Versions Compared

Old Version 81

changes.mady.by.user Bruce Hoff

Saved on

compared with

New Version 82

changes.mady.by.user John Hill

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

and a plain text body:  "The token provided was invalid or expired."

API for Authorization

Default groups

Currently, there are two default groups that can be used to set permissions:

Group Name

Description

PUBLIC

All users belong to this group. This is the only group that the anonymous@sagebase.org user belongs to. The anonymous user is used for anyone that has not logged in to Synapse. Therefore, granting permission to PUBLIC will grant that permission to everyone including users that have not logged in.

AUTHENTICATED_USERS

All users that have logged in will automatically belong to this group. Therefore, granting permissions to AUTHENTICATED_USERS will grant that permission to any user that has logged in to Synapse.

Get the users who can be added to a resource's ACL

Code Block
GET https://repo-staging.sagebase.org/repo/v1/user
Code Block
[
  {"name":"anonymousanonymous@sagebase.org","id":"3","creationDate":1307402971000,"uri":null,"etag":null,"individual":true},
  {"name":"foo@sagebase.org","id":"4","creationDate":1307403226000,"uri":null,"etag":null,"individual":true}
]

...

Code Block
GET https://repo-staging.sagebase.org/repo/v1/userGroup
Code Block

[
  repo/v1/userGroup
Code Block

[
  {"name":"AUTHENTICATED_USERS","id":"1","creationDate":1307141423000,"uri":null,"etag":null,"individual":false},
  {"name":"Identified UsersPUBLIC","id":"12","creationDate":1307141423000,"uri":null,"etag":null,"individual":false},
  {"name":"Federation Group","id":"23","creationDate":1307141423000,"uri":null,"etag":null,"individual":false}
]

Note: The "idname" fields returned from /user and /userGroup are used in the "userGroupIdgroupName" fields in the ACLs shown below.

...

Returns the ACL for the node responsible for the given node's permissions. Note: In the following example, 'resourceIdid' is the id of the node to which permissions are attached, either rid or one of rid's ancestors; 'resource_type' is the type of rid (project, dataset, layer, etc.)are attached; there is one 'resourceAccess' entry per UserGroup (aka 'principal') having access to the resource; 'userGroupIdgroupName' is the id name of the UserGroup object; 'accessType' is the list of types of access the given UserGroup has to the given resource.

...

Code Block
{"id":"1",
 "creationDate":1307141851484,
 "uri":null,
 "etag":"0",
 "createdBy":"admin",
 "resourceId":"1",
 "resourceAccess":[
	{"id":"1",
	 "userGroupIdgroupName":"4PUBLIC",
	 "accessType":["READ","CHANGE_PERMISSIONS","DELETE","UPDATE","CREATE"]
	}
 ],
 "modifiedBy":"admin",
 "modifiedOn":1307141851483
}

...

Code Block
POST https://repo-staging.sagebase.org/repo/v1/{resource_type}/{rid}/acl
{
 "resourceId":{rid},
 "resourceAccess":[
	{"userGroupIdgroupName":"4PUBLIC",
	 "accessType":["READ","CHANGE_PERMISSIONS","DELETE","UPDATE","CREATE"]
	}
 ]
}

...

Code Block
PUT https://repo-staging.sagebase.org/repo/v1/{resource_type}/{rid}/acl
{"id":"1",
 "etag":"0",
 "resourceId":{rid},
 "resourceAccess":[
	{"id":"1",
	 "userGroupIdgroupName":"4PUBLIC",
	 "accessType":["READ","CHANGE_PERMISSIONS","DELETE","UPDATE","CREATE"]
	}
 ],
}

...

Code Block
{
   "id":"3",
   "creationDate":1308274656084,
   "etag":"0",
   "createdBy":"nicole.deflaux@sagebase.org",
   "resourceId":"498",
   "resourceAccess":[
      {
         "id":"4",
         "userGroupIdgroupName":"AUTHENTICATED_USERS"7",
         "accessType":[
            "DELETE",
            "CHANGE_PERMISSIONS",
            "UPDATE",
            "READ",
            "CREATE"
         ]
      }
   ],
   "modifiedBy":"nicole.deflaux@sagebase.org",
   "modifiedOn":1308274656084,
   "uri":"/repo/v1/project/498/acl"
}

...

Code Block
curl -H sessionToken:XXXXXXXXX -H Content-Type:application/json -X PUT -d '{
   "id":"3",
   "creationDate":1308274656084,
   "etag":"0",
   "createdBy":"nicole.deflaux@sagebase.org",
   "resourceId":"498",
   "resourceAccess":[
      {
         "userGroupIdgroupName":"1AUTHENTICATED_USERS",
         "accessType":[
            "READ"
         ]
      },
      {
         "userGroupIdgroupName":"7nicole.deflaux@sagebase.org",
         "accessType":[
            "DELETE",
            "CHANGE_PERMISSIONS",
            "UPDATE",
            "READ",
            "CREATE"
         ]
      },
      {
         "userGroupIdgroupName":"18someuser@sagebase.org",
         "accessType":[
            "DELETE",
            "CHANGE_PERMISSIONS",
            "UPDATE",
            "READ",
            "CREATE"
         ]
      }
   ],
   "modifiedBy":"nicole.deflaux@sagebase.org",
   "modifiedOn":1308274656084,
   "uri":"/repo/v1/project/498/acl"
}' https://repo-staging.sagebase.org/repo/v1/project/498/acl

...

Code Block
{
   "id":"3",
   "creationDate":1308274656084,
   "etag":"0",
   "createdBy":"nicole.deflaux@sagebase.org",
   "resourceId":"498",
   "resourceAccess":[
      {
         "id":null,
         "userGroupIdgroupName":"7someuser@sagebase.org",
         "accessType":[
            "DELETE",
            "UPDATE",
            "CHANGE_PERMISSIONS",
            "READ",
            "CREATE"
         ]
      },
      {
         "id":null,
         "userGroupIdgroupName":"18nicole.deflaux@sagebase.org",
         "accessType":[
            "DELETE",
            "UPDATE",
            "CHANGE_PERMISSIONS",
            "READ",
            "CREATE"
         ]
      },
      {
         "id":null,
         "userGroupIdgroupName":"1AUTHENTICATED_USERS",
         "accessType":[
            "READ"
         ]
      }
   ],
   "modifiedBy":"nicole.deflaux@sagebase.org",
   "modifiedOn":1308274656084,
   "uri":"/repo/v1/project/498/acl"
}