|
|
```
|
|
|
swagger: "2.0"
|
|
|
info:
|
|
|
description: "Entitlement Service handles user management and permissions within the Data Ecosystem."
|
|
|
title: "Entitlements Service"
|
|
|
version: "1.0.0"
|
|
|
contact:
|
|
|
name: DELFI support
|
|
|
email: DELFI-DevPortal-Help@slb.com
|
|
|
host: "api.evq.csp.slb.com"
|
|
|
basePath: "/de/entitlements/v1"
|
|
|
tags:
|
|
|
- name: "Entitlements Groups Administration"
|
|
|
description: "Group creation and Listing groups for a member."
|
|
|
- name: "Entitlements Members Administration"
|
|
|
description: "Adding members, Getting member details and Getting members within a group"
|
|
|
- name: "Entitlements Auth Administration"
|
|
|
description: "Validates the JWT"
|
|
|
consumes:
|
|
|
- "application/json"
|
|
|
produces:
|
|
|
- "application/json"
|
|
|
schemes:
|
|
|
- "https"
|
|
|
security:
|
|
|
- bearer: []
|
|
|
appkey: []
|
|
|
paths:
|
|
|
/groups:
|
|
|
get:
|
|
|
tags:
|
|
|
- "Entitlements Groups Administration"
|
|
|
description: "Lists all the groups that the user belongs to in the given data partition. This API requires caller to have the service.entitlements.user permission"
|
|
|
operationId: "groups"
|
|
|
produces:
|
|
|
- "application/json"
|
|
|
parameters:
|
|
|
- name: "slb-data-partition-id"
|
|
|
in: "header"
|
|
|
description: "This value should be the desired data partition id."
|
|
|
required: true
|
|
|
type: "string"
|
|
|
default: "common"
|
|
|
responses:
|
|
|
200:
|
|
|
description: "List of groups"
|
|
|
schema:
|
|
|
items:
|
|
|
$ref: "#/responses/GroupsListRes"
|
|
|
401:
|
|
|
description: "User is unauthorized."
|
|
|
schema:
|
|
|
"$ref": "#/definitions/AppError"
|
|
|
security:
|
|
|
- bearer: []
|
|
|
appkey: []
|
|
|
post:
|
|
|
tags:
|
|
|
- "Entitlements Groups Administration"
|
|
|
description: "Creates a new group with the original caller becoming the OWNER of the group being created. This API requires caller to have the service.entitlements.admin permission"
|
|
|
operationId: "createGroup"
|
|
|
produces:
|
|
|
- "application/json"
|
|
|
consumes:
|
|
|
- "application/json"
|
|
|
parameters:
|
|
|
- name: "slb-data-partition-id"
|
|
|
in: "header"
|
|
|
description: "This value should be the desired data partition id."
|
|
|
required: true
|
|
|
type: "string"
|
|
|
default: "common"
|
|
|
- description: "Payload"
|
|
|
name: "body"
|
|
|
in: "body"
|
|
|
required: true
|
|
|
schema:
|
|
|
$ref: "#/definitions/InsertGroupBodyReq"
|
|
|
responses:
|
|
|
200:
|
|
|
description: "Group details"
|
|
|
schema:
|
|
|
$ref: "#/definitions/GroupRes"
|
|
|
401:
|
|
|
description: "User is unauthorized."
|
|
|
schema:
|
|
|
$ref: "#/definitions/AppError"
|
|
|
409:
|
|
|
description: "Conflict. Failed to insert group. Entity already exists."
|
|
|
schema:
|
|
|
$ref: "#/definitions/AppError"
|
|
|
security:
|
|
|
- bearer: []
|
|
|
appkey: []
|
|
|
/groups/{group_email}/members:
|
|
|
get:
|
|
|
tags:
|
|
|
- "Entitlements Members Administration"
|
|
|
description: "This lists the direct members of a group. This API requires the service.entitlements.user permission and to be either a MEMBER/OWNER of the requested group"
|
|
|
operationId: "listMembers"
|
|
|
produces:
|
|
|
- "application/json"
|
|
|
parameters:
|
|
|
- name: "slb-data-partition-id"
|
|
|
in: "header"
|
|
|
description: "This value should be the desired data partition id."
