Skip to content

Instantly share code, notes, and snippets.

@jhamon

jhamon/proposed-endpoints.txt

Last active June 17, 2017 02:36
Show Gist options
  • Save jhamon/bbd644b5ed429def1766b0bc756e0e69 to your computer and use it in GitHub Desktop.
Save jhamon/bbd644b5ed429def1766b0bc756e0e69 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
proposed-endpoints.txt
# Define a new role called space_developer
POST /roles
{
'name': 'space_developer',
'resourceActionTemplates': [
{
'resource': 'urn:app:/{org-guid}/{space-guid}/*',
'actions': ['read', 'create', 'delete', 'update', 'run']
},
{
'resource': 'urn:space:/{org-guid}/{space-guid}',
'actions': ['read']
},
{
'resource': 'urn:org-quota:/{org-guid}/*',
'actions': ['read']
},
{
'resource': 'urn:space-quota:/{org-guid}/{space-guid}/*',
'actions': ['read']
}
]
}
# See the role definition
GET /roles/space_developer
{
'name': 'space_developer',
'resourceActionTemplates': [
{
'resource': 'urn:app:/{org-guid}/{space-guid}/*',
'actions': ['read', 'create', 'delete', 'update', 'run']
},
{
'resource': 'urn:space:/{org-guid}/{space-guid}',
'actions': ['read']
},
{
'resource': 'urn:org-quota:/{org-guid}/*',
'actions': ['read']
},
{
'resource': 'urn:space-quota:/{org-guid}/{space-guid}/*',
'actions': ['read']
}
]
}
# Bind the space_developer role to a user
POST /role-bindings
{
'subject': 'jen-guid',
'role': 'space_developer'
'context': {
'org-guid': 'foo-org-guid',
'space-guid': 'foo-space-guid'
}
}
# See who has the SpaceDeveloper role
GET /role-bindings?role=space_developer
[{
'subject': 'jen-guid',
'role': 'space_developer'
'context': {
'org-guid': 'foo-org-guid',
'space-guid': 'foo-space-guid'
}
}]
# See what roles a person has
GET /role-bindings?subject=jen-guid
[{
'subject': 'jen-guid',
'role': 'space_developer'
'context': {
'org-guid': 'foo-org-guid',
'space-guid': 'foo-space-guid'
}
}]
# See acl for a specific resource
GET http://localhost:8080/acl?resource=urn:app:org-guid/space-guid/app-guid
{
'accessControlEntries': [
{
'resource': 'urn:app:org-guid/space-guid/*',
'action': 'create',
'subject': 'space-dev-person'
},
{
'resource': 'urn:app:org-guid/space-guid/*',
'action': 'read',
'subject': 'space-dev-person'
},
{
'resource': 'urn:app:org-guid/space-guid/*',
'action': 'update',
'subject': 'space-dev-person'
},
{
'resource': 'urn:app:org-guid/space-guid/*',
'action': 'delete',
'subject': 'space-dev-person'
},
{
'resource': 'urn:app:org-guid/space-guid/*',
'action': 'run',
'subject': 'space-dev-person'
},
{
'resource': 'urn:app:org-guid/space-guid/app-guid',
'action': 'read',
'subject': 'space-auditor-person'
},
{
'resource': 'urn:app:*',
'action': 'create',
'subject': 'admin-person'
},
{
'resource': 'urn:app:*',
'action': 'read',
'subject': 'admin-person'
},
{
'resource': 'urn:app:*',
'action': 'update',
'subject': 'admin-person'
},
{
'resource': 'urn:app:*',
'action': 'delete',
'subject': 'admin-person'
},
{
'resource': 'urn:app:*',
'action': 'run',
'subject': 'admin-person'
}
]
}
# See acl for a specific resource, filtering by action
GET http://localhost:8080/acl?resource=urn:app:space/org-guid/space-guid/app-guid&action=read
{
'accessControlEntries': [
{
'resource': 'urn:app:org-guid/space-guid/*',
'action': 'read',
'subject': 'space-dev-person'
},
{
'resource': 'urn:app:org-guid/space-guid/app-guid',
'action': 'read',
'subject': 'space-auditor-person'
},
{
'resource': 'urn:app:*',
'action': 'read',
'subject': 'admin-person'
}
]
}
# See acl for a specific resource, filtering by action and subject
GET http://localhost:8080/acl?resource=urn:app:space/org-guid/space-guid/app-guid&action=read&subject=space-dev-person
{
'accessControlEntries': [
{
'resource': 'urn:app:org-guid/space-guid/*',
'action': 'read',
'subject': 'space-dev-person'
}
]
}
# See ACE entries related to a particular subject
GET http://localhost:8080/acl?subject=space-dev-person
{
'accessControlEntries': [
{
'resource': 'urn:app:org-guid/space-guid/*',
'action': 'create',
'subject': 'space-dev-person'
},
{
'resource': 'urn:app:org-guid/space-guid/*',
'action': 'read',
'subject': 'space-dev-person'
},
{
'resource': 'urn:app:org-guid/space-guid/*',
'action': 'update',
'subject': 'space-dev-person'
},
{
'resource': 'urn:app:org-guid/space-guid/*',
'action': 'delete',
'subject': 'space-dev-person'
},
{
'resource': 'urn:app:org-guid/space-guid/*',
'action': 'run',
'subject': 'space-dev-person'
},
{
'resource': 'urn:space:org-guid/space-guid',
'action': 'read',
'subject': 'space-dev-person'
},
{
'resource': 'urn:org-quota:org-guid/*',
'action': 'read',
'subject': 'space-dev-person'
},
{
'resource': 'urn:space-quota:org-guid/space-guid/*',
'action': 'read',
'subject': 'space-dev-person'
}
]
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment