Suppose you have two COs with these COUs:
CO 4:
- L and S
- Chemistry
- Physics
- Astronomy
CO 5:
- Optics Team
- Diffraction Team
- Storage Ring Team
Listing
The REST call for a Platform API User (CO 1) might look like this:
| Code Block | ||
|---|---|---|
| ||
$ curl -s -X GET -u co_1.platform_rest_user:password https://example.com/registry/cous.json | python -m json.tool
{
"Cous": [
{
"ActorIdentifier": "phil.hines@comanage.incommon.training",
"CoId": "4",
"Created": "2020-11-16 12:00:00",
"Deleted": false,
"Description": "College of Letters and Science",
"Id": "6",
"Lft": "11",
"Modified": "2020-11-16 12:00:00",
"Name": "L and S",
"Revision": "0",
"Rght": "18",
"Version": "1.0"
},
{
"ActorIdentifier": "phil.hines@comanage.incommon.training",
"CoId": "4",
"Created": "2020-11-16 12:00:19",
"Deleted": false,
"Description": "Physics Department",
"Id": "7",
"Lft": "12",
"Modified": "2020-11-16 12:00:19",
"Name": "Physics",
"ParentId": "6",
"Revision": "0",
"Rght": "15",
"Version": "1.0"
},
{
"ActorIdentifier": "phil.hines@comanage.incommon.training",
"CoId": "4",
"Created": "2020-11-16 12:00:43",
"Deleted": false,
"Description": "Astronomy Department",
"Id": "8",
"Lft": "13",
"Modified": "2020-11-16 12:00:43",
"Name": "Astronomy",
"ParentId": "7",
"Revision": "0",
"Rght": "14",
"Version": "1.0"
},
{
"ActorIdentifier": "phil.hines@comanage.incommon.training",
"CoId": "4",
"Created": "2020-11-16 12:00:58",
"Deleted": false,
"Description": "Chemistry Department",
"Id": "9",
"Lft": "16",
"Modified": "2020-11-16 12:00:58",
"Name": "Chemistry",
"ParentId": "6",
"Revision": "0",
"Rght": "17",
"Version": "1.0"
},
{
"ActorIdentifier": "phil.hines@comanage.incommon.training",
"CoId": "5",
"Created": "2020-11-16 12:09:18",
"Deleted": false,
"Description": "Optics Team",
"Id": "12",
"Lft": "21",
"Modified": "2020-11-16 12:09:18",
"Name": "Optics Team",
"Revision": "0",
"Rght": "24",
"Version": "1.0"
},
{
"ActorIdentifier": "phil.hines@comanage.incommon.training",
"CoId": "5",
"Created": "2020-11-16 12:09:45",
"Deleted": false,
"Description": "Diffraction Team",
"Id": "13",
"Lft": "22",
"Modified": "2020-11-16 12:09:45",
"Name": "Diffraction Team",
"ParentId": "12",
"Revision": "0",
"Rght": "23",
"Version": "1.0"
},
{
"ActorIdentifier": "phil.hines@comanage.incommon.training",
"CoId": "5",
"Created": "2020-11-16 12:10:31",
"Deleted": false,
"Description": "Stoarge Ring Team",
"Id": "14",
"Lft": "25",
"Modified": "2020-11-16 12:10:31",
"Name": "Storage Ring Team",
"Revision": "0",
"Rght": "26",
"Version": "1.0"
}
],
"ResponseType": "Cous",
"Version": "1.0"
} |
The same call with a Privileged CO API User (CO 5) will result in a 401 Unauthorized since the Privileged CO API User does not have access to all COs:
| Code Block | ||
|---|---|---|
| ||
$ curl --verbose -X GET -u co_5.my_rest_user:password https://example.com/registry/cous.json > GET /registry/cous.json HTTP/2 > Authorization: Basic Y29fNS5teV9yZXN0X3VzZXI6ZzBmei1vODJuLXVpNzQtNnliaw== > User-Agent: curl/7.64.0 > Accept: */* > < HTTP/2 401 |
Instead the Privileged CO API User should specify the (numeric) CO to which the user has access using the View (per CO) syntax
| Code Block | ||
|---|---|---|
| ||
$ curl -s -X GET -u co_5.my_rest_user:password https://example.com/registry/cous.json?coid=5 | python -m json.tool
{
"Cous": [
{
"ActorIdentifier": "phil.hines@comanage.incommon.training",
"CoId": "5",
"Created": "2020-11-16 12:09:18",
"Deleted": false,
"Description": "Optics Team",
"Id": "12",
"Lft": "21",
"Modified": "2020-11-16 12:09:18",
"Name": "Optics Team",
"Revision": "0",
"Rght": "24",
"Version": "1.0"
},
{
"ActorIdentifier": "phil.hines@comanage.incommon.training",
"CoId": "5",
"Created": "2020-11-16 12:09:45",
"Deleted": false,
"Description": "Diffraction Team",
"Id": "13",
"Lft": "22",
"Modified": "2020-11-16 12:09:45",
"Name": "Diffraction Team",
"ParentId": "12",
"Revision": "0",
"Rght": "23",
"Version": "1.0"
},
{
"ActorIdentifier": "phil.hines@comanage.incommon.training",
"CoId": "5",
"Created": "2020-11-16 12:10:31",
"Deleted": false,
"Description": "Stoarge Ring Team",
"Id": "14",
"Lft": "25",
"Modified": "2020-11-16 12:10:31",
"Name": "Storage Ring Team",
"Revision": "0",
"Rght": "26",
"Version": "1.0"
}
],
"ResponseType": "Cous",
"Version": "1.0"
} |
Adding
A Privileged CO API User (CO 5) may add a new COU for CO 5 like this:
| Code Block | ||
|---|---|---|
| ||
$ cat cou_request.json
{
"RequestType":"Cous",
"Version":"1.0",
"Cous":
[
{
"Version":"1.0",
"CoId":"5",
"ParentId":"14",
"Name":"Undulator Team",
"Description":"Undulator Team"
}
]
}
$ curl \
-d @cou_request.json \
-X POST -H 'Content-type: application/json' \
-u co_5.my_rest_user:password \
https://example.com/registry/cous.json | python -m json.tool
{
"Id": "16",
"ObjectType": "Cou",
"ResponseType": "NewObject",
"Version": "1.0"
} |