Create a New Authorization
Creates a new authorization.
Method
POST /authorization/create
Parameters
Request Body
A JSON object with the following properties:
Name | Value | Description |
---|---|---|
type | Integer | The type of the authorization. (0=global, 1=grant, 2=revoke). See the User Guide for more information about authorization types. |
permissions | String | An array of Strings holding the permissions provided by this authorization. |
userId | String | The id of the user this authorization has been created for. The value "*" represents a global authorization ranging over all users. |
groupId | String | The id of the group this authorization has been created for. |
resourceType | Integer | An integer representing the resource type. See the User Guide for a list of integer representations of resource types. |
resourceId | String | The resource Id. The value "*" represents an authorization ranging over all instances of a resource. |
Result
A JSON array with the following properties:
Name | Value | Description |
---|---|---|
id | String | The id of the authorization. |
type | Integer | The type of the authorization (0=global, 1=grant, 2=revoke). |
permissions | String | An array of Strings holding the permissions provided by this authorization. |
userId | String | The id of the user this authorization has been created for. The value "*" represents a global authorization ranging over all users. |
groupId | String | The id of the group this authorization has been created for. |
resourceType | Integer | An integer representing the resource type. See the User Guide for a list of integer representations of resource types. |
resourceId | String | The resource Id. The value "*" represents an authorization ranging over all instances of a resource. |
links | Object | A JSON array containing links to interact with the resource. The links contain only operations that the currently authenticated user would be authorized to perform. |
removalTime | String |
The removal time indicates the date a historic instance authorization is cleaned up.
A removal time can only be assigned to a historic instance authorization.
Can be null when not related to a historic instance resource or when the removal time strategy is end and the root process instance is not finished.
Default format yyyy-MM-dd'T'HH:mm:ss.SSSZ .
|
rootProcessInstanceId | String |
The process instance id of the root process instance the historic instance authorization is related to.
Can be null if not related to a historic instance resource.
|
Response Codes
Code | Media type | Description |
---|---|---|
200 | application/json | Request successful. |
400 | application/json | Returned if some of the properties in the request body are invalid, for example if a permission parameter is not valid for the provided resourceType. See the Introduction for the error response format. |
403 | application/json | The authenticated user is unauthorized to create an instance of this resource. See the Introduction for the error response format. |
500 | application/json | The authorization could not be updated due to an internal server error. See the Introduction for the error response format. |
Example
Request
POST /authorization/create
Request Body:
{"type" : 0,
"permissions": ["CREATE", "READ"],
"userId": "*",
"groupId": null,
"resourceType": 1,
"resourceId": "*"}
Response
Status 200.
{"id":"anAuthorizationId",
"type": 0,
"permissions": ["CREATE", "READ"],
"userId": "*",
"groupId": null,
"resourceType": 1,
"resourceId": "*",
"removalTime": "2018-02-10T14:33:19.000+0200",
"rootProcessInstanceId": "f8259e5d-ab9d-11e8-8449-e4a7a094a9d6",
"links":[
{"method": "GET", href":"http://localhost:8080/engine-rest/authorization/anAuthorizationId", "rel":"self"},
{"method": "PUT", href":"http://localhost:8080/engine-rest/authorization/anAuthorizationId", "rel":"update"},
{"method": "DELETE", href":"http://localhost:8080/engine-rest/authorization/anAuthorizationId", "rel":"delete"}
]}