1. Overview
Microservice containing the business logic for managing security-service.
1.2. Tags
-
assignment-controller : Assignment Controller
-
permission-check-controller : Permission Check Controller
-
permission-controller : Permission Controller
-
permission-group-controller : Permission Group Controller
-
permission-inclusions-controller : Permission Inclusions Controller
-
permissions-group-mapping-controller : Permissions Group Mapping Controller
-
privilege-set-controller : Privilege Set Controller
-
role-controller : Role Controller
-
user-controller : User Controller
2. Resources
2.1. Assignment-controller
Assignment Controller
2.1.1. Create assignment
POST /assignments
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Created |
|
400 |
Bad Request |
|
401 |
Unauthorized |
|
404 |
Not Found |
|
500 |
Internal Server error |
|
503 |
Service Unavailable |
2.1.2. Get Assignments
GET /assignments
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Query |
page |
Results page you want to retrieve (0..N) |
integer (int32) |
Query |
size |
Number of records per page. |
integer (int32) |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
|
400 |
Bad Request |
|
401 |
Unauthorized |
|
404 |
Not Found |
|
503 |
Service Unavailable |
2.1.3. Get assignments of a group
GET /assignments/group/assignments
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
< GroupMappingAssignmentResponse > array |
400 |
Bad Request |
|
401 |
Unauthorized |
|
404 |
Not Found |
|
503 |
Service Unavailable |
2.1.4. Get user groups and permission level resources
GET /assignments/resources
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
object |
401 |
Unauthorized |
|
403 |
Forbidden |
|
404 |
Not Found |
|
503 |
Service Unavailable |
2.1.5. Get assignment By Id
GET /assignments/{id}
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
|
400 |
Bad Request |
|
401 |
Unauthorized |
|
404 |
Not Found |
|
503 |
Service Unavailable |
2.1.6. Update assignment
PUT /assignments/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id |
integer (int32) |
Body |
assignment |
assignment |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
|
400 |
Bad Request |
|
401 |
Unauthorized |
|
404 |
Not Found |
|
503 |
Service Unavailable |
2.2. Permission-check-controller
Permission Check Controller
2.2.1. Check resource level and user groups permission
GET /checkPermission
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Query |
permissionName |
Permission scope Name |
string |
Query |
resourceId |
Resource Id( Unit or Line or Department or Site) |
integer (int32) |
Query |
resourceType |
Type of the resource (Unit or Line or Department or Site) |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
object |
401 |
Unauthorized |
|
403 |
Forbidden |
|
404 |
Not Found |
|
503 |
Service Unavailable |
2.3. Permission-controller
Permission Controller
2.3.1. Create permission
POST /permissions
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Created |
|
400 |
Bad Request |
|
401 |
Unauthorized |
|
404 |
Not Found |
|
500 |
Internal Server |
|
503 |
Service Unavailable |
2.3.2. Get permissions
GET /permissions
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Query |
appPermissions |
include / exclude app permission. |
boolean |
Query |
page |
Results page you want to retrieve (0..N) |
integer (int32) |
Query |
size |
Number of records per page. |
integer (int32) |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
|
400 |
Bad Request |
|
401 |
Unauthorized |
|
404 |
Not Found |
|
503 |
Service Unavailable |
2.3.3. Get permission by id
GET /permissions/{id}
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
|
400 |
Bad Request |
|
401 |
Unauthorized |
|
404 |
Not Found |
|
503 |
Service Unavailable |
2.3.4. Update permission
PUT /permissions/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id |
integer (int32) |
Body |
permission |
permission |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
|
400 |
Bad Request |
|
401 |
Unauthorized |
|
404 |
Not Found |
|
503 |
Service Unavailable |
2.4. Permission-group-controller
Permission Group Controller
2.4.1. Create Permission Group (app group)
POST /permission-group
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Body |
permissionGroupingRequest |
permissionGroupingRequest |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Created |
|
400 |
Bad Request |
|
401 |
Unauthorized |
|
404 |
Not Found |
|
500 |
Internal Server |
|
503 |
Service Unavailable |
2.4.2. Get permission groups
GET /permission-group
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
< PermissionGroupingResponse > array |
