Users Authorization

CASL ability actions

This is the list of the permissions methods available for datasets and all their endpoints

Endpoint authorization

UserLogin
UserRead
UserCreate
UserUpdate
UserPassword
UserDelete

Instance authorization

UserReadOwn
UserReadAny
UserCreateOwn
UserCreateAny
UserUpdateOwn
UserUpdateAny
UserPasswordOwn
UserPasswordAny
UserDeleteAny

Priority

graph TD; UserLogin(E) UserCreate(E)-->UserCreateOwn(I)-->UserCreateAny(I); UserRead(E)-->UserReadOwn(I)-->UserReadAny(I); UserUpdate(E)-->UserUpdateOwner(I)-->UserUpdateAny(I); UserPassword(E)-->UserPasswordOwner(I)-->UserPasswordAny(I); UserDelete(E)-->UserDeleteOwn(I)-->UserDeleteAny(I);

Authorization table:

HTTP method	Endpoint	Endpoint Authorization	Anonymous	Authenticated User	User Privileged Groups	Admin Groups	User Delete Groups
POST	Users/jwt	UserRead	no	Own UserReadOwn	no	no	no
POST	Users/login	UserLogin	no	no	no	no	no
GET	Users/id	UserRead	no	Own UserReadOwn	Any UserReadAny	Any UserReadAny	no
GET	Users/id/userIdentity	UserRead	no	Own UserReadOwn	Any UserReadAny	Any UserReadAny	no
POST	Users/id/settings	UserCreate	no	Own UserCreateOwn	Any UserCreateAny	Any UserCreateAny	no
GET	Users/id/settings	UserUpdate	no	Own UserReadOwn	Any UserReadAny	Any UserReadAny	no
PUT	Users/id/settings	UserUpdate	no	Own UserUpdateOwn	Any UserUpdateAny	Any UserUpdateAny	no
PATCH	Users/id/settings	UserUpdate	no	Own UserUpdateOwn	Any UserUpdateAny	Any UserUpdateAny	no
PATCH	Users/id/password	UserPassword	no	Own UserPasswordOwn	Any UserPasswordAny	Any UserPasswordAny	no
DELETE	Users/id	UserDelete	no	no	no	no	Any UserDeleteAny
DELETE	Users/id/settings	UserDelete	no	no	no	no	Any UserDeleteAny
GET	Users/id/authorization/dataset/create	UserRead	no	Own UserReadOwn	Own UserReadOwn	Any UserReadAny	no
GET	Users/logout	UserLogout	no	Own UserLogoutOwn	no	no	no
GET	useridentities/findOne	UserRead	no	Own UserReadOwn	Any UserReadAny	Any UserReadAny	no

results matching ""

No results matching ""