Versions Compared

Old Version 79

changes.mady.by.user Bruce Hoff

Saved on

compared with

New Version 80

changes.mady.by.user Mike Kellen (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Create User

Code Block
POST https://auth-staging-auth.elasticbeanstalksagebase.comorg/auth/v1/user
{"email":"demouser@sagebase.org", "firstName":"demo", "lastName":"user", "displayName":"Demo User"}

...

Retrieves the user based on the session token header, which is required.  Note:  the "password" field will be null, since retrieving a user's password is not permitted.

Code Block
GET https://auth-staging-auth.elasticbeanstalksagebase.comorg/auth/v1/user
Code Block
HTTP/1.1 200 OK
Content-Type: application/json
{
  "displayName": "Demo User",
  "email": "demouser@sagebase.org",
  "firstName": "demo",
  "lastName": "user",
  "password": null
}

Update User

Code Block
PUT https://auth-staging-auth.elasticbeanstalksagebase.comorg/auth/v1/user
sessionToken:<sessionToken>
{"email":"demouser@sagebase.org", "firstName":"demo", "lastName":"user", "displayName":"Demo User"}

...

Send Change-Password Email

Code Block
POST https://auth-staging-auth.elasticbeanstalksagebase.comorg/auth/v1/userPasswordEmail
{"email":"demouser@sagebase.org"}

...

Send Set-API-Password Email

Code Block
POST https://auth-staging-auth.elasticbeanstalksagebase.comorg/auth/v1/apiPasswordEmail
{"email":"demouser@sagebase.org"}

...

Set Password

Code Block
POST https://auth-staging-auth.elasticbeanstalksagebase.comorg/auth/v1/userPassword
{"email":"demouser@sagebase.org", "password":"foobar"}

...

Request:

Code Block
POST https://auth-staging-auth.elasticbeanstalksagebase.comorg/auth/v1/session
{"email":"demouser@sagebase.org", "password":"demouser-pw"}

...

Code Block
HTTP/1.1 400 Bad Request
AuthenticationURL: https://auth-staging-auth.elasticbeanstalksagebase.comorg/auth/v1/session
Content-Type: application/json
{"reason":"Unable to authenticate."}

...

Request:

Code Block
PUT https://auth-staging-auth.elasticbeanstalksagebase.comorg/auth/v1/session
{"sessionToken":"AYcOhWIm9NdOC6BdzzzisQ00"}

...

Code Block
DELETE https://auth-staging-auth.elasticbeanstalksagebase.comorg/auth/v1/session
{"sessionToken":"AYcOhWIm9NdOC6BdzzzisQ00"}

...

Create User:
curl -k -H "Content-Type:application/json" -H "Accept:application/json" -d "{\"email\":\"demouser@sagebase.org\", \"firstName\":\"demo\", \"lastName\":\"user\", \"displayName\":\"Demo User\"}" -X POST https://auth-staging-auth.elasticbeanstalksagebase.comorg/auth/v1/user

Update User:
curl -k -H "Content-Type:application/json" -H "Accept:application/json" -d "{\"email\":\"demouser@sagebase.org\", \"firstName\":\"NEWdemo\", \"lastName\":\"NEWuser\", \"displayName\":\"NEWDemo User\"}" -X PUT https://auth-staging-auth.elasticbeanstalksagebase.comorg/auth/v1/user

Send Change Password Email:
curl -k -H "Content-Type:application/json" -H "Accept:application/json" -d "{\"email\":\"demouser@sagebase.org\"}" -X POST https://auth-staging-auth.elasticbeanstalksagebase.comorg/auth/v1/userPasswordEmail

Login:
curl -k -H "Content-Type:application/json" -H "Accept:application/json" -d "{\"email\":\"demouser@sagebase.org\", \"password\":\"demouser-pw\"}" -X POST https://auth-staging-auth.elasticbeanstalksagebase.comorg/auth/v1/session

Refresh session token:

curl -k -H "Content-Type:application/json" -H "Accept:application/json" -d "{\"sessionToken\":\"QYNoamrOKK0dBhjZOFfbAg00\"}" -X PUT https://auth-staging-auth.elasticbeanstalksagebase.comorg/auth/v1/session

Logout:
curl -k -H "Content-Type:application/json" -H "Accept:application/json" -d "{\"sessionToken\":\"QYNoamrOKK0dBhjZOFfbAg00\"}" -X DELETE https://auth-staging-auth.elasticbeanstalksagebase.comorg/auth/v1/session

Access repository services anonymously:
curl -H Accept:application/json https://repo-staging-reposervice.elasticbeanstalksagebase.comorg/repo/v1/dataset/test

Access repository services with session token (obtained by logging in):
curl -H Accept:application/json -H sessionToken:AprxPRzpmaPm7FXzV1ik0w00 https://repo-staging-reposervice.elasticbeanstalksagebase.comorg/repo/v1/dataset/test

Authentication of Requests to Platform

...

