Update 'Documentation'
parent
89d601f909
commit
3b56114a67
|
@ -18,30 +18,44 @@ ID is any identifier or alias used by OpenAIRE services to identify an entity su
|
|||
|
||||
OpenAIRE services are using Spring Security to authenticate users and check their authorities in OpenAIRE entitities. All these services are sharing a Spring Session through a Redis Database, which is created from OpenAIRE Login Services where a user authenticates himself through AAI Single Sign On Service. The Session contains an OIDCAuthenticationToken Object from [MitreId-Connect](https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server).
|
||||
|
||||
```
|
||||
<!-- Mitre -->
|
||||
<dependency>
|
||||
<groupId>org.mitre</groupId>
|
||||
<artifactId>openid-connect-client</artifactId>
|
||||
<version>1.3.0</version>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>org.bouncycastle</groupId>
|
||||
<artifactId>bcprov-jdk15on</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
```
|
||||
## Role Management
|
||||
|
||||
This service provides 4 controllers with methods to create, assign or revoke roles from users and retrieve information regarding users with a specific Authority. Add session id in a header named "session" in order to use logged in user instead of a user with a specific email. If Authorities' list of a user has been changed, the his active sessions will be updated automatically from this service.
|
||||
This web service provides 4 controllers with methods to create, assign or revoke roles from users and retrieve information of users with a specific Authority. Add session id in a header named "session" in order to use logged in user instead of a user with a specific email. If Authorities' list of a user has been changed, the his active sessions will be updated automatically from this service.
|
||||
|
||||
### Curator Controller ("/curator")
|
||||
### Admin Controller ("/admin")
|
||||
|
||||
Authority format: (TYPE)_(ID)_MANAGER, user must have Authority **(TYPE)_(ID)** in order to acquire this Authority.
|
||||
|
||||
| Method | Path | Path Variables | Params | Description
|
||||
| -------- | -------- | -------- |-------- | -------- |
|
||||
| DELETE | /{type} | **type**: Type of Entity | **email**: Email of user (optional) | Remove Authority CURATOR_(TYPE) from user(s) with this email or logged in user.
|
||||
| DELETE | /{type}/{id} | **type**: Type of Entity, **id**: ID of Entity | **email**: Email of user (optional) | Remove Authority (TYPE)_(ID)_MANAGER from user(s) with this email or logged in user, if email isn't provided.
|
||||
| GET | /{type}/{id} | **type**: Type of Entity, **id**: ID of Entity |**email**: Set to false to hide email information, default: true, **name**: Set to false to hide name information, default: true | Retrieve information of users with Authority (TYPE)_(ID)_MANAGER.
|
||||
| POST | /{type}/{id} | **type**: Type of Entity, **id**: ID of Entity | **email**: Email of user, **force**: if true and Authority (TYPE)_(ID) doesn't exist or user has not Authority (TYPE)_(ID), the Authority will be created and assigned to user, default: false | Assign Authority (TYPE)_(ID)_MANAGER to user(s) with this email or logged in user, if email isn't provided.
|
||||
|
||||
### Curator Controller ("/curator")
|
||||
|
||||
Authority format: CURATOR_(TYPE)
|
||||
|
||||
| Method | Path | Path Variables | Params | Description
|
||||
| -------- | -------- | -------- |-------- | -------- |
|
||||
| DELETE | /{type} | **type**: Type of Entity | **email**: Email of user (optional) | Remove Authority CURATOR_(TYPE) from user(s) with this email or logged in user, if email isn't provided.
|
||||
| GET | /{type} | **type**: Type of Entity |**email**: Set to false to hide email information, default: true, **name**: Set to false to hide name information, default: true | Retrieve information of users with Authority CURATOR_(TYPE).
|
||||
| POST | /{type} | **type**: Type of Entity | **email**: Email of user, **force**: if true and Authority CURATOR_(TYPE) doesn't exist, the Authority will be created, default: false | Assign Authority CURATOR_(TYPE) to user(s) with this email or logged in user.
|
||||
| POST | /{type} | **type**: Type of Entity | **email**: Email of user, **force**: if true and Authority CURATOR_(TYPE) doesn't exist, the Authority will be created, default: false | Assign Authority CURATOR_(TYPE) to user(s) with this email or logged in user, if email isn't provided.
|
||||
| POST | /{type}/create | **type**: Type of Entity | **description**: Desciption of Authority CURATOR_(TYPE) (optional) | Create Authority CURATOR_(TYPE).
|
||||
|
||||
### Member Controller ("/member")
|
||||
|
||||
Authority format: (TYPE)_(ID)
|
||||
|
||||
| Method | Path | Path Variables | Params | Description
|
||||
| -------- | -------- | -------- |-------- | -------- |
|
||||
| DELETE | /{type}/{id} | **type**: Type of Entity, **id**: ID of Entity | **email**: Email of user (optional) | Remove Authority (TYPE)_(ID) from user(s) with this email or logged in user, if email isn't provided.
|
||||
| GET | /{type}/{id} | **type**: Type of Entity, **id**: ID of Entity |**email**: Set to false to hide email information, default: true, **name**: Set to false to hide name information, default: true | Retrieve information of users with Authority (TYPE)_(ID).
|
||||
| POST | /{type}/{id} | **type**: Type of Entity, **id**: ID of Entity | **email**: Email of user, **force**: if true and Authority (TYPE)_(ID) doesn't exist, the Authority will be created, default: false | Assign Authority CURATOR_(TYPE) to user(s) with this email or logged in user, if email isn't provided.
|
||||
| POST | /{type}/{id} /create | **type**: Type of Entity, **id**: ID of Entity | **description**: Desciption of Authority (TYPE)_(ID) (optional) | Create Authority (TYPE)_(ID), along with (TYPE)_(ID)_(MANAGER).
|
||||
|
||||
### Super Admin Controller ("/super")
|
||||
|
||||
Methods to create other roles, regardless the previous schema.
|
||||
|
||||
| POST | /create | - | **name**: Name of Authority **description**: Desciption of Authority (optional) | Create Authority with this name e.g Test Authority will be TEST_AUTHORITY.
|
Loading…
Reference in New Issue