Legacy Product

Fusion 5.10
    Fusion 5.10

    Roles API

    Roles are groups of permissions that allow access to the UI and the REST APIs. See Roles for details.

    Security Realms can be configured to use LDAP group membership to assign Roles to users. See the LDAP configuration instructions for details.

    Create, Update or Delete Roles

    The endpoint for this request can take the role ID as a request parameter:

    /api/roles/<id>

    The role ID string is generated by Fusion when the role is created.

    A GET request returns the configured roles for a specific ID. If the ID is omitted from the path, all roles will be returned.

    A POST request creates a new role. When creating a new role, the request path is /api/roles. If the role is created, the request returns the role ID.

    In order to see this object within the Fusion UI, it must be associated with an app. To do this, create the object using the /apps endpoint.

    A PUT request updates an existing role.

    A DELETE request will remove the role configuration.

    Role Specification

    To create or update a Role via a POST or PUT request, the request body is a JSON object with the following attributes:

    Property Description

    name
    Required

    A string containing the role name.

    desc
    Optional

    A string containing a brief text description, for display on the Access Control "ROLES" panel.

    permissions
    Optional

    A list of permissions, specified in JSON notation. See section Permissions for details.

    uiPermissions
    Optional

    A list of names of UI components.

    The following example describes a role with permissions to access Fusion Dashboards for collection "mdb1":

    {
      "name":"view-dashboard-mdb1",
      "desc":"can access/use analytics dashboard \"mdb1\" but not allowed to change dashboard controls.",
      "permissions":[
        {"methods":["GET"],"path":"/solr/system_banana/*"},
        {"methods":["GET"],"path":"/solr/{id}/*","params":{"id":["mdb1"]}},
        {"methods":["GET"],"path":"/solr/{id}/admin/luke","params":{"id":["mdb1"]}},
        {"methods":["GET"],"path":"/collections/system_banana"}
      ],
      "uiPermissions":[
        "dashboards",
        "fields"
      ]
    }

    Examples

    Get the details for the role with id '3416c03a-31df-4103-b446-358f6790af3e':

    REQUEST

    curl -u USERNAME:PASSWORD https://FUSION_HOST:8764/api/roles/3416c03a-31df-4103-b446-358f6790af3e

    RESPONSE

    {
      "id":"3416c03a-31df-4103-b446-358f6790af3e",
      "name":"search",
      "createdAt":"2016-03-09T20:01:48Z",
      "permissions":[
        {"methods":["GET"],"path":"/query-pipelines/*/collections/*/select"},
        {"methods":["GET"],"path":"/query-pipelines"},
        {"methods":["GET"],"path":"/solr/*/schema"},
        {"methods":["GET"],"path":"/prefs/apps/search/*"},
        {"methods":["GET"],"path":"/collections/**"},
        {"methods":["GET"],"path":"/solr/*/admin/luke"}
      ],
      "uiPermissions":[
        "search",
        "collections"
      ],
      "desc":"Provides read-only/required permissions for the Fusion Search UI."
    }