Skip to content

Latest commit

 

History

History
459 lines (298 loc) · 13.8 KB

RoleManagementApi.md

File metadata and controls

459 lines (298 loc) · 13.8 KB

RoleManagement

All URIs are relative to https://cockroachlabs.cloud

Method HTTP request Description
AddUserToRole Post /api/v1/roles/{user_id}/{resource_type}/{resource_id}/{role_name} Add the user to the given role
GetAllRolesForUser Get /api/v1/roles/{user_id} Get all Role Grants for a user
GetPersonUsersByEmail Get /api/v1/users/persons-by-email Search person users by email address
ListRoleGrants Get /api/v1/roles List all RoleGrants
RemoveUserFromRole Delete /api/v1/roles/{user_id}/{resource_type}/{resource_id}/{role_name} Remove the user from the given role
SetRolesForUser Put /api/v1/roles/{user_id} Make a user's roles exactly those provided

AddUserToRole

GetAllRolesForUserResponse AddUserToRole(ctx, userId, resourceType, resourceId, roleName).Execute()

Add the user to the given role

Roles that will be added as a result of this call must follow the CC rules for role assignment: https://www.cockroachlabs.com/docs/cockroachcloud/authorization#which-roles-grant-the-ability-to-add-remove-and-manage-members-in-in-a-cockroachdb-cloud-organization

Example

package main

import (
    "context"
    "fmt"
    "os"
    openapiclient "./openapi"
)

func main() {
    userId := "userId_example" // string | 
    resourceType := "resourceType_example" // string | 
    resourceId := "resourceId_example" // string | 
    roleName := "roleName_example" // string | 

    configuration := openapiclient.NewConfiguration()
    api_client := openapiclient.NewClient(configuration)
    resp, r, err := api_client.RoleManagementApi.AddUserToRole(context.Background(), userId, resourceType, resourceId, roleName).Execute()
    if err != nil {
        fmt.Fprintf(os.Stderr, "Error when calling `RoleManagementApi.AddUserToRole``: %v\n", err)
        fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
    }
    // response from `AddUserToRole`: GetAllRolesForUserResponse
    fmt.Fprintf(os.Stdout, "Response from `RoleManagementApi.AddUserToRole`: %v\n", resp)
}

Path Parameters

Name Type Description Notes
ctx context.Context context for authentication, logging, cancellation, deadlines, tracing, etc.
userId string
resourceType string
resourceId string
roleName string

Other Parameters

Other parameters are passed through a pointer to a apiAddUserToRole struct via the builder pattern

Name Type Description Notes

Return type

GetAllRolesForUserResponse

Authorization

Bearer

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

[Back to top] [Back to API list] [Back to README]

GetAllRolesForUser

GetAllRolesForUserResponse GetAllRolesForUser(ctx, userId).Execute()

Get all Role Grants for a user

Can be used by the following roles assigned at the organization scope:

  • ORG_ADMIN
  • CLUSTER_ADMIN

Example

package main

import (
    "context"
    "fmt"
    "os"
    openapiclient "./openapi"
)

func main() {
    userId := "userId_example" // string | 

    configuration := openapiclient.NewConfiguration()
    api_client := openapiclient.NewClient(configuration)
    resp, r, err := api_client.RoleManagementApi.GetAllRolesForUser(context.Background(), userId).Execute()
    if err != nil {
        fmt.Fprintf(os.Stderr, "Error when calling `RoleManagementApi.GetAllRolesForUser``: %v\n", err)
        fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
    }
    // response from `GetAllRolesForUser`: GetAllRolesForUserResponse
    fmt.Fprintf(os.Stdout, "Response from `RoleManagementApi.GetAllRolesForUser`: %v\n", resp)
}

Path Parameters

Name Type Description Notes
ctx context.Context context for authentication, logging, cancellation, deadlines, tracing, etc.
userId string

Other Parameters

Other parameters are passed through a pointer to a apiGetAllRolesForUser struct via the builder pattern

