Skip to content

Note

This page is still a work in progress!

Permission APIs

Adding a permission string

Overview

Description Adds a new permission string.
API Context /permissions
HTTP Method POST
Request/Response format application/json
Authentication Basic
Username admin
Password admin
Runtime server/tooling

curl command syntax

curl -X POST https://<HOST_NAME>:<PORT>/permissions/ -H 'content-type: application/json' -d ' { "appName":"<SIDDHI_APPLICATION_NAME>", "permissionString":"<PERMISSION_STRING>"}' -k

Sample curl command

curl -X POST https://localhost:9443/permissions/ -H 'content-type: application/json' -d ' { "appName":"MON", "permissionString":"MON.manager"}' -k

Sample output

Returns the permission ID for the particular permission string

Response

HTTP Status Code

Possible codes are 200 and 404.

For descriptions of the HTTP status codes, see HTTP Status Codes .

Getting a permission ID for a permission string

Overview

Description Returns the permission ID for a given permission string.
API Context /permissions/app/{appName}
HTTP Method GET
Request/Response format application/json
Authentication Basic
Username admin
Password admin
Runtime server/tooling
Parameter Description
{appName}

curl command syntax

curl -X GET https://<HOST_NAME>:<PORT>/permissions/app/{appName}

Sample curl command

curl -X GET https://localhost:9443/permissions/app/MON

Sample output

[{"permissionID": "f0c74633-2f07-3896-841a-154afb0c29da","permissionString": "MON.consumer"}]

Response

HTTP Status Code

Possible codes are 200 and 404.

For descriptions of the HTTP status codes, see HTTP Status Codes .

Checking whether a specific user role is granted a specific permission

Overview

Description Checks whether the specified user role is granted a specific permission.
API Context /permissions/auth/{permissionID}/{roleName}
HTTP Method GET
Request/Response format
Authentication
Username
Password
Runtime server/tooling
Parameter Description
{permissionID} The ID of a specific permission. The API checks whether this permission is granted to the specified user role.
{roleName} The ID of a specific user role. The API checks whether this user role is granted the specified permission ID.

curl command syntax

curl --location --request GET 'https://<host>:port/permissions/auth/<permission-string-id>/<user>'

Sample curl command

curl --location --request GET 'https://localhost:9443/permissions/auth/f0c74633-2f07-3896-841a-154afb0c29da/admin'

Sample output

{ "code": 4, "type": "ok", "message": "Checking permission for app:f0c74633-2f07-3896-841a-154afb0c29da role: admin successful" }

Response

HTTP Status Code

Possible codes are 200 and 404.

For descriptions of the HTTP status codes, see HTTP Status Codes .

Deleting a permission string

Overview

Description Deletes the specified permission string.
API Context /permissions/{permissionID}
HTTP Method DELETE
Request/Response format
Authentication
Username
Password
Runtime server/tooling
Parameter Description
{permissionID} The ID of the permission string to be deleted.

curl command syntax

curl -X DELETE https://<HOST_NAME>:<PORT>/permissions/{permissionID}

Sample curl command

curl -X DELETE https://localhost:9443/permissions/e9687c6f-b5b2-3216-b3bd-82e7a8e14367

Sample output

{ 
  "code": 4, 
  "type": "ok", 
  "message": "Deleted permission with ID: f0c74633-2f07-3896-841a-154afb0c29da" 
}

Response

HTTP Status Code

Possible codes are 200 and 404.

For descriptions of the HTTP status codes, see HTTP Status Codes .

Listing roles with a specific permission

Overview

Description Lists the user roles that are currently granted the specified user role.
API Context /permissions/{permissionsID}/roles
HTTP Method GET
Request/Response format
Authentication
Username
Password
Runtime server/tooling
Parameter Description
{permissionID} The ID of the permission for which the user roles need to be listed.

curl command syntax

curl -X GET https://<HOST_NAME>:<PORT>/permissions/{permissionID}/roles

Sample curl command

curl -X GET https://localhost:9443/permissions/8dc31fec-8364-3082-9f88-c7ca7d979873/roles

Sample output

Response

HTTP Status Code

Possible codes are 200 and 404.

For descriptions of the HTTP status codes, see HTTP Status Codes .

Revoking a specific permission for all roles

Overview

Description Revokes the specified permission for all the user roles.
API Context /permissions/revoke/{permissionID}
HTTP Method POST
Request/Response format
Authentication
Username
Password
Runtime server/tooling
Parameter Description
{permissionID} The ID of the permission that needs to be revoked for all user roles.

curl command syntax

curl -X POST https://<HOST_NAME>:<PORT>/permissions/revoke/{permissionID}

Sample curl command

curl -X POST https://localhost:9443/permissions/revoke/8dc31fec-8364-3082-9f88-c7ca7d979873

Sample output

{ 
  "code": 4, 
  "type": "ok", 
  "message": "Permission revoke for permissionID e9687c6f-b5b2-3216-b3bd-82e7a8e14367 success." 
}

Response

HTTP Status Code

Possible codes are 200 and 404.

For descriptions of the HTTP status codes, see HTTP Status Codes .

Revoking a specific permission for a specific role

Overview

Description Grants or revokes a permission for the specified user role. The permission is passed as an array in the body of the request.
API Context /permissions/roles/{roleID}?action=revoke/grant
HTTP Method POST
Request/Response format application/json
Authentication
Username
Password
Runtime server/tooling
Parameter Description
{roleID} The ID of the user role for which the permission given in the request body needs to be granted or revoked.

curl command syntax

curl -X POST 'https://<host>:<port>/permissions/roles/<user>?action=revoke' -H 'content-type: application/json' -d ' { "appName":"<Siddhi-app-name>", "permissionString":"<permission-string>"}' -k

Sample curl command

curl -X POST 'https://localhost:9444/permissions/roles/admin?action=revoke' -H 'content-type: application/json' -d ' { "appName":"MON", "permissionString":"MON.consumer"}' -k

Sample output

{
  "code":4,
  "type":"ok",
  "message":"Action, revoke for permission, Permission[appName\u003dMON, permissionString\u003dMON.consumer] successful."
}

Response

HTTP Status Code

Possible codes are 200 and 404.

For descriptions of the HTTP status codes, see HTTP Status Codes .

Top