Get the users who can be added to a resource's ACL

Code Block
GET https://repo-staging-reposervice.elasticbeanstalksagebase.comorg/repo/v1/user
Code Block
[
  {"name":"anonymous","id":"3","creationDate":1307402971000,"uri":null,"etag":null,"individual":true},
  {"name":"foo@sagebase.org","id":"4","creationDate":1307403226000,"uri":null,"etag":null,"individual":true}
]

Get the groups who can be added to a resource's ACL

Code Block
GET https://repo-staging-reposervice.elasticbeanstalksagebase.comorg/repo/v1/userGroup
Code Block
[
  {"name":"Identified Users","id":"1","creationDate":1307141423000,"uri":null,"etag":null,"individual":false},
  {"name":"Federation Group","id":"2","creationDate":1307141423000,"uri":null,"etag":null,"individual":false}
]

...

Returns the ACL for the node responsible for the given node's permissions. Note: In the following example, 'resourceId' is the id of the node to which permissions are attached, either rid or one of rid's ancestors; 'resource_type' is the type of rid (project, dataset, layer, etc.); there is one 'resourceAccess' entry per UserGroup (aka 'principal') having access to the resource; 'userGroupId' is the id of the UserGroup object; 'accessType' is the list of types of access the given UserGroup has to the given resource.

Code Block
GET https://repo-staging-reposervice.elasticbeanstalksagebase.comorg/repo/v1/{resource_type}/{rid}/acl

...

Note: This is only used when the resource 'rid' currently inherits its access control list from an ancestor. This request causes 'rid' to cease ACL inheritance and instead use the ACL passed in with the request.

Code Block
POST https://repo-staging-reposervice.elasticbeanstalksagebase.comorg/repo/v1/{resource_type}/{rid}/acl
{
 "resourceId":{rid},
 "resourceAccess":[
	{"userGroupId":"4",
	 "accessType":["READ","CHANGE_PERMISSIONS","DELETE","UPDATE","CREATE"]
	}
 ]
}

...

Note: This is only used when a "resourceId" already specifies its access control list (does not inherit from an ancestor).

Code Block
PUT https://repo-staging-reposervice.elasticbeanstalksagebase.comorg/repo/v1/{resource_type}/{rid}/acl
{"id":"1",
 "etag":"0",
 "resourceId":{rid},
 "resourceAccess":[
	{"id":"1",
	 "userGroupId":"4",
	 "accessType":["READ","CHANGE_PERMISSIONS","DELETE","UPDATE","CREATE"]
	}
 ],
}

...

Code Block
DELETE https://repo-staging-reposervice.elasticbeanstalksagebase.comorg/repo/v1/{resource_type}/{rid}/acl

...

Note: The query is asked for the user who is implied by the session token, or 'anonymous' if there is no token.

Code Block
GET https://repo-staging-reposervice.elasticbeanstalksagebase.comorg/repo/v1/{resource_type}/{rid}/access?accessType={accessType}

...

Code Block
curl -H sessionToken:XXXXXXXXXXXXXXXXXX -H Content-Type:application/json -k  https://reposvcrepo-alphastaging.sagebase.org/repo/v1/project/498/acl

...

Code Block
curl -H sessionToken:XXXXXXXXX -H Content-Type:application/json -X PUT -d '{
   "id":"3",
   "creationDate":1308274656084,
   "etag":"0",
   "createdBy":"nicole.deflaux@sagebase.org",
   "resourceId":"498",
   "resourceAccess":[
      {
         "userGroupId":"1",
         "accessType":[
            "READ"
         ]
      },
      {
         "userGroupId":"7",
         "accessType":[
            "DELETE",
            "CHANGE_PERMISSIONS",
            "UPDATE",
            "READ",
            "CREATE"
         ]
      },
      {
         "userGroupId":"18",
         "accessType":[
            "DELETE",
            "CHANGE_PERMISSIONS",
            "UPDATE",
            "READ",
            "CREATE"
         ]
      }
   ],
   "modifiedBy":"nicole.deflaux@sagebase.org",
   "modifiedOn":1308274656084,
   "uri":"/repo/v1/project/498/acl"
}' https://reposvcrepo-alphastaging.sagebase.org/repo/v1/project/498/acl

...