 200 | +| | | | | +| | | | Explicit HTTP | +| | | | Error Codes | +| | | | | +| | | | 403, 404, 406 | +| | | | | +| | | | Accept: | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVXNlcnM | +| | | | ranNvbjtxPTEuMDtja | +| | | | GFyc2V0PXV0Zi04O3Z | +| | | | lcnNpb249Mi4wLGFwc | +| | | | GxpY2F0aW9uL2pzb24 | +| | | | 7cT0xLjA7dmVyc2lvb | +| | | | j0yLjAsKi8qO3E9MC4 | +| | | | y>`__\ application | +| | | | /Users+json;q=1.0; | +| | | | charset=utf-8;vers | +| | | | ion=2.0,applicatio | +| | | | n/json;q=1.0;versi | +| | | | on=2.0,\*/\*;q=0.2 | +| | | | | +| | | | ` <./example/YXBwb | +| | | | GljYXRpb24vVXNlcnM | +| | | | reG1sO3E9MS4wO2NoY | +| | | | XJzZXQ9dXRmLTg7dmV | +| | | | yc2lvbj0yLjAsdGV4d | +| | | | C94bWw7cT0xLjA7dmV | +| | | | yc2lvbj0yLjA=>`__\ | +| | | | application/Users | +| | | | +xml;q=1.0;charset | +| | | | =utf-8;version=2.0 | +| | | | ,text/xml;q=1.0;ve | +| | | | rsion=2.0 | ++--------------------+--------------------+--------------------+--------------------+ + diff --git a/docs/index.rst b/docs/index.rst index 6f90b146..03195bd6 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -2,7 +2,7 @@ .. http://creativecommons.org/licenses/by/4.0 .. Copyright © 2017 AT&T Intellectual Property. All rights reserved. -AAF - Application Authorization FrameworK +AAF - Application Authorization Framework ================================================== .. The purpose of AAF (Application Authorization Framework) is to organize software authorizations so that applications, tools and services can match the access needed to perform job functions. @@ -15,14 +15,16 @@ To be effective during a computer transaction, Security must not only be secure, .. toctree:: - :maxdepth: 1 + :maxdepth: 2 + + AAF-API-Documentation/AAF-API-Documentation Introduction ------------ AAF contains some elements of Role Based Authorization, but includes Attribute Based Authorization elements as well. -.. image:: aaf-om.jpeg +.. image:: aaf-object-model.jpeg :height: 600 px :width: 800 px :scale: 100 % diff --git a/pom.xml b/pom.xml index 6089e173..33d432e7 100644 --- a/pom.xml +++ b/pom.xml @@ -31,11 +31,11 @@ pom https://github.com/att/AAF - - org.onap.oparent - oparent - 1.0.0-SNAPSHOT - + + org.onap.oparent + oparent + 0.1.1 + @@ -121,6 +121,11 @@ **/JU_CachingFileAccess.java **/JU_DefaultOrg.java + **/JU_FileServer.java + **/JU_DirectAAFLur.java + **/JU_AuthAPI.java + **/JU_GwAPI.java + @@ -198,9 +203,10 @@ - + org.apache.maven.plugins maven-javadoc-plugin + 2.10.4 false @@ -213,7 +219,8 @@ - + + org.apache.maven.plugins @@ -528,32 +535,5 @@ dav:${nexusproxy}${sitePath} - - - onap-plugin-snapshots - https://nexus.onap.org/content/repositories/snapshots/ - - - - - - central - Maven 2 repository 2 - http://repo2.maven.org/maven2/ - - - onap-jar-snapshots - https://nexus.onap.org/content/repositories/snapshots - - - spring-repo - Spring repo - https://artifacts.alfresco.com/nexus/content/repositories/public/ - - - repository.jboss.org-public - JBoss.org Maven repository - https://repository.jboss.org/nexus/content/groups/public - - + -- cgit 1.2.3-korg