Skip to content

Latest commit

 

History

History
465 lines (301 loc) · 14.2 KB

RoleManagementApi.md

File metadata and controls

465 lines (301 loc) · 14.2 KB
Raw

RoleManagement

All URIs are relative to https://cockroachlabs.cloud

Method HTTP request Description
AddUserToRole Post /api/v1/roles/{user_id}/{resource_type}/{resource_id}/{role_name} Add a role to a user or service account
GetAllRolesForUser Get /api/v1/roles/{user_id} Get all Role Grants for a user
GetPersonUsersByEmail Get /api/v1/users/persons-by-email Search person users by email address
ListRoleGrants Get /api/v1/roles List all RoleGrants
RemoveUserFromRole Delete /api/v1/roles/{user_id}/{resource_type}/{resource_id}/{role_name} Remove a role from a user or service account
SetRolesForUser Put /api/v1/roles/{user_id} Replace the roles for a user or service account with exactly those provided

AddUserToRole

GetAllRolesForUserResponse AddUserToRole(ctx, userId, resourceType, resourceId, roleName).Execute()

Add a role to a user or service account

Add a single role to a user or service account by providing its user_id or service_account_id.

Roles that will be added as a result of this call must follow the CC rules for role assignment: https://www.cockroachlabs.com/docs/cockroachcloud/authorization#which-roles-grant-the-ability-to-add-remove-and-manage-members-in-in-a-cockroachdb-cloud-organization

Example

package main

import (
    "context"
    "fmt"
    "os"
    openapiclient "./openapi"
)

func main() {
    userId := "userId_example" // string | 
    resourceType := "resourceType_example" // string | 
    resourceId := "resourceId_example" // string | 
    roleName := "roleName_example" // string | 

    configuration := openapiclient.NewConfiguration()
    api_client := openapiclient.NewClient(configuration)
    resp, r, err := api_client.RoleManagementApi.AddUserToRole(context.Background(), userId, resourceType, resourceId, roleName).Execute()
    if err != nil {
        fmt.Fprintf(os.Stderr, "Error when calling `RoleManagementApi.AddUserToRole``: %v\n", err)
        fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
    }
    // response from `AddUserToRole`: GetAllRolesForUserResponse
    fmt.Fprintf(os.Stdout, "Response from `RoleManagementApi.AddUserToRole`: %v\n", resp)
}

Path Parameters

Name Type Description Notes
ctx context.Context context for authentication, logging, cancellation, deadlines, tracing, etc.
userId string
resourceType string
resourceId string
roleName string

Other Parameters

Other parameters are passed through a pointer to a apiAddUserToRole struct via the builder pattern

Name Type Description Notes

Return type

GetAllRolesForUserResponse

Authorization

Bearer

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

[Back to top] [Back to API list] [Back to README]

GetAllRolesForUser

GetAllRolesForUserResponse GetAllRolesForUser(ctx, userId).Execute()

Get all Role Grants for a user

Can be used by the following roles assigned at the organization scope:

  • ORG_ADMIN
  • CLUSTER_ADMIN

Example

package main

import (
    "context"
    "fmt"
    "os"
    openapiclient "./openapi"
)

func main() {
    userId := "userId_example" // string | 

    configuration := openapiclient.NewConfiguration()
    api_client := openapiclient.NewClient(configuration)
    resp, r, err := api_client.RoleManagementApi.GetAllRolesForUser(context.Background(), userId).Execute()
    if err != nil {
        fmt.Fprintf(os.Stderr, "Error when calling `RoleManagementApi.GetAllRolesForUser``: %v\n", err)
        fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
    }
    // response from `GetAllRolesForUser`: GetAllRolesForUserResponse
    fmt.Fprintf(os.Stdout, "Response from `RoleManagementApi.GetAllRolesForUser`: %v\n", resp)
}

Path Parameters

Name Type Description Notes
ctx context.Context context for authentication, logging, cancellation, deadlines, tracing, etc.
userId string

Other Parameters

Other parameters are passed through a pointer to a apiGetAllRolesForUser struct via the builder pattern