|
|
|
required: true
|
|
|
type: "string"
|
|
|
default: "common"
|
|
|
- name: "group_email"
|
|
|
in: "path"
|
|
|
description: "group email"
|
|
|
required: true
|
|
|
type: "string"
|
|
|
default: "users.datalake.viewers@common.p4d.cloud.slb-ds.com"
|
|
|
- name: "role"
|
|
|
in: "query"
|
|
|
description: "role"
|
|
|
required: false
|
|
|
type: "string"
|
|
|
enum: [OWNER, MEMBER]
|
|
|
default: "OWNER"
|
|
|
- name: "cursor"
|
|
|
in: "query"
|
|
|
description: "cursor"
|
|
|
type: "string"
|
|
|
- name: "limit"
|
|
|
in: "query"
|
|
|
description: "limit"
|
|
|
type: "integer"
|
|
|
format: "int64"
|
|
|
responses:
|
|
|
200:
|
|
|
description: "List of members with in a group."
|
|
|
schema:
|
|
|
$ref: "#/definitions/MemberList"
|
|
|
401:
|
|
|
description: "User is unauthorized."
|
|
|
schema:
|
|
|
$ref: "#/definitions/AppError"
|
|
|
security:
|
|
|
- bearer: []
|
|
|
appkey: []
|
|
|
post:
|
|
|
tags:
|
|
|
- "Entitlements Members Administration"
|
|
|
description: "Adds a member to an existing group. This API requires the service.entitlements.user permission and to be an OWNER of the requested group."
|
|
|
operationId: "createMembers"
|
|
|
produces:
|
|
|
- "application/json"
|
|
|
parameters:
|
|
|
- name: "slb-data-partition-id"
|
|
|
in: "header"
|
|
|
description: "This value should be the desired data partition id."
|
|
|
required: true
|
|
|
type: "string"
|
|
|
default: "common"
|
|
|
- name: "group_email"
|
|
|
in: "path"
|
|
|
description: "group email"
|
|
|
required: true
|
|
|
type: "string"
|
|
|
default: "users.datalake.viewers@common.p4d.cloud.slb-ds.com"
|
|
|
- name: "member"
|
|
|
in: "body"
|
|
|
description: "member"
|
|
|
required: true
|
|
|
schema:
|
|
|
$ref: "#/definitions/InsertMemberBodyReq"
|
|
|
responses:
|
|
|
200:
|
|
|
description: "Add member into a group. It take effect immediately."
|
|
|
schema:
|
|
|
$ref: "#/definitions/MemberResBody"
|
|
|
401:
|
|
|
description: "User is unauthorized."
|
|
|
schema:
|
|
|
$ref: "#/definitions/AppError"
|
|
|
security:
|
|
|
- bearer: []
|
|
|
appkey: []
|
|
|
/groups/{group_email}/members/{member_email}:
|
|
|
delete:
|
|
|
tags:
|
|
|
- "Entitlements Members Administration"
|
|
|
description: "Delete member from a group. This API requires the service.entitlements.user permission and be an OWNER in the group"
|
|
|
operationId: "deleteMember"
|
|
|
produces:
|
|
|
- "application/json"
|
|
|
parameters:
|
|
|
- name: "slb-data-partition-id"
|
|
|
in: "header"
|
|
|
description: "This value should be the desired data partition id."
|
|
|
required: true
|
|
|
type: "string"
|
|
|
default: "common"
|
|
|
- name: "group_email"
|
|
|
in: "path"
|
|
|
description: "group email"
|
|
|
required: true
|
|
|
type: "string"
|
|
|
default: "users.datalake.viewers@common.p4d.cloud.slb-ds.com"
|
|
|
- name: "member_email"
|
|
|
in: "path"
|
|
|
description: "member email"
|
|
|
required: true
|
|
|
type: "string"
|
|
|
default: "member@domain.com"
|
|
|
responses:
|
|
|
200:
|
|
|
description: "Delete member from a group. It take effect immediately."
|
|
|
401:
|
|
|
description: "User is unauthorized."
