Please note: It is highly recommended that ACLs are managed via the ceo command line utility.

GET /v3/acl

List group names for access control lists.

Acl Action: ACL list

Arguments:

  • page - integer: Page number for paginated results.
  • per_page - int: Per page offset for pagination.
  • order - string: Valid property to order by. Will default to name.
  • dir - string: Either asc or desc.

Example Response:

[
    {
        "name": "Administrator",
        "description": "Super-admin"
    },
    {
        "name": "Guest",
        "description": null
    }
]

GET /v3/acl/{acl-name}

List access controls for given control list.

Acl Action: ACL get

Example Response:

[
    {
        "name": "Administrator",
        "description": "Super-admin",
        "accesses": {
            "Assignment": [
                {
                    "action": "*",
                    "allowed": "1"
                },
                {
                    "action": "create",
                    "allowed": "1"
                },
                ...
            ],
            ...
        }
    }
]

GET /v3/acl/resources

List all defined resources.

Acl Action: ACL listResources

Example Response:

{
    "Assignment": [
        "*",
        "create",
        ...
    ],
    ...
}

POST /v3/acl

Create new ACL.

Acl Action: ACL create

Example Request:

[
    {
        "name": "MySuperGroup",
        "description": "My super awesome group",
        "accesses": {
            "Assignment": [
                {
                    "action": "*",
                    "allowed": "1"
                },
                {
                    "action": "create",
                    "allowed": "1"
                },
                ...
            ],
            ...
        }
    }
]

PUT /v3/acl/{acl-name}

Update existing ACL. Note that the Administrator group cannot be modified.

Acl Action: ACL update

Example Request:

[
    {
        "name": "MySuperGroup",
        "description": "My super awesome group",
        "accesses": {
            "Assignment": [
                {
                    "action": "*",
                    "allowed": "1"
                },
                {
                    "action": "create",
                    "allowed": "1"
                },
                ...
            ],
            ...
        }
    }
]

DELETE /v3/acl/{acl-name}

Remove ACL. Note that the Administrator group cannot be removed.

Acl Action: ACL delete

Example Response:

{
    "message": "Ok"
}