mirror of
https://github.com/paralus/paralus.git
synced 2026-03-06 02:50:20 +00:00
35edd2dee5
* Update dependencies from authz * authz: fix log import path * Authz related creation steps * Fix typo: Namesapce -> Namespace * Add tests for role creation interaction with authz * Switch to using names for policy and group creation in authz * Group creation not udpates casbin db * Fix reading db address from env * Tiny typo fix in readme * Simplify error handling in usermgmt server * Rework test setup * Fix all current tests * Complete authz integration * Drop unnecessary dependency on adminsrv in usermgmt
194 lines
3.6 KiB
ReStructuredText
194 lines
3.6 KiB
ReStructuredText
:host = http://localhost:11000
|
|
:partner = important-partner
|
|
:org = hello
|
|
:project = hello
|
|
:group = group-name
|
|
:role = role-name
|
|
:user = user.name@provider.com
|
|
:namespace = 7
|
|
|
|
## Users
|
|
|
|
# Create user
|
|
POST :host/auth/v3/users
|
|
Content-Type: application/yaml
|
|
|
|
metadata:
|
|
partner: :partner
|
|
organization: :org
|
|
name: :user
|
|
spec:
|
|
firstName: John
|
|
lastName: Doe
|
|
|
|
# Create user with roles
|
|
POST :host/auth/v3/users
|
|
Content-Type: application/yaml
|
|
|
|
metadata:
|
|
partner: :partner
|
|
organization: :org
|
|
name: :user
|
|
spec:
|
|
firstName: John
|
|
lastName: Doe
|
|
projectNamespaceRoles:
|
|
- role: NAMESPACE_ADMIN
|
|
namespace: :namespace
|
|
project: :project
|
|
|
|
# Get all users
|
|
GET :host/auth/v3/users
|
|
Content-Type: application/yaml
|
|
|
|
# Get single user
|
|
GET :host/auth/v3/user/:user
|
|
Content-Type: application/yaml
|
|
|
|
# Update user info
|
|
PUT :host/auth/v3/user/:user
|
|
Content-Type: application/yaml
|
|
|
|
metadata:
|
|
partner: :partner
|
|
organization: :org
|
|
name: :user
|
|
spec:
|
|
firstName: John
|
|
lastName: Cena
|
|
projectNamespaceRoles:
|
|
- role: ADMIN
|
|
|
|
# Delete single user
|
|
DELETE :host/auth/v3/user/:user
|
|
|
|
|
|
## Groups
|
|
|
|
# Create group
|
|
POST :host/auth/v3/partner/:partner/organization/:org/groups
|
|
Content-Type: application/yaml
|
|
|
|
metadata:
|
|
name: :group
|
|
description: My first description
|
|
partner: :partner
|
|
organization: :org
|
|
spec:
|
|
type: simple
|
|
users:
|
|
- :user
|
|
projectNamespaceRoles:
|
|
- role: NAMESPACE_ADMIN
|
|
namespace: :namespace
|
|
project: :project
|
|
|
|
# Create group no namespace and project
|
|
POST :host/auth/v3/partner/:partner/organization/:org/groups
|
|
Content-Type: application/yaml
|
|
|
|
metadata:
|
|
name: :group
|
|
description: My first description
|
|
partner: :partner
|
|
organization: :org
|
|
spec:
|
|
type: simple
|
|
users:
|
|
- :user
|
|
projectNamespaceRoles:
|
|
- role: CLUSTER_ADMIN
|
|
|
|
# Update group to no namespace
|
|
PUT :host/auth/v3/partner/:partner/organization/:org/group/:group
|
|
Content-Type: application/yaml
|
|
|
|
metadata:
|
|
name: :group
|
|
description: My first description
|
|
partner: :partner
|
|
organization: :org
|
|
spec:
|
|
type: simple
|
|
users:
|
|
- :user
|
|
projectNamespaceRoles:
|
|
- role: ADMIN
|
|
|
|
|
|
# Get all groups
|
|
GET :host/auth/v3/partner/:partner/organization/:org/groups
|
|
Content-Type: application/yaml
|
|
|
|
# Get a group
|
|
GET :host/auth/v3/partner/:partner/organization/:org/group/:group
|
|
Content-Type: application/yaml
|
|
|
|
# Delete a group
|
|
DELETE :host/auth/v3/partner/:partner/organization/:org/group/:group
|
|
Content-Type: application/yaml
|
|
|
|
## Roles
|
|
|
|
# Create empty role
|
|
POST :host/auth/v3/partner/:partner/organization/:org/roles
|
|
Content-Type: application/yaml
|
|
|
|
metadata:
|
|
name: :role
|
|
description: My first role
|
|
partner: :partner
|
|
organization: :org
|
|
spec:
|
|
isGlobal: true
|
|
scope: cluster
|
|
|
|
# Create role
|
|
POST :host/auth/v3/partner/:partner/organization/:org/roles
|
|
Content-Type: application/yaml
|
|
|
|
metadata:
|
|
name: :role
|
|
description: My first role
|
|
partner: :partner
|
|
organization: :org
|
|
spec:
|
|
isGlobal: true
|
|
scope: cluster
|
|
rolepermissions:
|
|
- account.read
|
|
- ops_star.all
|
|
|
|
# Update role
|
|
PUT :host/auth/v3/partner/:partner/organization/:org/role/:role
|
|
Content-Type: application/yaml
|
|
|
|
metadata:
|
|
name: :role
|
|
description: My first role
|
|
partner: :partner
|
|
organization: :org
|
|
spec:
|
|
isGlobal: true
|
|
scope: cluster
|
|
rolepermissions:
|
|
- account.read
|
|
|
|
# Get all roles
|
|
GET :host/auth/v3/partner/:partner/organization/:org/roles
|
|
Content-Type: application/yaml
|
|
|
|
# Get a role
|
|
GET :host/auth/v3/partner/:partner/organization/:org/role/:role
|
|
Content-Type: application/yaml
|
|
|
|
# Delete a role
|
|
DELETE :host/auth/v3/partner/:partner/organization/:org/role/:role
|
|
Content-Type: application/yaml
|
|
|
|
|
|
## Rolepermission
|
|
|
|
# Get all rolepermissions
|
|
GET :host/auth/v3/rolepermissions
|
|
Content-Type: application/yaml |