Auth Registrar: Access

From OSF Wiki
Jump to: navigation, search
Auth Registrar: Access endpoint version:
1.1
2
3

The Auth Registrar: Access Web service is used to register access to a group of users, a specific dataset and all the registered Web services endpoints registered to the WSF (Web Services Framework) with given CRUD (Create, Read, Update and Delete) permissions in an OSF Web Services instance.

Developers communicate with the Auth Registrar: Access Web service using the HTTP POST method. You may request any of the available content types (*/*).

No content is returned by the Web service endpoint if the endpoint successfully executed the query. Only a "200 OK" message will be returned in the header.

Version

This documentation page is used for the version 3 of this endpoint. Check at the top of this page to see the documentation pages for the other versions of this endpoint.

Usage

This Web service is intended to be used by content management systems, developers or administrators to manage access to WSF (Web Service Framework) resources (users, datasets, Web services endpoints).

This web service endpoint is used to create what we refer to as an access permissions record. This record describe the CRUD permissions, for a group of users, to use a set of web service endpoints, to query a target dataset.

Read more about how the OSF Web Services access permissions works by reading this page...

Web Service Endpoint Information

This section describes all you permissions you need in the WSF (Web Service Framework) to send a query to this Web service endpoint, and it describes how to access it.

To access this Web service endpoint you need the proper CRUD (Create, Read, Update and Delete) permissions on a specific graph (dataset) of the WSF. Without the proper permissions on this graph you won't be able to send any queries to the endpoint.

Needed registered CRUD permission:
  • Create: True
  • Read: True
  • Update: False
  • Delete: False

As shown on the graph URI:

  • http://[...]/wsf/

Here is the information needed to communicate with this Web service's endpoint. Descriptions of the parameters are included below.

Note: if a parameter has a default value, the requester can omit it and the default value will be used. Also, some baseline Web services may not offer other values than the default.

HTTP Method:
  • POST

Possible "Accept:" HTTP header field value:

  • */*

URI:

  • http://[...]/ws/auth/registrar/access/?crud=&ws_uris=&dataset=&action=&target_access_uri=&group=&interface=&version=

URI dynamic parameters description:

Note: All parameters have to be URL-encoded

  • crud. A quadruple with a value "True" or "False" defined as <Create;Read;Update;Delete>. Each value is separated by the ";" character. an example of such a quadruple is: "crud=True;True;False;False", meaning: Create = True, Read = True, Update = False and Delete = False. This defines the permissions granted for the target IP, target Dataset and target Web Service Endpoints of this access permission record.
  • ws_uris. A list of ";" separated Web services URI accessible by this access permissions record
  • dataset. URI of the target dataset of this access permissions record
  • action. One of:
    • "create (default)": Create a new access permissions record
    • "delete_target": Delete target access permissions records for a specific IP address and a specific dataset. This deletes all the access permissions of a user for a target dataset.
    • "delete_specific": Delete a specific access permissions records
    • "delete_all": Delete all access permissions records for a target dataset
    • "update": Update an existing access permissions record
  • target_access_uri. Target URI of the access resource to update. Only used when param4 = update or when param4 = delete_specific
  • group. Target Group URI related to the acces record being created
  • interface. Source interface used for this web service query. The interface is a different way to process a query (different algorithms, different data management system, etc. The default interface is 'default'
  • version. (default: 3.0) Version of the interface to query

Query Answer from the Endpoint

If the query is successfully performed by the endpoint (i.e., the access resource has been properly created, updated or deleted), the endpoint will return the HTTP status message "200 OK" with an empty body. If an error occurred, one of the HTTP status messages with the description of the error message in the body of the HTTP query will be returned.

Available Sources Interfaces

A source interface is a way to process a web service query. Different sources interfaces can be implemented for the same OSF Web Service endpoint. Each interface will process the query differently, but all the queries to the web service endpoint will be the same, at the exception of the interface parameter. Each interface shares the same API (the one defined by the web service endpoint), but their processing may differ (like using different algorithms, using different data management systems, etc.)