400 |
Bad Request |
|
401 |
Unauthorized |
|
404 |
Not Found |
|
503 |
Service Unavailable |
2.4.3. Get permission group by id
GET /permission-group/{id}
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
|
400 |
Bad Request |
|
401 |
Unauthorized |
|
404 |
Not Found |
|
503 |
Service Unavailable |
2.4.4. Update permission group(app grouping)
PUT /permission-group/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id |
integer (int32) |
Body |
permissionGrouping |
permissionGrouping |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
|
400 |
Bad Request |
|
401 |
Unauthorized |
|
404 |
Not Found |
|
503 |
Service Unavailable |
2.5. Permission-inclusions-controller
Permission Inclusions Controller
2.5.1. Create inclusions- to map core scope permission to app scope permission
POST /permission-inclusions
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Body |
permissionInclusionRequest |
permissionInclusionRequest |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Created |
|
400 |
Bad Request |
|
401 |
Unauthorized |
|
404 |
Not Found |
|
500 |
Internal Server |
|
503 |
Service Unavailable |
2.5.2. Get permission Inclusion mappings
GET /permission-inclusions
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Query |
appPermissionId |
appPermissionId |
integer (int32) |
Query |
corePermissionId |
corePermissionId |
integer (int32) |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
< PermissionInclusionResponse > array |
400 |
Bad Request |
|
401 |
Unauthorized |
|
404 |
Not Found |
|
503 |
Service Unavailable |
2.5.3. Remove permission Inclusion by appPermissionId and corePermissionId
DELETE /permission-inclusions/{appPermissionId}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
appPermissionId |
appPermissionId |
integer (int32) |
Query |
corePermissionId |
corePermissionId |
integer (int32) |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
|
400 |
Bad Request |
|
401 |
Unauthorized |
|
404 |
Not Found |
|
500 |
Service Unavailable |
2.6. Permissions-group-mapping-controller
Permissions Group Mapping Controller
2.6.1. Create permission group mapping
POST /permission-group-mapping
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Created |
|
400 |
Bad Request |
|
401 |
Unauthorized |
|
404 |
Not Found |
|
500 |
Internal Server |
|
503 |
Service Unavailable |
2.6.2. Get app group permission mapping
GET /permission-group-mapping
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Query |
appGroupId |
Application Group Id |
integer (int32) |
Query |
permissionId |
App permission Id |
integer (int32) |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
< PermissionSearchResponse > array |
400 |
Bad Request |
|
401 |
Unauthorized |
|
404 |
Not Found |
|
503 |
Service Unavailable |
2.6.3. Remove permission mapping by group id
DELETE /permission-group-mapping/groups/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id |
integer (int32) |
Query |
permissionId |
permissionId |
integer (int32) |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
|
400 |
Bad Request |
|
401 |
Unauthorized |
|
404 |
Not Found |
|
500 |
Service Unavailable |
2.7. Privilege-set-controller
Privilege Set Controller
2.7.1. Get all privilege Sets details
GET /privilegeSets
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
< PrivilegeSet > array |
401 |
Unauthorized |
|
403 |
Forbidden |
|
404 |
Not Found |
|
503 |
Service Unavailable |
2.8. Role-controller
Role Controller
2.8.1. Create role
POST /roles
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Created |
|
400 |
Bad Request |
|
401 |
Unauthorized |
|
404 |
Not Found |
|
503 |
Service Unavailable |
2.8.2. Get all roles
GET /roles
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Query |
page |
Results page you want to retrieve (0..N) |
integer (int32) |
Query |
size |
Number of records per page. |
integer (int32) |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
|
400 |
Bad Request |
|
401 |
Unauthorized |
|
500 |
Service Unavailable |
2.8.3. Search all apps level permissions
GET /roles/apps
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
< AppLevelPermissionsResponse > array |
400 |
Bad Request |
|
401 |
Unauthorized |
|
503 |
Service Unavailable |
2.8.4. Get role by id
GET /roles/{id}
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
|
400 |
Bad Request |
|
401 |
Unauthorized |
|
404 |
Not Found |
|
500 |
Service Unavailable |
2.8.5. update role
PUT /roles/{id}
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Path |
id |
id |
integer (int32) |
Body |
roleUpdateRequest |
roleUpdateRequest |
Responses
HTTP Code | Description | Schema |
