Web RBAC API for managing role based access control settings.

Get all permissions list

URI: https://hub.cfengine.com/api/rbac

Method: GET

Example request (curl):

curl -k --user <username>:<password> \
  -X GET \
  https://hub.cfengine.com/api/rbac

Example response:

[
    {
        "alias": "Inventory.post",
        "group": "Inventory API",
        "name": "Get inventory report",
        "description": "",
        "application": "API",
        "allowed_by_default": true
    },
    {
        "alias": "VariablesDictionary.get",
        "group": "Inventory API",
        "name": "Get inventory attributes",
        "description": "",
        "application": "API",
        "allowed_by_default": true
    },
    {
        "alias": "variablesDictionaryUpdate.post",
        "group": "Inventory API",
        "name": "Update inventory attributes",
        "description": "",
        "application": "API",
        "allowed_by_default": true
    }
]

Output:

Get current user permissions

URI: https://hub.cfengine.com/api/rbac/user-permissions

Method: GET

Example request (curl):

curl -k --user <username>:<password> \
  -X GET \
  https://hub.cfengine.com/api/rbac/user-permissions

Example response:

[
    {
        "alias": "Inventory.post",
        "group": "Inventory API",
        "name": "Get inventory report",
        "description": "",
        "application": "API",
        "allowed_by_default": true
    },
    {
        "alias": "VariablesDictionary.get",
        "group": "Inventory API",
        "name": "Get inventory attributes",
        "description": "",
        "application": "API",
        "allowed_by_default": true
    },
    {
        "alias": "variablesDictionaryUpdate.post",
        "group": "Inventory API",
        "name": "Update inventory attributes",
        "description": "",
        "application": "API",
        "allowed_by_default": true
    }
]

Get role permissions

URI: https://hub.cfengine.com/api/role/:role_name/permissions

Method: GET

Parameters:

Example request (curl):

curl -k --user <username>:<password> \
  -X GET \
  https://hub.cfengine.com/api/role/admin/permissions

Example response:

[
    {
        "alias": "Inventory.post",
        "group": "Inventory API",
        "name": "Get inventory report",
        "description": "",
        "application": "API",
        "allowed_by_default": true
    },
    {
        "alias": "VariablesDictionary.get",
        "group": "Inventory API",
        "name": "Get inventory attributes",
        "description": "",
        "application": "API",
        "allowed_by_default": true
    },
    {
        "alias": "variablesDictionaryUpdate.post",
        "group": "Inventory API",
        "name": "Update inventory attributes",
        "description": "",
        "application": "API",
        "allowed_by_default": true
    }
]

Add permissions to role

URI: https://hub.cfengine.com/api/role/:role_name/permissions

Method: POST

Assign new permission to role. Permissions will be added to existing permission list.

Parameters:

Example request (curl):

curl -k --user <username>:<password> \
  -X POST \
  https://hub.cfengine.com/api/role/role_name/permissions \
  -H 'content-type: application/json' \
  -d '["Inventory.post", "VariablesDictionary.get"]'

Example response:

 HTTP 201 Created

Rewrite role’s permissions

URI: https://hub.cfengine.com/api/role/:role_name/permissions

Method: PUT

Assign permission to role. New permissions replace existing.

Parameters:

Example request (curl):

curl -k --user <username>:<password> \
  -X PUT \
  https://hub.cfengine.com/api/role/role_name/permissions \
  -H 'content-type: application/json' \
  -d '["Inventory.post", "VariablesDictionary.get"]'

Example response:

 HTTP 201 Created

Revoke permissions from role

URI: https://hub.cfengine.com/api/role/:role_name/permissions

Method: DELETE

Parameters:

Example request (curl):

curl -k --user <username>:<password> \
  -X DELETE \
  https://hub.cfengine.com/api/role/role_name/permissions \
  -H 'content-type: application/json' \
  -d '["Inventory.post", "VariablesDictionary.get"]'

Example response:

 HTTP 204 No Content