hcq/MaxScale
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c49a28ef12d7550e3103885a9f1ba95d008efca8
MaxScale/Documentation/REST-API/Resources-User.md
Markus Mäkelä b555115fa2 Merge branch '2.3' into 2.4
2020-01-07 11:12:02 +02:00

5.4 KiB
Raw Blame History

Admin User Resource

Admin users represent administrative users that are able to query and change MaxScale's configuration.

Resource Operations

Get network user

GET /v1/users/inet/:name

Get a single network user. The The :name in the URI must be a valid network user name.

Response

Status: 200 OK

{
    "links": {
        "self": "http://localhost:8989/v1/users/inet/my-user"
    },
    "data": {
        "id": "my-user",
        "type": "inet",
        "attributes": {
            "account": "admin"
        },
        "relationships": {
            "self": "http://localhost:8989/v1/users/inet/my-user"
        }
    }
}

Get all network users

GET /v1/users/inet

Get all network users.

Response

Status: 200 OK

{
    "links": {
        "self": "http://localhost:8989/v1/users/inet"
    },
    "data": [
        {
            "id": "my-user",
            "type": "inet",
            "attributes": {
                "account": "admin"
            },
            "relationships": {
                "self": "http://localhost:8989/v1/users/inet/my-user"
            }
        }
    ]
}

Get enabled UNIX account

GET /v1/users/unix/:name

Get a single enabled UNIX account. The The :name in the URI must be a valid UNIX account name that has been enabled.

Response

Status: 200 OK

{
    "links": {
        "self": "http://localhost:8989/v1/users/unix/maxscale"
    },
    "data": {
        "id": "maxscale",
        "type": "unix",
        "attributes": {
            "account": "basic"
        },
        "relationships": {
            "self": "http://localhost:8989/v1/users/unix/maxscale"
        }
    }
}

Get all enabled UNIX accounts

GET /v1/users/unix

Get all enabled UNIX accounts.

Response

Status: 200 OK

{
    "links": {
        "self": "http://localhost:8989/v1/users/unix"
    },
    "data": [
        {
            "id": "maxscale",
            "type": "unix",
            "attributes": {
                "account": "admin"
            },
            "relationships": {
                "self": "http://localhost:8989/v1/users/unix/maxscale"
            }
        }
    ]
}

Get all users

GET /v1/users

Get all administrative users. This fetches both network users and local UNIX accounts.

Response

Status: 200 OK

{
    "links": {
        "self": "http://localhost:8989/v1/users/"
    },
    "data": [ // List of all users
        {
            "id": "my-user",
            "type": "inet", // A network user
            "attributes": {
                "account": "admin"
            },
            "relationships": {
                "self": "http://localhost:8989/v1/users/inet/my-user"
            }
        },
        {
            "id": "maxscale",
            "type": "unix", // A local UNIX account
            "attributes": {
                "account": "admin"
            },
            "relationships": {
                "self": "http://localhost:8989/v1/users/unix/maxscale"
            }
        }
    ]
}

Create a network user

POST /v1/users/inet

Create a new network user. The request body must define at least the following fields.

  • data.id

    • The username

  • data.type

    • Type of the object, must be inet

  • data.attributes.password

    • The password for this user

  • data.attributes.account

    • Set to admin for administrative users and basic to read-only users

Only admin accounts can perform POST, PUT, DELETE and PATCH requests. If a basic account performs one of the aforementioned request, the REST API will respond with a 401 Unauthorized error.

Here is an example request body defining the network user my-user with the password my-password that is allowed to execute only read-only operations.

{
    "data": {
        "id": "my-user",
        "type": "inet",
        "attributes": {
            "password": "my-password",
            "account": "basic"
        }
    }
}

Response

Status: 204 No Content

Enable a UNIX account

POST /v1/users/unix

This enables an existing UNIX account on the system for administrative operations. The request body must define at least the following fields.

  • data.id

    • The username

  • data.type

    • Type of the object, must be unix

  • data.attributes.account

    • Set to admin for administrative users and basic to read-only users

Here is an example request body enabling the UNIX account jdoe for read-only operations.

{
    "data": {
        "id": "jdoe",
        "type": "unix"
        "attributes": {
            "account": "basic"
        }
    }
}

Response

Status: 204 No Content

Delete a network user

DELETE /v1/users/inet/:name

The :name part of the URI must be a valid user name.

Response

Status: 204 No Content

Disable a UNIX account

DELETE /v1/users/unix/:name

The :name part of the URI must be a valid user name.

Response

Status: 204 No Content

Update a network user

PATCH /v1/users/inet/:name

Update network user. Currently, only the password can be updated. This means that the request body must define the data.attributes.password field.

Here is an example request body that updates the password.

{
    "data": {
        "attributes": {
            "password": "new-password"
        }
    }
}

Response

Status: 204 No Content