Name Type Description Notes

Return type

GetAllRolesForUserResponse

Authorization

Bearer

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

[Back to top] [Back to API list] [Back to README]

GetPersonUsersByEmail

GetPersonUsersByEmailResponse GetPersonUsersByEmail(ctx).Email(email).Execute()

Search person users by email address

Can be used by the following roles assigned at the organization scope:

  • ORG_ADMIN
  • CLUSTER_ADMIN

Example

package main

import (
    "context"
    "fmt"
    "os"
    openapiclient "./openapi"
)

func main() {
    email := "email_example" // string | an email address is required.

    configuration := openapiclient.NewConfiguration()
    api_client := openapiclient.NewClient(configuration)
    resp, r, err := api_client.RoleManagementApi.GetPersonUsersByEmail(context.Background()).Email(email).Execute()
    if err != nil {
        fmt.Fprintf(os.Stderr, "Error when calling `RoleManagementApi.GetPersonUsersByEmail``: %v\n", err)
        fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
    }
    // response from `GetPersonUsersByEmail`: GetPersonUsersByEmailResponse
    fmt.Fprintf(os.Stdout, "Response from `RoleManagementApi.GetPersonUsersByEmail`: %v\n", resp)
}

Path Parameters

Other Parameters

Other parameters are passed through a pointer to a apiGetPersonUsersByEmail struct via the builder pattern

Name Type Description Notes
email string an email address is required.

Return type

GetPersonUsersByEmailResponse

Authorization

Bearer

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

[Back to top] [Back to API list] [Back to README]

ListRoleGrants

ListRoleGrantsResponse ListRoleGrants(ctx).PaginationPage(paginationPage).PaginationLimit(paginationLimit).PaginationAsOfTime(paginationAsOfTime).PaginationSortOrder(paginationSortOrder).Execute()

List all RoleGrants

Can be used by the following roles assigned at the organization scope:

  • ORG_ADMIN
  • CLUSTER_ADMIN

Example

package main

import (
    "context"
    "fmt"
    "os"
    "time"
    openapiclient "./openapi"
)

func main() {
    paginationPage := "paginationPage_example" // string |  (optional)
    paginationLimit := int32(56) // int32 |  (optional)
    paginationAsOfTime := time.Now() // time.Time |  (optional)
    paginationSortOrder := "paginationSortOrder_example" // string |  - ASC: Sort in ascending order. This is the default unless otherwise specified.  - DESC: Sort in descending order. (optional)

    configuration := openapiclient.NewConfiguration()
    api_client := openapiclient.NewClient(configuration)
    resp, r, err := api_client.RoleManagementApi.ListRoleGrants(context.Background()).PaginationPage(paginationPage).PaginationLimit(paginationLimit).PaginationAsOfTime(paginationAsOfTime).PaginationSortOrder(paginationSortOrder).Execute()
    if err != nil {
        fmt.Fprintf(os.Stderr, "Error when calling `RoleManagementApi.ListRoleGrants``: %v\n", err)
        fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
    }
    // response from `ListRoleGrants`: ListRoleGrantsResponse
    fmt.Fprintf(os.Stdout, "Response from `RoleManagementApi.ListRoleGrants`: %v\n", resp)
}

Path Parameters

Other Parameters

Other parameters are passed through a pointer to a apiListRoleGrants struct via the builder pattern

Name Type Description Notes
paginationPage string
paginationLimit int32
paginationAsOfTime time.Time
paginationSortOrder string - ASC: Sort in ascending order. This is the default unless otherwise specified. - DESC: Sort in descending order.

