REST-based API for Permission

The Authorization Service offers a REST-based Application Programming Interface (API) to CRUD (create, read, update, and delete) operations on individual permission instances, and on the associated permission and account instances. These follow the Common model for CollectionSpace REST services.

Authorization Service - Permission RESTful APIs - Release v0.7 Alpha#Permission CRUD+L services
Authorization Service - Permission RESTful APIs - Release v0.7 Alpha#Permission REST payload schemas

Note that the authorization service does not support extensible schema. That means, the request or response contains the payload only from a single schema, the Content-type header of application/xml is used.

Permission CRUD+L services

Create a Permission

Creates a new Permission record. Assigns a unique, service-specified CollectionSpace ID (CSID) to that Permission record. Follows standard Create model. See the documentation of the Permission schema, below. Example:

POST /cspace-services/authorization/permissions HTTP/1.1

Read a Permission

Reads an existing Permission record, specified by its CollectionSpace ID (CSID). Follows standard Read model. See the documentation of the Permission schema, below. Example:

GET /cspace-services/authorization/permissions/{id} HTTP/1.1

Update a Permission

Updates an existing Permission record, specified by its CollectionSpace ID (CSID). Follows standard Update model. See the documentation of the Permission schema, below. Example:

PUT /cspace-services/authorization/permissions/{id} HTTP/1.1

Delete a Permission

Deletes an existing Permission record, specified by its CollectionSpace ID (CSID). Follows standard Delete model. Example:

DELETE /cspace-services/authorization/permissions/{id} HTTP/1.1

List Permission instances

Lists existing Permission records, with summary information for each. Follows standard List model. See the documentation of the Permission-List schema, below. List supports the following common parameters for List results, pagination controls and query filters:

pgSz for page size
pgNum for page size
res for resource name

Examples:

GET /cspace-services/authorization/permissions/ HTTP/1.1
GET /cspace-services/authorization/permissions/?pgSz=10 HTTP/1.1

Permission REST payload schemas

Permission instance schema

Create and Update should use the following schema.

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ns2:permission xmlns:ns2="http://collectionspace.org/services/authorization">
    <resourceName>accounts</resourceName>
    <action>
        <name>CREATE</name>
    </action>
    <action>
        <name>READ</name>
    </action>
    <action>
        <name>UPDATE</name>
    </action>
    <action>
        <name>DELETE</name>
    </action>
    <action>
        <name>SEARCH</name>
    </action>
    <effect>PERMIT</effect>
</ns2:permission>

Read will return the above, plus additional fields (csid) for access:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ns2:permission xmlns:ns2="http://collectionspace.org/services/authorization" csid="1e1cf935-6d43-4117-bd34-9f39bd4a00f6">
    <resourceName>accounts</resourceName>
    <action Hjid="1">
        <name>CREATE</name>
    </action>
    <action Hjid="2">
        <name>READ</name>
    </action>
    <action Hjid="3">
        <name>UPDATE</name>
    </action>
    <action Hjid="4">
        <name>DELETE</name>
    </action>
    <action Hjid="5">
        <name>SEARCH</name>
    </action>
    <effect>PERMIT</effect>
    <createdAt>2010-04-12T15:08:48.000</createdAt>
</ns2:permission>

Note: Hjid could be ignored. In future revision, it won't be visible in the payload.

Permission-List schema

List (and variants) will return the following schema. Note the standard pagination support.

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<ns2:permissions_list xmlns:ns2="http://collectionspace.org/services/authorization">
<permission csid="1e1cf935-6d43-4117-bd34-9f39bd4a00f6">
    <resourceName>accounts</resourceName>
    <action Hjid="1">
        <name>CREATE</name></action>
    <action Hjid="2">
        <name>READ</name>
    </action>
    <action Hjid="3">
        <name>UPDATE</name>
    </action>
    <action Hjid="4">
        <name>DELETE</name>
    </action>
    <action Hjid="5">
        <name>SEARCH</name>
    </action>
    <effect>PERMIT</effect>
    <createdAt>2010-04-12T15:08:48.000</createdAt>
</permission>
<permission csid="9eb2a143-6613-4c68-87e3-6d9725871fff">
    <resourceName>collectionobjects</resourceName>
    <action Hjid="6">
        <name>CREATE</name>
    </action>
    <action Hjid="7">
        <name>READ</name>
    </action>
    <action Hjid="8">
        <name>UPDATE</name>
    </action>
    <action Hjid="9">
        <name>DELETE</name>
    </action>
    <action Hjid="10">
        <name>SEARCH</name>
    </action>
    <effect>PERMIT</effect>
    <createdAt>2010-04-12T15:08:58.000</createdAt>
</permission>