Rule Based Access Control

Summary

Rule based access control

Description

A service to query the roles and access controls available to users on the system.

Resources

Resource	Since Version	Description
GET /rbac/rbac/currentuser		Returns the name of the current user
POST /rbac/rbac/login		Login
GET /rbac/rbac/logout		Logs out a user by returning a redirect with URL containing invalid credentials
GET /rbac/rbac/permissions		Deprecated.
GET /rbac/rbac/permissions/currentuser		Returns the user permissions of the current user
GET /rbac/rbac/permissions/roles		Returns a list of roles and permissions ACL available per role.

GET /rbac/rbac/currentuser

Summary

Returns the name of the current user

Description

none

Parameters

none

Status Codes

HTTP Status Code	Reason
200	OK
500	Internal Server Error

Return Value

String

Example

GET https://localhost:8075/rbac/rbac/currentuser

Response
HTTP 1.1 200 OK

{
  "result" : "admin"
}

POST /rbac/rbac/login

Summary

Description

none

Parameters

Parameter	Description	Data Type	Location	Required	Multiple
`username`		String	form
`password`		String	form

Status Codes

HTTP Status Code	Reason
200	OK

GET /rbac/rbac/logout

Summary

Logs out a user by returning a redirect with URL containing invalid credentials

Description

none

Parameters

Parameter	Description	Data Type	Location	Required	Multiple
`request.preventCache`		String	query

Status Codes

HTTP Status Code	Reason
301	Moved Permanently

GET /rbac/rbac/permissions

Summary

Deprecated.

Description

Deprecated - use /permissions/roles instead

Parameters

Parameter	Description	Data Type	Location	Required	Multiple
`role`		String	query

Status Codes

HTTP Status Code	Reason
200	OK
500	Internal Server Error

GET /rbac/rbac/permissions/currentuser

Summary

Returns the user permissions of the current user

Description

Returns the user permissions of the current user

Parameters

none

Status Codes

HTTP Status Code	Reason
200	OK
500	Internal Server Error

Returns Class

UserPermissions

Example

GET https://localhost:8075/rbac/rbac/permissions/currentuser

Response
HTTP 1.1 200 OK

{
  "result" : {
    "user" : "admin",
    "permissions" : [ "monitoring", "traffic_monitor", "adminusers_reset", "logs", "dashboard_modify", "events", "settings", "deploy", "ama", "kps", "mgmt", "adminusers", "emc", "mgmt_modify", "domain_audit", "config", "settings_modify", "dashboard", "adminusers_modify", "ama_modify" ]
  }
}

GET /rbac/rbac/permissions/roles

Summary

Returns a list of roles and permissions ACL available per role.

Description

If role name are not supplied, all roles are returned. If role name are supplied, ACL permissions are returned per requested role(s).

Parameters

Parameter	Description	Data Type	Location	Required	Multiple
`name`	The role names to get	String	query	Required	Multiple

Status Codes

HTTP Status Code	Reason
200	OK
500	Internal Server Error

Returns Class

ACLPermissions

Example

GET https://localhost:8075/rbac/rbac/permissions/roles?name=Policy%20Developer

Response
HTTP 1.1 200 OK

{
  "result" : {
    "roles" : {
      "Policy Developer" : [ "mgmt", "adminusers_reset", "config", "deploy" ]
    }
  }
}