|
|
|
schema:
|
|
|
$ref: "#/definitions/AppError"
|
|
|
security:
|
|
|
- bearer: []
|
|
|
appkey: []
|
|
|
definitions:
|
|
|
AppError:
|
|
|
type: "object"
|
|
|
properties:
|
|
|
code:
|
|
|
type: "integer"
|
|
|
format: int32
|
|
|
name:
|
|
|
type: "string"
|
|
|
message:
|
|
|
type: "string"
|
|
|
description: "An error that occurs during normal application logic"
|
|
|
InsertMemberBodyReq:
|
|
|
description: "InsertMemberBodyReq is the message format of the member."
|
|
|
type: "object"
|
|
|
properties:
|
|
|
email:
|
|
|
type: "string"
|
|
|
example: "member@domain.com"
|
|
|
role:
|
|
|
type: "string"
|
|
|
enum: [OWNER, MEMBER]
|
|
|
example: "OWNER"
|
|
|
example:
|
|
|
email: "member@domain.com"
|
|
|
role: "OWNER"
|
|
|
InsertGroupBodyReq:
|
|
|
description: "InsertGroupBodyReq is the message format of the group"
|
|
|
type: "object"
|
|
|
properties:
|
|
|
name:
|
|
|
type: "string"
|
|
|
example: "users.example.viewers"
|
|
|
description:
|
|
|
type: "string"
|
|
|
example: "This is an user group for example viewers."
|
|
|
example:
|
|
|
name: "users.example.viewers"
|
|
|
description: "This is an user group for example viewers."
|
|
|
GroupRes:
|
|
|
description: "GroupRes is the group details"
|
|
|
type: "object"
|
|
|
properties:
|
|
|
name:
|
|
|
type: "string"
|
|
|
email:
|
|
|
type: "string"
|
|
|
description:
|
|
|
type: "string"
|
|
|
example:
|
|
|
name: "users.example.viewers,"
|
|
|
email: "users.datalake.viewers@common.p4d.cloud.slb-ds.com,"
|
|
|
description: "This is an user group for example viewers."
|
|
|
x-go-package: "entitlements/group"
|
|
|
GroupList:
|
|
|
description: "GroupList contains a list of Groups"
|
|
|
type: "object"
|
|
|
properties:
|
|
|
Groups:
|
|
|
type: "array"
|
|
|
items:
|
|
|
$ref: "#/definitions/GroupRes"
|
|
|
x-go-package: "entitlements/group"
|
|
|
MemberResBody:
|
|
|
description: "MemberResBody is the body of the MemberRes response."
|
|
|
type: "object"
|
|
|
properties:
|
|
|
email:
|
|
|
type: "string"
|
|
|
description: "Email of the member."
|
|
|
role:
|
|
|
type: "string"
|
|
|
description: "Role of the member in the group."
|
|
|
x-go-package: "entitlements/member"
|
|
|
MemberList:
|
|
|
description: "MemberList contains a list of members."
|
|
|
type: "object"
|
|
|
properties:
|
|
|
members:
|
|
|
type: "array"
|
|
|
items:
|
|
|
$ref: "#/definitions/MemberResBody"
|
|
|
x-go-package: "member"
|
|
|
responses:
|
|
|
Empty:
|
|
|
description: "This is an empty message used in a response."
|
|
|
GroupsListRes:
|
|
|
description: "GroupsListRes is the response containing the list of groups."
|
|
|
schema:
|
|
|
$ref: "#/definitions/GroupList"
|
|
|
UserListRes:
|
|
|
description: "UserListRes is the response containing the list of members."
|
|
|
schema:
|
|
|
$ref: "#/definitions/MemberList"
|
|
|
MemberRes:
|
|
|
description: "MemberRes is the response containing member information."
|
|
|
schema:
|
|
|
$ref: "#/definitions/MemberResBody"
|
|
|
MemberListRes:
|
|
|
description: "MemberListRes is the response containing the list of members."
|
|
|
schema:
|
|
|
$ref: "#/definitions/MemberList"
|
|
|
securityDefinitions:
|
|
|
bearer:
|
|
|
type: apiKey
|
|
|
name: Authorization
|
|
|
in: header
|
|
|
appkey:
|
|
|
type: apiKey
|
|
|
name: appkey
|
|
|
in: header |