Skip to content

Commit

Permalink
Accesscontrol update api examples (grafana#37654)
Browse files Browse the repository at this point in the history 
* Fix status, add global flags

* Check examples are working, correct where they aren't
  • Loading branch information
Jeremy Price authored Aug 9, 2021
1 parent c5eea16 commit fe50031
Showing 1 changed file with 30 additions and 22 deletions.
52 changes: 30 additions & 22 deletions docs/sources/http_api/access_control.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,10 +26,11 @@ Returns an indicator to check if fine-grained access control is enabled or not.
| -------------------- | ---------------------- |
| status:accesscontrol | services:accesscontrol |


#### Example request

```http
GET /api/access-control/check
GET /api/access-control/status
Accept: application/json
Content-Type: application/json
```
Expand Down Expand Up @@ -61,6 +62,7 @@ Content-Type: application/json; charset=UTF-8
`GET /api/access-control/roles`

Gets all existing roles. The response contains all global and organization local roles, for the organization which user is signed in.

Refer to the [Role scopes]({{< relref "../enterprise/access-control/roles.md#built-in-role-assignments" >}}) for more information.

#### Required permissions
Expand Down Expand Up @@ -254,6 +256,7 @@ Content-Type: application/json; charset=UTF-8

#### Status codes


| Code | Description |
| ---- | ---------------------------------------------------------------------------------- |
| 200 | Role is updated. |
Expand All @@ -276,6 +279,7 @@ For example, if a user does not have required permissions for creating users, th
| ----------- | -------------------- |
| roles:write | permissions:delegate |


#### Example request

```http
Expand All @@ -284,16 +288,17 @@ Accept: application/json
Content-Type: application/json
{
"version": 2,
"name": "custom:delete:create:roles",
"description": "My custom role which gives users permissions to delete and create roles",
"version": 3,
"name": "custom:delete:write:roles",
"description": "My custom role which gives users permissions to delete and write roles",
"global": true,
"permissions": [
{
"action": "roles:delete",
"scope": "permissions:delegate"
},
{
"action": "roles:create",
{
"action": "roles:write",
"scope": "permissions:delegate"
}
]
Expand Down Expand Up @@ -323,25 +328,27 @@ HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
{
"version": 3,
"name": "custom:delete:create:roles",
"description": "My custom role which gives users permissions to delete and create roles",
"permissions": [
"version":3,
"uid":"jZrmlLCGka",
"name":"custom:delete:write:roles",
"description":"My custom role which gives users permissions to delete and write roles",
"permissions":[
{
"action": "roles:delete",
"scope": "permissions:delegate",
"updated": "2021-05-13T23:19:46.546146+02:00",
"created": "2021-05-13T23:19:46.546146+02:00"
"action":"roles:delete",
"scope":"permissions:delegate",
"updated":"2021-08-06T18:27:40+02:00",
"created":"2021-08-06T18:27:40+02:00"
},
{
"action": "roles:create",
"scope": "permissions:delegate",
"updated": "2021-05-13T23:19:46.546146+02:00",
"created": "2021-05-13T23:19:46.546146+02:00"
{
"action":"roles:write",
"scope":"permissions:delegate",
"updated":"2021-08-06T18:27:41+02:00",
"created":"2021-08-06T18:27:41+02:00"
}
],
"updated": "2021-05-13T23:19:46.540987+02:00",
"created": "2021-05-13T23:19:46.540986+02:00"
"updated":"2021-08-06T18:27:41+02:00",
"created":"2021-08-06T18:27:40+02:00",
"global":true
}
```

Expand Down Expand Up @@ -370,10 +377,11 @@ For example, if a user does not have required permissions for creating users, th
| ------------ | -------------------- |
| roles:delete | permissions:delegate |


#### Example request

```http
DELETE /api/access-control/roles/jZrmlLCGka?force=true
DELETE /api/access-control/roles/jZrmlLCGka?force=true&global=true
Accept: application/json
```

Expand Down

0 comments on commit fe50031

Please sign in to comment.