Custom Sources Document Permissions API Reference

edit

Custom Sources Document Permissions API Reference

edit

This is a technical API reference. Refer to the Document permissions for Custom Sources guide for a conceptual walkthrough.

POST http://localhost:3002/api/ws/v1/sources/[KEY]/permissions

key

required

Unique key for a Custom API source, provided upon creation of a Custom API Source.

auth_token

required

Must be included in HTTP authorization headers.

user

required

The [USER_NAME] can be placed into the request URL or in the request user field in the request body. You need to include a username, but where you put it is up to you. Username might reflect an Elasticsearch user: example.mcname, or whatever convention you’ve chosen to use.

permissions

required

The permissions array can accept any grouping of string values. The values must match those in the _allow_permissions and/or _deny_permissions field of a document. For example, if permission1 is given to _deny_permissions, then any user with permission1 assigned will be unable to access the document. Read the Document permissions for Custom Sources to learn more.

Adding Permissions

edit

Add new permissions to a user.

There are two options:

  1. Add Permissions in Bulk: Create a new set of permissions or over-write all existing permissions.
  2. Add a Single Permission: Add one or more new permissions atop existing permissions.

Adding Permissions in Bulk

edit

POST /api/ws/v1/sources/[KEY]/permissions

Create a set of permissions or overwrite existing permissions.

 ----
 curl -X POST http://localhost:3002/api/ws/v1/sources/[KEY]/permissions \
 -H "Authorization: Bearer [AUTH_TOKEN]" \
 -H "Content-Type: application/json" \
 -d '{
   "user": "[USER_NAME]"
   "permissions": ["permission1", "permission2", "permission3"]
 }'
----
 ----
 {
   "user": "[USER_NAME]",
   "permissions": [
     "permission1",
     "permission2",
     "permission3"
   ]
 }
----

Adding a Single Permission

edit

POST /api/ws/v1/sources/[KEY]/permissions/[USER_NAME]

Add one or more permission for a given user. Permissions are added atop the existing.

curl -X POST http://localhost:3002/api/ws/v1/sources/[KEY]/permissions/[USER_NAME]/add \
-H "Authorization: Bearer [AUTH_TOKEN]" \
-H "Content-Type: application/json" \
-d '{
  "permissions": ["permission4"]
}'
{
  "user": "[USER_NAME]",
  "permissions": [
    "permission1",
    "permission2",
    "permission3",
    "permission4"
  ]
}

Removing Permissions

edit

Remove permissions from a user.

There are two options:

  1. Remove All Permissions: Clear all permissions for a given user. Restores an empty array.
  2. Remove a Single Permission: Remove one or more permission from an existing set of permissions.

Removing All Permissions

edit

POST /api/ws/v1/sources/[KEY]/permissions

Batch remove all permissions from a user. Provide an empty array to permissions to clear all values.

curl -X POST http://localhost:3002/api/ws/v1/sources/[KEY]/permissions \
-H "Authorization: Bearer [AUTH_TOKEN]" \
-H "Content-Type: application/json" \
-d '{
  "user": [USER_NAME],
  "permissions": []
}'
{
  "user": "[USER_NAME]",
  "permissions": []
}

Removing a Single Permission

edit

POST /api/ws/v1/sources/[KEY]/permissions/[USER_NAME]/remove

Remove one or more permission for a given user.

curl -X POST http://localhost:3002/api/ws/v1/sources/[KEY]/permissions/[USER_NAME]/remove \
-H "Authorization: Bearer [AUTH_TOKEN]" \
-H "Content-Type: application/json" \
-d '{
  "permissions": ["permission1"]
}'
{
  "user": "[USER_NAME]",
  "permissions": [
    "permission2",
    "permission3",
    "permission4"
  ]
}

Listing Permissions

edit

List permissions for one or all users, paginated.

Listing All Permissions

edit

GET /api/ws/v1/sources/[KEY]/permissions

List all permissions for all users.

curl -X Get http://localhost:3002/api/ws/v1/sources/[KEY]/permissions \
-H "Authorization: Bearer [AUTH_TOKEN]" \
-H "Content-Type: application/json" \
-d '{
  "page": {
    "current":1,
    "size":25
  }
}'
{
  "user": "user1",
  "permissions": [
    "permission2",
    "permission3",
    "permission4"
  ],
  "user": "user2",
  "permissions": [
    "permission2",
    "permission4"
  ]
}

Pagination can be provided:

curl -X POST http://localhost:3002/api/ws/v1/sources/[KEY]/permissions/[USER_NAME]/remove \
-H "Authorization: Bearer [AUTH_TOKEN]" \
-H "Content-Type: application/json" \
-d '{
  "permissions": ["permission1"]
}'
{
  "user": "[USER_NAME]",
  "permissions": [
    "permission2",
    "permission3",
    "permission4"
  ]
}

Listing Permissions for a User

edit

GET /api/ws/v1/sources/[KEY]/permissions/[USER_NAME]

List permissions for a user.

curl -X Get http://localhost:3002/api/ws/v1/sources/[KEY]/permissions/[USER_NAME] \
-H "Authorization: Bearer [AUTH_TOKEN]" \
-H "Content-Type: application/json"
{
  "user": "[USER_NAME]",
  "permissions": [
    "permission2",
    "permission3",
    "permission4"
  ]
}