/auth/v1/roles/<role_ID>: PUT
Assigns a role to users or user groups.
The following table shows which roles can access this REST API endpoint:
Data admin | Data user | Collection Admin | Admin | Service user |
---|---|---|---|---|
Χ | Χ | ✓ | ✓ | Χ |
The following roles can be assigned to a user:
- admin
- Default user role created by the system. Users with this role can create other users, projects, domains, and assign roles. Users with this role cannot see metadata records.
- dataadmin
- The users with this role can see all metadata records across projects.
- datauser
- This role is ideal for a researcher or data scientist. Users with this role can see records that are associated with projects to which they belong.
- serviceuser
- This user role intended for service personnel. Users with this role have read only access to the system logs.
Synopsis of the request URL
curl -k -H ‘Authorization: Bearer <token>’ -X PUT https://<spectrum_discover_host>/auth/v1/roles/<role_ID> -d ‘<details of where role is to be assigned>’
You can specify the following details in the roles endpoint to assign roles to
the corresponding component. An example follows this list.
- user_id
- The user ID to which the role must be assigned.
- group_id
- The group to which the role must be assigned.
- project_id
- The project to which the role must be assigned.
- domain_id
- The domain to which the role must be assigned.
The following examples illustrate how to specify these fields to
assign a role to a domain or
collection:
{
"user_id": <string> [optional],
"group_id": <string> [optional],
"collection_id": <string> [optional],
"domain_id": <string> [optional]
}
example [assign role to user in default domain]
{
"user_id": "5b3cd6af1c38479aa3a8cb220230c651"
}
example [assign role to user in specific domain]
{
"user_id": "5b3cd6af1c38479aa3a8cb220230c651",
"domain_id": "4bfa9a9f71154dbeb554261a1c8d9a53"
}
example [assign role to user in specific collection]
{
"user_id": "5b3cd6af1c38479aa3a8cb220230c651",
"collection_id": "3b8c501b173c4ebcb99f322a4f7cf60e"
}
Supported request types and response formats
Supported request types:
- PUT
- JSON
Examples
Example 1: Assigning a role to a specific user.
Request:
curl -k -H 'Content-Type: application/json' -H ‘Authorization: Bearer <token>’ -X PUT
https://<spectrum_discover_host>/auth/v1/roles/4a5415cb9cc5460aafe12a6f6206448e
-d ‘{"user_id": "5b3cd6af1c38479aa3a8cb220230c651"}’
Response:
200 OK
Example 2: Assigning a role to a group.
Request:
curl -k -H 'Content-Type: application/json' -H ‘Authorization: Bearer <token>’ -X PUT
https://<spectrum_discover_host>/auth/v1/roles/4a5415cb9cc5460aafe12a6f6206448e
-d ‘{"group_id": "6c4de7af1c38479aa3a8cb220230d762"}’
Response:
200 OK
Example 3: Assigning role for a user in a collection.
Request:
curl -k -H 'Content-Type: application/json' -H ‘Authorization: Bearer <token>’ -X PUT
https://<spectrum_discover_host>/auth/v1/roles/4a5415cb9cc5460aafe12a6f6206448e
-d ‘{"user_id": "5b3cd6af1c38479aa3a8cb220230c651", “domain_id”: “af1c38479a5b3cd6c651a3a8cb220230”}’
Response:
200 OK