SpaceBlocks.Permissions.WebServices.Main.Api Management (v1)

Download OpenAPI specification:Download

This is the management API.

MemberGroup

Create a new member-group

Authorizations:

Bearer

path Parameters

tenantId

required

string

The ID of the tenant where the member group belongs to

Request Body schema:
text/plain

The create member-group request

id	string
name	string
subjectIds	Array of strings unique

Responses

Request samples

Payload

Content type

text/plain

No sample

Response samples

201
401

Content type

text/plain

No sample

Get a member-group by id

Authorizations:

Bearer

path Parameters

tenantId required	string The ID of the tenant where the member-group belongs to
id required	string The ID of the member-group

Responses

Response samples

200
401
404

Content type

text/plain

No sample

Permission

Check if the subject has the requested sub-level permissions on the requested resource.

Authorizations:

Bearer

query Parameters

tenantId	string The ID of the tenant
resourceTypeId	string The resource type ID
resourceId	string The ID of the resource to check permissions on
subjectId	string The ID of the subject to check permissions for
permissionScope	string The ID of the resource type on which the permission to check is defined
permission	Array of strings unique The permission slug to check (can occur multiple times)

Responses

Response samples

200
401

Content type

text/plain

No sample

Get the permissions of the subject on the requested resource.

Authorizations:

Bearer

query Parameters

tenantId	string The ID of the tenant
resourceTypeId	string The resource type ID
resourceId	string The ID of the resource to check permissions on
subjectId	string The ID of the subject to check permissions for

Responses

Response samples

200
401

Content type

text/plain

No sample

Resource

Get a resource by id

Authorizations:

Bearer

path Parameters

tenantId required	string The ID of the tenant whom the resource belongs
resourceTypeId required	string The key of the permission level
id required	string The ID of the resource

Responses

Response samples

200
401
404

Content type

text/plain

No sample

Update a resource

This triggers a recalculation of the permission tree.

Authorizations:

Bearer

path Parameters

tenantId required	string The ID of the tenant where the resource belongs to
resourceTypeId required	string The key to the corresponding permission-level of the resource
id required	string The ID of the resource

Request Body schema:
text/plain

The UpdateResourceRequest DTO

	object (UpdateResourceParent)
isInheritanceDisabled	boolean

Responses

Request samples

Payload

Content type

text/plain

No sample

Response samples

400
401

Content type

text/plain

No sample

Delete a resource.

Authorizations:

Bearer

path Parameters

tenantId required	string The ID of the tenant where the resource belongs to
resourceTypeId required	string The key to the corresponding permission-level of the resource
id required	string The ID of the deleted resource

Responses

Response samples

400
401

Content type

text/plain

No sample

Create a new resource.

Authorizations:

Bearer

path Parameters

tenantId required	string The ID of the tenant whom the resource belongs
resourceTypeId required	string The key of the permission level

Request Body schema:
text/plain

The create resource request

id	string
	object (CreateResourceParent)
	object (ResourceMembers)
isInheritanceDisabled	boolean

Responses

Request samples

Payload

Content type

text/plain

No sample

Response samples

201
400
401

Content type

text/plain

No sample

Get all resources within the given tenantId where the subject has the requested permissions.

Authorizations:

Bearer

path Parameters

tenantId required	string The ID of the tenant
resourceTypeId required	string The key to the corresponding permission-level of the resource

query Parameters

subjectId	string The ID of the subject
permissionScope	string The slug of the resource type on which the permission to check is defined
permission	Array of strings unique The permission slug to check (can occur multiple times)

Responses

Response samples

200
401

Content type

text/plain

No sample

Patch resource members

Upsert all members of an existing resource on a specific role in a PATCH bulk operation. An existing member gets their role updated; a new member gets the role assigned on the resource. This triggers a recalculation of the permission tree.

Authorizations:

Bearer

path Parameters

tenantId required	string The tenantId
resourceTypeId required	string The resourceTypeId
id required	string The resourceId

Request Body schema:
text/plain

the UpsertMemberRequest object

	object or null
	object or null

Responses

Request samples

Payload

Content type

text/plain

No sample

Response samples

200
401
404

Content type

text/plain

No sample

Get all resources within the given tenantId where the subject has the requested permissions.

Authorizations:

Bearer

path Parameters

tenantId required	string The ID of the tenant
resourceTypeId required	string The key to the corresponding permission-level of the resource

query Parameters

subjectId	string The ID of the subject
permissionScope	string The slug of the resource type on which the permission to check is defined
permission	Array of strings unique The permission slug to check (can occur multiple times)

Responses

Response samples

200
401

Content type

text/plain

No sample

GetResourcePermissions

Authorizations:

Bearer

path Parameters

tenantId required	string
resourceTypeId required	string
id required	string

Responses

Response samples

200
401

Content type

text/plain

No sample

Role

Create a new role for a specific tenant

Authorizations:

Bearer

path Parameters

tenantId

required

string

The ID of the tenant where the role should be created in.

Request Body schema:
text/plain

The create role request

id	string or null
name	string
description	string
	object

Responses

Request samples

Payload

Content type

text/plain

No sample

Response samples

201
400
401

Content type

text/plain

No sample

Get all roles of a tenant

Authorizations:

Bearer

path Parameters

tenantId

required

string

the ID of the tenant

Responses

Response samples

200
401

Content type

text/plain

No sample

Get a role by id

Authorizations:

Bearer

path Parameters

tenantId required	string The ID of the tenant where the role belongs to
id required	string The ID of the role

Responses

Response samples

200
401
404

Content type

text/plain

No sample

Update a role

This triggers a recalculation of the permission tree.

