Authorization Service - Permission RESTful APIs - Release v0.7 Alpha
REST-based API for Permission
The Authorization Service offers a REST-based Application Programming Interface (API) to CRUD (create, read, update, and delete) operations on individual permission instances, and on the associated permission and account instances. These follow the Common model for CollectionSpace REST services.
- Authorization Service - Permission RESTful APIs - Release v0.7 Alpha#Permission CRUD+L services
- Authorization Service - Permission RESTful APIs - Release v0.7 Alpha#Permission REST payload schemas
Note that the authorization service does not support extensible schema. That means, the request or response contains the payload only from a single schema, the Content-type header of application/xml is used.
Permission CRUD+L services
Create a Permission
Creates a new Permission record. Assigns a unique, service-specified CollectionSpace ID (CSID) to that Permission record. Follows standard Create model. See the documentation of the Permission schema, below. Example:
POST /cspace-services/authorization/permissions HTTP/1.1
Read a Permission
Reads an existing Permission record, specified by its CollectionSpace ID (CSID). Follows standard Read model. See the documentation of the Permission schema, below. Example:
GET /cspace-services/authorization/permissions/{id} HTTP/1.1
Update a Permission
Updates an existing Permission record, specified by its CollectionSpace ID (CSID). Follows standard Update model. See the documentation of the Permission schema, below. Example:
PUT /cspace-services/authorization/permissions/{id} HTTP/1.1
Delete a Permission
Deletes an existing Permission record, specified by its CollectionSpace ID (CSID). Follows standard Delete model. Example:
DELETE /cspace-services/authorization/permissions/{id} HTTP/1.1
List Permission instances
Lists existing Permission records, with summary information for each. Follows standard List model. See the documentation of the Permission-List schema, below. List supports the following common parameters for List results, pagination controls and query filters:
- pgSz for page size
- pgNum for page size
- res for resource name
Examples:
GET /cspace-services/authorization/permissions/ HTTP/1.1 GET /cspace-services/authorization/permissions/?pgSz=10 HTTP/1.1
Permission REST payload schemas
Permission instance schema
Create and Update should use the following schema.
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <ns2:permission xmlns:ns2="http://collectionspace.org/services/authorization"> <resourceName>accounts</resourceName> <action> <name>CREATE</name> </action> <action> <name>READ</name> </action> <action> <name>UPDATE</name> </action> <action> <name>DELETE</name> </action> <action> <name>SEARCH</name> </action> <effect>PERMIT</effect> </ns2:permission>
Read will return the above, plus additional fields (csid) for access:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <ns2:permission xmlns:ns2="http://collectionspace.org/services/authorization" csid="1e1cf935-6d43-4117-bd34-9f39bd4a00f6"> <resourceName>accounts</resourceName> <action Hjid="1"> <name>CREATE</name> </action> <action Hjid="2"> <name>READ</name> </action> <action Hjid="3"> <name>UPDATE</name> </action> <action Hjid="4"> <name>DELETE</name> </action> <action Hjid="5"> <name>SEARCH</name> </action> <effect>PERMIT</effect> <createdAt>2010-04-12T15:08:48.000</createdAt> </ns2:permission>
Note: Hjid could be ignored. In future revision, it won't be visible in the payload.
Permission-List schema
List (and variants) will return the following schema. Note the standard pagination support.
<?xml version="1.0" encoding="UTF-8" standalone="yes"?> <ns2:permissions_list xmlns:ns2="http://collectionspace.org/services/authorization"> <permission csid="1e1cf935-6d43-4117-bd34-9f39bd4a00f6"> <resourceName>accounts</resourceName> <action Hjid="1"> <name>CREATE</name></action> <action Hjid="2"> <name>READ</name> </action> <action Hjid="3"> <name>UPDATE</name> </action> <action Hjid="4"> <name>DELETE</name> </action> <action Hjid="5"> <name>SEARCH</name> </action> <effect>PERMIT</effect> <createdAt>2010-04-12T15:08:48.000</createdAt> </permission> <permission csid="9eb2a143-6613-4c68-87e3-6d9725871fff"> <resourceName>collectionobjects</resourceName> <action Hjid="6"> <name>CREATE</name> </action> <action Hjid="7"> <name>READ</name> </action> <action Hjid="8"> <name>UPDATE</name> </action> <action Hjid="9"> <name>DELETE</name> </action> <action Hjid="10"> <name>SEARCH</name> </action> <effect>PERMIT</effect> <createdAt>2010-04-12T15:08:58.000</createdAt> </permission>