Suppose you have two COs with these COUs:
CO 4:
- L and S
- Chemistry
- Physics
- Astronomy
CO 5:
- Optics Team
- Diffraction Team
- Storage Ring Team
Listing
The REST call for a Platform API User (CO 1) might look like this:
Code Block | ||
---|---|---|
| ||
$ curl -s -X GET -u co_1.platform_rest_user:password https://example.com/registry/cous.json | python -m json.tool { "Cous": [ { "ActorIdentifier": "phil.hines@comanage.incommon.training", "CoId": "4", "Created": "2020-11-16 12:00:00", "Deleted": false, "Description": "College of Letters and Science", "Id": "6", "Lft": "11", "Modified": "2020-11-16 12:00:00", "Name": "L and S", "Revision": "0", "Rght": "18", "Version": "1.0" }, { "ActorIdentifier": "phil.hines@comanage.incommon.training", "CoId": "4", "Created": "2020-11-16 12:00:19", "Deleted": false, "Description": "Physics Department", "Id": "7", "Lft": "12", "Modified": "2020-11-16 12:00:19", "Name": "Physics", "ParentId": "6", "Revision": "0", "Rght": "15", "Version": "1.0" }, { "ActorIdentifier": "phil.hines@comanage.incommon.training", "CoId": "4", "Created": "2020-11-16 12:00:43", "Deleted": false, "Description": "Astronomy Department", "Id": "8", "Lft": "13", "Modified": "2020-11-16 12:00:43", "Name": "Astronomy", "ParentId": "7", "Revision": "0", "Rght": "14", "Version": "1.0" }, { "ActorIdentifier": "phil.hines@comanage.incommon.training", "CoId": "4", "Created": "2020-11-16 12:00:58", "Deleted": false, "Description": "Chemistry Department", "Id": "9", "Lft": "16", "Modified": "2020-11-16 12:00:58", "Name": "Chemistry", "ParentId": "6", "Revision": "0", "Rght": "17", "Version": "1.0" }, { "ActorIdentifier": "phil.hines@comanage.incommon.training", "CoId": "5", "Created": "2020-11-16 12:09:18", "Deleted": false, "Description": "Optics Team", "Id": "12", "Lft": "21", "Modified": "2020-11-16 12:09:18", "Name": "Optics Team", "Revision": "0", "Rght": "24", "Version": "1.0" }, { "ActorIdentifier": "phil.hines@comanage.incommon.training", "CoId": "5", "Created": "2020-11-16 12:09:45", "Deleted": false, "Description": "Diffraction Team", "Id": "13", "Lft": "22", "Modified": "2020-11-16 12:09:45", "Name": "Diffraction Team", "ParentId": "12", "Revision": "0", "Rght": "23", "Version": "1.0" }, { "ActorIdentifier": "phil.hines@comanage.incommon.training", "CoId": "5", "Created": "2020-11-16 12:10:31", "Deleted": false, "Description": "Stoarge Ring Team", "Id": "14", "Lft": "25", "Modified": "2020-11-16 12:10:31", "Name": "Storage Ring Team", "Revision": "0", "Rght": "26", "Version": "1.0" } ], "ResponseType": "Cous", "Version": "1.0" } |
The same call with a Privileged CO API User (CO 5) will result in a 401 Unauthorized since the Privileged CO API User does not have access to all COs:
Code Block | ||
---|---|---|
| ||
$ curl --verbose -X GET -u co_5.my_rest_user:password https://example.com/registry/cous.json > GET /registry/cous.json HTTP/2 > Authorization: Basic Y29fNS5teV9yZXN0X3VzZXI6ZzBmei1vODJuLXVpNzQtNnliaw== > User-Agent: curl/7.64.0 > Accept: */* > < HTTP/2 401 |
Instead the Privileged CO API User should specify the (numeric) CO to which the user has access using the View (per CO) syntax
Code Block | ||
---|---|---|
| ||
$ curl -s -X GET -u co_5.my_rest_user:password https://example.com/registry/cous.json?coid=5 | python -m json.tool { "Cous": [ { "ActorIdentifier": "phil.hines@comanage.incommon.training", "CoId": "5", "Created": "2020-11-16 12:09:18", "Deleted": false, "Description": "Optics Team", "Id": "12", "Lft": "21", "Modified": "2020-11-16 12:09:18", "Name": "Optics Team", "Revision": "0", "Rght": "24", "Version": "1.0" }, { "ActorIdentifier": "phil.hines@comanage.incommon.training", "CoId": "5", "Created": "2020-11-16 12:09:45", "Deleted": false, "Description": "Diffraction Team", "Id": "13", "Lft": "22", "Modified": "2020-11-16 12:09:45", "Name": "Diffraction Team", "ParentId": "12", "Revision": "0", "Rght": "23", "Version": "1.0" }, { "ActorIdentifier": "phil.hines@comanage.incommon.training", "CoId": "5", "Created": "2020-11-16 12:10:31", "Deleted": false, "Description": "Stoarge Ring Team", "Id": "14", "Lft": "25", "Modified": "2020-11-16 12:10:31", "Name": "Storage Ring Team", "Revision": "0", "Rght": "26", "Version": "1.0" } ], "ResponseType": "Cous", "Version": "1.0" } |
Adding
A Privileged CO API User (CO 5) may add a new COU for CO 5 like this:
Code Block | ||
---|---|---|
| ||
$ cat cou_request.json { "RequestType":"Cous", "Version":"1.0", "Cous": [ { "Version":"1.0", "CoId":"5", "ParentId":"14", "Name":"Undulator Team", "Description":"Undulator Team" } ] } $ curl \ -d @cou_request.json \ -X POST -H 'Content-type: application/json' \ -u co_5.my_rest_user:password \ https://example.com/registry/cous.json | python -m json.tool { "Id": "16", "ObjectType": "Cou", "ResponseType": "NewObject", "Version": "1.0" } |