---|---|---|
201 |
Created |
|
400 |
Bad Request |
|
401 |
Unauthorized |
|
404 |
Not Found |
|
500 |
Service Unavailable |
2.9. User-controller
User Controller
2.9.1. Get all PA Users details
GET /users
Parameters
Type | Name | Description | Schema |
---|---|---|---|
Query |
isActive |
isActive |
boolean |
Query |
page |
Results page you want to retrieve (0..N) |
integer (int32) |
Query |
size |
Number of records per page. |
integer (int32) |
Query |
username |
username |
string |
Responses
HTTP Code | Description | Schema |
---|---|---|
200 |
OK |
|
401 |
Unauthorized |
|
403 |
Forbidden |
|
404 |
Not Found |
|
503 |
Service Unavailable |
3. Definitions
3.1. AppLevelPermissionsResponse
Name | Description | Schema |
---|---|---|
description |
Application description |
string |
id |
Application id |
integer (int32) |
name |
Application name |
string |
permissionsDetailResponseList |
Permissions list with all information |
< PermissionDetailResponse > array |
3.2. AssignmentResponse
Name | Description | Schema |
---|---|---|
createdBy |
string |
|
createdDate |
string (date-time) |
|
departmentIds |
department ids |
< integer (int32) > array |
description |
Description |
string |
groupIds |
Group ids |
< string > array |
id |
Id |
integer (int32) |
lineIds |
line ids |
< integer (int32) > array |
modifiedBy |
string |
|
modifiedDate |
string (date-time) |
|
name |
Name |
string |
productFamilyIds |
product family ids |
< integer (int32) > array |
productIds |
product ids |
< integer (int32) > array |
roleIds |
role Ids |
< integer (int32) > array |
siteIds |
site ids |
< integer (int32) > array |
unitIds |
unit ids |
< integer (int32) > array |
3.3. AssignmentsRequest
Name | Description | Schema |
---|---|---|
departmentIds |
Resource department ids |
< integer (int32) > array |
description |
Assignment description |
string |
groupIds |
Group Ids |
< string > array |
lineIds |
Resource line ids |
< integer (int32) > array |
name |
Assignment name |
string |
productFamilyIds |
Resource family ids |
< integer (int32) > array |
productIds |
Resource product ids |
< integer (int32) > array |
roleIds |
Role Ids |
< integer (int32) > array |
siteIds |
Resource site ids |
< integer (int32) > array |
unitIds |
Resource unit ids |
< integer (int32) > array |
3.4. AssignmentsSearchResponseResult
Name | Description | Schema |
---|---|---|
createdBy |
string |
|
createdDate |
Assignment creation date |
string (date-time) |
description |
AssignemntDescription |
string |
id |
Assignment id |
integer (int32) |
links |
< Link > array |
|
modifiedBy |
string |
|
modifiedDate |
Assignment modification date |
string (date-time) |
name |
Assignment name |
string |
3.5. AssignmentsSearchResponseResults
Name | Schema |
---|---|
content |
< AssignmentsSearchResponseResult > array |
links |
< Link > array |
page |
3.6. CommonResponse
Name | Description | Schema |
---|---|---|
code |
Response code |
integer (int32) |
message |
Common response message |
string |
3.8. GroupInfo
Name | Description | Schema |
---|---|---|
id |
Group id |
integer (int32) |
name |
Group name |
string |
3.9. GroupMappingAssignmentResponse
Name | Description | Schema |
---|---|---|
assignmentDescription |
Assignment Description |
string |
assignmentId |
assignmentId |
integer (int32) |
assignmentName |
Assignment name |
string |
departmentIds |
Department Id |
< integer (int32) > array |
depts |
Dept Id |
< string > array |
groupIds |
Group Name |
< string > array |
lineIds |
Line Id |
< integer (int32) > array |
lines |
Line Id |
< string > array |
roleIds |
Role Ids |
< integer (int32) > array |
roleNames |
Role Name |
< string > array |
siteId |
Site Id |
integer (int32) |
siteNames |
Site Name |
string |
unitIds |
Unit Id |
< integer (int32) > array |
units |
Site Id |
< string > array |
3.12. PageMetadata
Name | Schema |
---|---|
number |
integer (int64) |
size |
integer (int64) |
totalElements |
integer (int64) |
totalPages |
integer (int64) |
3.13. PermissionDetailResponse
Name | Description | Schema |
---|---|---|
description |
Permission description |
string |
id |
Permission Id |
integer (int32) |
name |
Permission name |
string |
scope |
Permission alias name |
string |
3.14. PermissionGroupDetails
Name | Description | Schema |
---|---|---|
applications |
Application ids |
< integer (int32) > array |
permissionId |
Permission Id |
integer (int32) |
3.15. PermissionGroupingRequest
Name | Description | Schema |
---|---|---|
description |
Permission description |
string |
name |
Permission name |
string |
3.16. PermissionGroupingResponse
Name | Description | Schema |
---|---|---|