This is a list of the core interfaces for this endpoint. Organizations that hosts a OSF Web Service network could create their own interface and make it available to the users. However such private source interface won't be part of this list, but should be publicized by the organization.


Source Interface Name Description
default Default source interface for this OSF Web Service endpoint. This interface implements the default behavior of this OSF Web Service endpoint.


HTTP Status Codes

Here are the possible HTTP status (error) codes returned by this Web service endpoint.

On error code and the specific error, a different message description can be issued (meaning a different error has been returned).


HTTP 200

Message Description
OK


HTTP 400

ID Level Name Description
WS-AUTH-REGISTRAR-ACCESS-200 Warning Action type undefined No type of 'action' has been defined for this query.
WS-AUTH-REGISTRAR-ACCESS-201 Warning No Group to register to No Group URI has been defined for this query.
WS-AUTH-REGISTRAR-ACCESS-202 Warning No crud access defined No crud access have been defined for this query.
WS-AUTH-REGISTRAR-ACCESS-203 Warning No web service URI(s) defined No web service URI(s) have been defined for this query.
WS-AUTH-REGISTRAR-ACCESS-204 Warning No dataset defined No dataset has been defined for this query.
WS-AUTH-REGISTRAR-ACCESS-205 Warning No target Access URI defined for update No target Access URI has been defined to be updated for this query.
WS-AUTH-REGISTRAR-ACCESS-207 Warning Unexisting group The group URI you provided is not existing in this OSF network instance
WS-AUTH-REGISTRAR-ACCESS-300 Fatal Can't create the access to this dataset An error occured when we tried to create the new access to this dataset
WS-AUTH-REGISTRAR-ACCESS-301 Fatal Can't update the access to this dataset An error occured when we tried to update the new access to this dataset
WS-AUTH-REGISTRAR-ACCESS-302 Fatal Can't delete the access to this dataset An error occured when we tried to delete the new access to this dataset
WS-AUTH-REGISTRAR-ACCESS-303 Fatal Can't delete all accesses to this dataset An error occured when we tried to delete all accesses to this dataset
WS-AUTH-REGISTRAR-ACCESS-304 Fatal Requested source interface not existing The source interface you requested is not existing for this web service endpoint.
WS-AUTH-REGISTRAR-ACCESS-305 Fatal Requested incompatible Source Interface version The version of the source interface you requested is not compatible with the version of the source interface currently hosted on the system. Please make sure that your tool get upgraded for using this current version of the endpoint.
WS-AUTH-REGISTRAR-ACCESS-306 Fatal Source Interface's version not compatible with the web service endpoint's The version of the source interface you requested is not compatible with the one of the web service endpoint. Please contact the system administrator such that he updates the source interface to make it compatible with the new endpoint version.
WS-AUTH-REGISTRAR-ACCESS-307 Fatal Can't delete access record Can't delete the specific access record specified in this query
WS-AUTH-REGISTRAR-ACCESS-308 Fatal Can't delete all accesses to this group An error occured when we tried to delete all accesses to this group
WS-AUTH-REGISTRAR-ACCESS-309 Warning Invalid group URI The URI of the group is not valid.
WS-AUTH-REGISTRAR-ACCESS-310 Warning Invalid dataset URI The URI of the dataset is not valid.
WS-AUTH-REGISTRAR-ACCESS-311 Warning Invalid target access URI The URI of the target access is not valid.

HTTP 403

ID Level Name Description
WS-AUTH-VALIDATION-100 Fatal Unauthorized Request Your request cannot be authorized for this web service call
WS-AUTH-VALIDATION-101 Fatal Unauthorized Request Your request cannot be authorized for this web service call
WS-AUTH-VALIDATION-102 Fatal Couldn't authorize request An internal error occured when we tried to authorize this request
WS-AUTH-VALIDATION-103 Fatal Unauthorized Request Your request cannot be authorized for this user: "---", on this dataset: "---", using this web service endpoint: "---"


HTTP 406

Message Description
Not Acceptable Unacceptable mime type requested


HTTP 500

Message Description
Internal Error