MXS-2824: Document basic user privileges

The documentation was not clear on what the difference between admin and basic accounts is.
2020-01-07 09:57:15 +02:00 · 2020-01-07 09:57:15 +02:00 · edb49d6f35
commit edb49d6f35
parent 6306519e5e
2 changed files with 6 additions and 1 deletions
--- a/Documentation/REST-API/Resources-User.md
+++ b/Documentation/REST-API/Resources-User.md
@ -195,6 +195,10 @@ following fields.
 * `data.attributes.account`
  * Set to `admin` for administrative users and `basic` to read-only users

+Only admin accounts can perform POST, PUT, DELETE and PATCH requests. If a basic
+account performs one of the aforementioned request, the REST API will respond
+with a `401 Unauthorized` error.
+
 Here is an example request body defining the network user _my-user_ with the
 password _my-password_ that is allowed to execute only read-only operations.

--- a/maxctrl/lib/create.js
+++ b/maxctrl/lib/create.js
@ -319,7 +319,8 @@ exports.builder = function(yargs) {
            return yargs.epilog('The created user can be used with the MaxScale REST API as ' +
                                'well as the MaxAdmin network interface. By default the created ' +
                                'user will have read-only privileges. To make the user an ' +
-                                'administrative user, use the `--type=admin` option.')
+                                'administrative user, use the `--type=admin` option. ' +
+                                'Basic users can only perform `list` and `show` commands.')
                .usage('Usage: create user <name> <password>')
        }, function(argv) {