Authorizations:

Bearer

path Parameters

tenantId required	string The ID of the tenant that the role belongs to
id required	string The ID of the role to update

Request Body schema:
text/plain

The updateRoleRequest DTO

	object or null
name	string or null
description	string or null

Responses

Request samples

Payload

Content type

text/plain

No sample

Response samples

200
401
404

Content type

text/plain

No sample

Delete a role

This triggers a recalculation of the permission tree.

Authorizations:

Bearer

path Parameters

tenantId required	string The ID of the tenant that the role belongs to
id required	string The ID of the role to delete

Responses

Response samples

401

Content type

text/plain

No sample

Tenant

Create a new tenant

This triggers a recalculation of the permission tree.

Authorizations:

Bearer

Request Body schema:
text/plain

id	string
name	string
	object (ResourceMembers)

Responses

Request samples

Payload

Content type

text/plain

No sample

Response samples

201
401

Content type

text/plain

No sample

Returns all tenants in the database. If subjectId is provided, only tenants that the subject has access to will be returned.

Authorizations:

Bearer

query Parameters

subjectId	string The ID of the subject to check for access to the tenants (optional)
permissionScope	string The slug of the resource type on which the permission to check is defined (only required, if subjectId is passed)
permission	Array of strings unique The permission slug to check (optional; can occur multiple times - empty means no permissions are required)

Responses

Response samples

200
401

Content type

text/plain

No sample

GetTenant

Authorizations:

Bearer

path Parameters

id

required

string

Responses

Response samples

200
401

Content type

text/plain

No sample

UpdateTenant

Authorizations:

Bearer

path Parameters

id

required

string

Request Body schema:
text/plain

name

string

Responses

Request samples

Payload

Content type

text/plain

No sample

Response samples

200
401

Content type

text/plain

No sample

Delete a tenant from the database

Authorizations:

Bearer

path Parameters

id

required

string

The ID of the tenant to delete

Responses

Response samples

401

Content type

text/plain

No sample

Patch Tenant Members

This triggers a recalculation of the permission tree.

Authorizations:

Bearer

path Parameters

id

required

string

Request Body schema:
text/plain

	object or null
	object or null

Responses

Request samples

Payload

Content type

text/plain

No sample

Response samples

200
401

Content type

text/plain

No sample

Check if the subject has the requested sub-level permissions on the requested resource.

Authorizations:

Bearer

path Parameters

id

required

string

The ID of the tenant

query Parameters

subjectId	string The ID of the subject to check permissions for
permissionScope	string The slug of the resource type on which the permission to check is defined
permission	Array of strings unique The permission slug to check (can occur multiple times)

Responses

Response samples

200
401

Content type

text/plain

No sample

Get the permissions of the subject on the requested resource.

Authorizations:

Bearer

path Parameters

id

required

string

The ID of the tenant

query Parameters

subjectId

string

The ID of the subject to check permissions for

Responses

Response samples

200
401

Content type

text/plain

No sample

Get all tenant ids where the subject has the requested permissions.

Authorizations:

Bearer

query Parameters

subjectId	string The ID of the subject
permissionScope	string The slug of the resource type on which the permission to check is defined
permission	Array of strings unique The permission slug to check (can occur multiple times)

Responses

Response samples

200
401

Content type

text/plain

No sample

GetTenantPermissions

Authorizations:

Bearer

path Parameters

id

required

string

Responses

Response samples

200
401

Content type

text/plain

No sample

SpaceBlocks.Permissions.WebServices.Main.Api Management (v1)

MemberGroup

Create a new member-group

Authorizations:

path Parameters

Request Body schema: text/plainapplication/octet-streamapplication/jsontext/jsonapplication/*+jsontext/plain

Responses

Request samples

Response samples

Get a member-group by id

Authorizations:

path Parameters

Responses

Response samples

Permission

Check if the subject has the requested sub-level permissions on the requested resource.

Authorizations:

query Parameters

Responses

Response samples

Get the permissions of the subject on the requested resource.

Authorizations:

query Parameters

Responses

Response samples

Resource

Get a resource by id

Authorizations:

path Parameters

Responses

Response samples

Update a resource

Authorizations:

path Parameters

Request Body schema: text/plainapplication/octet-streamapplication/jsontext/jsonapplication/*+jsontext/plain

Responses

Request samples

Response samples

Delete a resource.

Authorizations:

path Parameters

Responses

Response samples

Create a new resource.

Authorizations:

path Parameters

Request Body schema: text/plainapplication/octet-streamapplication/jsontext/jsonapplication/*+jsontext/plain

Responses

Request samples

Response samples

Get all resources within the given tenantId where the subject has the requested permissions.

Authorizations:

path Parameters

query Parameters

Responses

Response samples

Patch resource members

Authorizations:

path Parameters

Request Body schema: text/plainapplication/octet-streamapplication/jsontext/jsonapplication/*+jsontext/plain

Responses

Request samples

Response samples

Get all resources within the given tenantId where the subject has the requested permissions.

Authorizations:

path Parameters

query Parameters

Responses

Response samples

GetResourcePermissions

Authorizations:

path Parameters

Responses

Response samples

Role

Create a new role for a specific tenant

Authorizations:

path Parameters

Request Body schema: text/plainapplication/octet-streamapplication/jsontext/jsonapplication/*+jsontext/plain

Responses

Request Body schema:
text/plain

Request Body schema:
text/plain

Request Body schema:
text/plain

Request Body schema:
text/plain

Request Body schema:
text/plain

Request Body schema:
text/plain

Request Body schema:
text/plain

Request Body schema:
text/plain

Request Body schema:
text/plain