Name Type Description Notes

Return type

GetAllRolesForUserResponse

Authorization

Bearer

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

[Back to top] [Back to API list] [Back to README]

GetPersonUsersByEmail

GetPersonUsersByEmailResponse GetPersonUsersByEmail(ctx).Email(email).Execute()

Search person users by email address

Can be used by the following roles assigned at the organization scope:

  • ORG_ADMIN
  • CLUSTER_ADMIN

Example

package main

import (
    "context"
    "fmt"
    "os"
    openapiclient "./openapi"
)

func main() {
    email := "email_example" // string | an email address is required.

    configuration := openapiclient.NewConfiguration()
    api_client := openapiclient.NewClient(configuration)
    resp, r, err := api_client.RoleManagementApi.GetPersonUsersByEmail(context.Background()).Email(email).Execute()
    if err != nil {
        fmt.Fprintf(os.Stderr, "Error when calling `RoleManagementApi.GetPersonUsersByEmail``: %v\n", err)
        fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
    }
    // response from `GetPersonUsersByEmail`: GetPersonUsersByEmailResponse
    fmt.Fprintf(os.Stdout, "Response from `RoleManagementApi.GetPersonUsersByEmail`: %v\n", resp)
}

Path Parameters

Other Parameters

Other parameters are passed through a pointer to a apiGetPersonUsersByEmail struct via the builder pattern

Name Type Description Notes
email string an email address is required.

Return type

GetPersonUsersByEmailResponse

Authorization

Bearer

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

[Back to top] [Back to API list] [Back to README]

ListRoleGrants

ListRoleGrantsResponse ListRoleGrants(ctx).PaginationPage(paginationPage).PaginationLimit(paginationLimit).PaginationAsOfTime(paginationAsOfTime).PaginationSortOrder(paginationSortOrder).Execute()

List all RoleGrants

Can be used by the following roles assigned at the organization scope:

  • ORG_ADMIN
  • CLUSTER_ADMIN

Example

package main

import (
    "context"
    "fmt"
    "os"
    "time"
    openapiclient "./openapi"
)

func main() {
    paginationPage := "paginationPage_example" // string |  (optional)
    paginationLimit := int32(56) // int32 |  (optional)
    paginationAsOfTime := time.Now() // time.Time |  (optional)
    paginationSortOrder := "paginationSortOrder_example" // string |  - ASC: Sort in ascending order. This is the default unless otherwise specified.  - DESC: Sort in descending order. (optional)

    configuration := openapiclient.NewConfiguration()
    api_client := openapiclient.NewClient(configuration)
    resp, r, err := api_client.RoleManagementApi.ListRoleGrants(context.Background()).PaginationPage(paginationPage).PaginationLimit(paginationLimit).PaginationAsOfTime(paginationAsOfTime).PaginationSortOrder(paginationSortOrder).Execute()
    if err != nil {
        fmt.Fprintf(os.Stderr, "Error when calling `RoleManagementApi.ListRoleGrants``: %v\n", err)
        fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
    }
    // response from `ListRoleGrants`: ListRoleGrantsResponse
    fmt.Fprintf(os.Stdout, "Response from `RoleManagementApi.ListRoleGrants`: %v\n", resp)
}

Path Parameters

Other Parameters

Other parameters are passed through a pointer to a apiListRoleGrants struct via the builder pattern

Name Type Description Notes
paginationPage string
paginationLimit int32
paginationAsOfTime time.Time
paginationSortOrder string - ASC: Sort in ascending order. This is the default unless otherwise specified. - DESC: Sort in descending order.

Return type

ListRoleGrantsResponse

Authorization

Bearer

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

[Back to top] [Back to API list] [Back to README]

RemoveUserFromRole

GetAllRolesForUserResponse RemoveUserFromRole(ctx, userId, resourceType, resourceId, roleName).Execute()

Remove a role from a user or service account

Remove a single role from a user or service account by providing its user_id or service_account_id.