Return type

ListRoleGrantsResponse

Authorization

Bearer

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

[Back to top] [Back to API list] [Back to README]

RemoveUserFromRole

GetAllRolesForUserResponse RemoveUserFromRole(ctx, userId, resourceType, resourceId, roleName).Execute()

Remove the user from the given role

Roles that will be removed as a result of this call must follow the CC rules for role assignment: https://www.cockroachlabs.com/docs/cockroachcloud/authorization#which-roles-grant-the-ability-to-add-remove-and-manage-members-in-in-a-cockroachdb-cloud-organization

Example

package main

import (
    "context"
    "fmt"
    "os"
    openapiclient "./openapi"
)

func main() {
    userId := "userId_example" // string | 
    resourceType := "resourceType_example" // string | 
    resourceId := "resourceId_example" // string | 
    roleName := "roleName_example" // string | 

    configuration := openapiclient.NewConfiguration()
    api_client := openapiclient.NewClient(configuration)
    resp, r, err := api_client.RoleManagementApi.RemoveUserFromRole(context.Background(), userId, resourceType, resourceId, roleName).Execute()
    if err != nil {
        fmt.Fprintf(os.Stderr, "Error when calling `RoleManagementApi.RemoveUserFromRole``: %v\n", err)
        fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
    }
    // response from `RemoveUserFromRole`: GetAllRolesForUserResponse
    fmt.Fprintf(os.Stdout, "Response from `RoleManagementApi.RemoveUserFromRole`: %v\n", resp)
}

Path Parameters

Name Type Description Notes
ctx context.Context context for authentication, logging, cancellation, deadlines, tracing, etc.
userId string
resourceType string
resourceId string
roleName string

Other Parameters

Other parameters are passed through a pointer to a apiRemoveUserFromRole struct via the builder pattern

Name Type Description Notes

Return type

GetAllRolesForUserResponse

Authorization

Bearer

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

[Back to top] [Back to API list] [Back to README]

SetRolesForUser

GetAllRolesForUserResponse SetRolesForUser(ctx, userId).CockroachCloudSetRolesForUserRequest(cockroachCloudSetRolesForUserRequest).Execute()

Make a user's roles exactly those provided

Roles that will be removed or added as a result of this call must follow the CC rules for role assignment: https://www.cockroachlabs.com/docs/cockroachcloud/authorization#which-roles-grant-the-ability-to-add-remove-and-manage-members-in-in-a-cockroachdb-cloud-organization

Example

package main

import (
    "context"
    "fmt"
    "os"
    openapiclient "./openapi"
)

func main() {
    userId := "userId_example" // string | 
    cockroachCloudSetRolesForUserRequest := *openapiclient.NewCockroachCloudSetRolesForUserRequest([]openapiclient.BuiltInRole{*openapiclient.NewBuiltInRole(openapiclient.OrganizationUserRole.Type("BILLING_COORDINATOR"), *openapiclient.NewResource(openapiclient.ResourceType.Type("ORGANIZATION")))}) // CockroachCloudSetRolesForUserRequest | 

    configuration := openapiclient.NewConfiguration()
    api_client := openapiclient.NewClient(configuration)
    resp, r, err := api_client.RoleManagementApi.SetRolesForUser(context.Background(), userId).CockroachCloudSetRolesForUserRequest(cockroachCloudSetRolesForUserRequest).Execute()
    if err != nil {
        fmt.Fprintf(os.Stderr, "Error when calling `RoleManagementApi.SetRolesForUser``: %v\n", err)
        fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
    }
    // response from `SetRolesForUser`: GetAllRolesForUserResponse
    fmt.Fprintf(os.Stdout, "Response from `RoleManagementApi.SetRolesForUser`: %v\n", resp)
}

Path Parameters

Name Type Description Notes
ctx context.Context context for authentication, logging, cancellation, deadlines, tracing, etc.
userId string

Other Parameters

Other parameters are passed through a pointer to a apiSetRolesForUser struct via the builder pattern

Name Type Description Notes

cockroachCloudSetRolesForUserRequest | CockroachCloudSetRolesForUserRequest | |

Return type

GetAllRolesForUserResponse

Authorization

Bearer

HTTP request headers

  • Content-Type: application/json
  • Accept: application/json

[Back to top] [Back to API list] [Back to README]