createdBy |
string |
|
createdDate |
Permission grouping Created Date |
string (date-time) |
description |
Permission grouping description |
string |
id |
Permission grouping id |
integer (int32) |
modifiedBy |
string |
|
modifiedDate |
string (date-time) |
|
name |
Permission grouping name |
string |
3.17. PermissionInclusionRequest
Name | Description | Schema |
---|---|---|
appPermissionId |
App Permission Id |
integer (int32) |
corePermissionId |
Core Permission Id |
integer (int32) |
3.18. PermissionInclusionResponse
Name | Description | Schema |
---|---|---|
appPermissionId |
App Permission id |
integer (int32) |
permissionId |
Core Permission Id |
integer (int32) |
3.19. PermissionRequest
Name | Description | Schema |
---|---|---|
description |
Permission description |
string |
isAppPermission |
Permission type app or core |
boolean |
name |
Permission name |
string |
scope |
Unique name for permission as scope |
string |
3.20. PermissionSearchResponse
Name | Description | Schema |
---|---|---|
appPermission |
boolean |
|
applications |
Group ids |
< GroupInfo > array |
createdBy |
string |
|
createdDate |
Role Created Date |
string (date-time) |
description |
Description |
string |
id |
Id |
integer (int32) |
modifiedBy |
string |
|
modifiedDate |
string (date-time) |
|
name |
Name |
string |
scope |
scope |
string |
3.21. PermissionSearchResponseResult
Name | Description | Schema |
---|---|---|
appPermission |
boolean |
|
applications |
Group ids |
< GroupInfo > array |
createdBy |
string |
|
createdDate |
Role Created Date |
string (date-time) |
description |
Description |
string |
id |
Id |
integer (int32) |
links |
< Link > array |
|
modifiedBy |
string |
|
modifiedDate |
string (date-time) |
|
name |
Name |
string |
scope |
scope |
string |
3.22. PermissionSearchResponseResults
Name | Schema |
---|---|
content |
< PermissionSearchResponseResult > array |
links |
< Link > array |
page |
3.23. PrivilegeName
Name | Description | Schema |
---|---|---|
id |
Privilege Id |
integer (int32) |
name |
Privilege Name |
string |
3.24. PrivilegeSet
Name | Schema |
---|---|
category |
string |
description |
string |
displayName |
string |
icon |
string |
id |
integer (int32) |
scope |
string |
3.25. RoleRequest
Name | Description | Schema |
---|---|---|
description |
description |
string |
name |
name |
string |
permissionIds |
permission ids |
< integer (int32) > array |
3.26. RoleResponse
Name | Description | Schema |
---|---|---|
createdBy |
string |
|
createdDate |
Role Created Date |
string (date-time) |
description |
Role Description |
string |
id |
Role Id |
integer (int32) |
modifiedBy |
string |
|
modifiedDate |
string (date-time) |
|
name |
Role Name |
string |
permissions |
Collection of permissions |
< PermissionDetailResponse > array |
3.27. RoleSearchResponseResult
Name | Description | Schema |
---|---|---|
createdBy |
string |
|
createdDate |
Role Created Date |
string (date-time) |
description |
Role Description |
string |
id |
Role Id |
integer (int32) |
links |
< Link > array |
|
modifiedBy |
string |
|
modifiedDate |
string (date-time) |
|
name |
Role Name |
string |
3.28. RoleSearchResponseResults
Name | Schema |
---|---|
content |
< RoleSearchResponseResult > array |
links |
< Link > array |
page |
3.29. UserInfo
Name | Description | Schema |
---|---|---|
active |
Active |
boolean |
description |
User Description |
string |
id |
User Id |
integer (int32) |
isRole |
Role |
boolean |
username |
User Name |
string |
3.30. UserInfoResult
Name | Description | Schema |
---|---|---|
active |
Active |
boolean |
description |
User Description |
string |
id |
User Id |
integer (int32) |
isRole |
Role |
boolean |
links |
< Link > array |
|
username |
User Name |
string |
3.31. UserInfoResults
Name | Schema |
---|---|
content |
< UserInfoResult > array |
links |
< Link > array |
page |
4. Security
4.1. access_token
Type : oauth2
Flow : accessCode
Token URL : https://10.181.213.187:8443/uaa/oauth/authorize
Token URL : https://10.181.213.187:8443/uaa/oauth/token
Name | Description |
---|---|
default |
Default oauth2 scope. |
4.2. resource_owner
Type : oauth2
Flow : password
Token URL : https://10.181.213.187:8443/uaa/oauth/token
Name | Description |
---|---|
default |
Default oauth2 scope. |
4.3. implicit_grant
Type : oauth2
Flow : implicit
Token URL : https://10.181.213.187:8443/uaa/oauth/authorize
Name | Description |
---|---|
default |
Default oauth2 scope. |
4.4. client_creds
Type : oauth2
Flow : application
Token URL : https://10.181.213.187:8443/uaa/oauth/token
Name | Description |
---|---|
default |
Default oauth2 scope. |