Roles that will be removed as a result of this call must follow the CC rules for role assignment: https://www.cockroachlabs.com/docs/cockroachcloud/authorization#which-roles-grant-the-ability-to-add-remove-and-manage-members-in-in-a-cockroachdb-cloud-organization

Example

package main

import (
    "context"
    "fmt"
    "os"
    openapiclient "./openapi"
)

func main() {
    userId := "userId_example" // string | 
    resourceType := "resourceType_example" // string | 
    resourceId := "resourceId_example" // string | 
    roleName := "roleName_example" // string | 

    configuration := openapiclient.NewConfiguration()
    api_client := openapiclient.NewClient(configuration)
    resp, r, err := api_client.RoleManagementApi.RemoveUserFromRole(context.Background(), userId, resourceType, resourceId, roleName).Execute()
    if err != nil {
        fmt.Fprintf(os.Stderr, "Error when calling `RoleManagementApi.RemoveUserFromRole``: %v\n", err)
        fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
    }
    // response from `RemoveUserFromRole`: GetAllRolesForUserResponse
    fmt.Fprintf(os.Stdout, "Response from `RoleManagementApi.RemoveUserFromRole`: %v\n", resp)
}

Path Parameters

Name Type Description Notes
ctx context.Context context for authentication, logging, cancellation, deadlines, tracing, etc.
userId string
resourceType string
resourceId string
roleName string

Other Parameters

Other parameters are passed through a pointer to a apiRemoveUserFromRole struct via the builder pattern

Name Type Description Notes

Return type

GetAllRolesForUserResponse

Authorization

Bearer

HTTP request headers

  • Content-Type: Not defined
  • Accept: application/json

[Back to top] [Back to API list] [Back to README]

SetRolesForUser

GetAllRolesForUserResponse SetRolesForUser(ctx, userId).CockroachCloudSetRolesForUserRequest(cockroachCloudSetRolesForUserRequest).Execute()

Replace the roles for a user or service account with exactly those provided

Replace the entire role set for a user or service account by providing its user_id or service_account_id.

Roles that will be removed or added as a result of this call must follow the CC rules for role assignment: https://www.cockroachlabs.com/docs/cockroachcloud/authorization#which-roles-grant-the-ability-to-add-remove-and-manage-members-in-in-a-cockroachdb-cloud-organization

Example

package main

import (
    "context"
    "fmt"
    "os"
    openapiclient "./openapi"
)

func main() {
    userId := "userId_example" // string | 
    cockroachCloudSetRolesForUserRequest := *openapiclient.NewCockroachCloudSetRolesForUserRequest([]openapiclient.BuiltInRole{*openapiclient.NewBuiltInRole(openapiclient.OrganizationUserRole.Type("BILLING_COORDINATOR"), *openapiclient.NewResource(openapiclient.ResourceType.Type("ORGANIZATION")))}) // CockroachCloudSetRolesForUserRequest | 

    configuration := openapiclient.NewConfiguration()
    api_client := openapiclient.NewClient(configuration)
    resp, r, err := api_client.RoleManagementApi.SetRolesForUser(context.Background(), userId).CockroachCloudSetRolesForUserRequest(cockroachCloudSetRolesForUserRequest).Execute()
    if err != nil {
        fmt.Fprintf(os.Stderr, "Error when calling `RoleManagementApi.SetRolesForUser``: %v\n", err)
        fmt.Fprintf(os.Stderr, "Full HTTP response: %v\n", r)
    }
    // response from `SetRolesForUser`: GetAllRolesForUserResponse
    fmt.Fprintf(os.Stdout, "Response from `RoleManagementApi.SetRolesForUser`: %v\n", resp)
}

Path Parameters

Name Type Description Notes
ctx context.Context context for authentication, logging, cancellation, deadlines, tracing, etc.
userId string

Other Parameters

Other parameters are passed through a pointer to a apiSetRolesForUser struct via the builder pattern

Name Type Description Notes

cockroachCloudSetRolesForUserRequest | CockroachCloudSetRolesForUserRequest | |

Return type

GetAllRolesForUserResponse

Authorization

Bearer

HTTP request headers

  • Content-Type: application/json
  • Accept: application/json

[Back to top] [Back to API list] [Back to README]