Roles
Roles
The client identity that created an Endpoint has full control over management aspects of the endpoint, including the properties, collections, the ACL, and role assignments.
Other roles enable other identities to act on various subsets of endpoint and collection management capabilities.
See the GCS Manager Roles document for more information on the meaning of the roles. All API endpoints below indicate which roles are required to perform the given operation.
Details
Create Role
POST /roles
Assign a role to an identity or group for the Endpoint or a specified collection.
On success returns a copy of the created role with the system generated id added.
Request body
application/json
The "Role" document type represents the assignment of a role on an Endpoint or Collection to a Globus identity or group.
Name |
Type |
Description |
DATA_TYPE |
string |
Type of this document |
collection |
string <uuid> |
Collection Id. This value is omitted when creating an endpoint role or when creating role definitions when creating collections. |
principal |
string |
Auth identity or group id URN. |
role |
string |
Role assigned to the principal. |
Example
{
"DATA_TYPE": "role#1.0.0",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"collection": "65986b24-c0b1-41fa-b21f-4a319273f511",
"principal": "string",
"role": "owner"
}Responses
200 - Create Role response
Name |
Type |
Description |
code |
string |
|
data |
array ( Role ) |
|
DATA_TYPE |
string |
Type of this document. |
http_response_code |
integer |
Numeric HTTP response code |
detail |
Machine readable response details |
|
message |
string |
Message describing this result. |
has_next_page |
boolean |
Boolean flag indicating whether or not additional pages of response data may be requested by passing the marker to the same operation. |
marker |
string |
Opaque marker that may be passed to this API call to
fetch the next page of results if the returned document
has |
{
"code": "success",
"data": [
{
"DATA_TYPE": "role#1.0.0",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"collection": "65986b24-c0b1-41fa-b21f-4a319273f511",
"principal": "string",
"role": "owner"
}
],
"DATA_TYPE": "result#1.0.0",
"http_response_code": 200,
"detail": null,
"message": "Operation successful",
"has_next_page": false,
"marker": "string"
}409 - Exists or Conflict Response
Name |
Type |
Description |
code |
string |
|
http_response_code |
|
|
DATA_TYPE |
string |
Type of this document. |
detail |
Machine readable response details |
|
message |
string |
Message describing this result. |
data |
array (object) |
|
has_next_page |
boolean |
Boolean flag indicating whether or not additional pages of response data may be requested by passing the marker to the same operation. |
marker |
string |
Opaque marker that may be passed to this API call to
fetch the next page of results if the returned document
has |
{
"code": "exists",
"http_response_code": 409,
"DATA_TYPE": "result#1.0.0",
"detail": null,
"message": "Operation successful",
"data": [
{}
],
"has_next_page": false,
"marker": "string"
}List Roles
GET /roles
Get the Globus Connect Server Endpoint’s or a Collection’s
list of Role documents.
If the collection_id query
parameter is passed to this operation, then the roles related
to that Collection are returned, otherwise only Endpoint roles
are returned.
The include parameter determines whether this
operation returns all roles relevant to the resource or only
those relevant to the resource that the caller has.
To obtain information about roles for other identities, the caller must pass the "all_roles" value as the value of the "include" parameter. This requires the "administrator" role for the Endpoint, or Collection the role is associated with.
Query Parameters
| Parameter | Type | Description |
|---|---|---|
include |
string |
Flag indicating whether to request all roles assignments for the Endpoint or Collection. |
marker |
string Any |
Pagination marker for a paginated response |
page_size |
integer Any |
Maximum page size for a paginated response |
collection_id |
string Any |
ID of the Collection |
Responses
200 - Get roles result
Name |
Type |
Description |
code |
string |
|
data |
array ( Role ) |
|
DATA_TYPE |
string |
Type of this document. |
http_response_code |
integer |
Numeric HTTP response code |
detail |
Machine readable response details |
|
message |
string |
Message describing this result. |
has_next_page |
boolean |
Boolean flag indicating whether or not additional pages of response data may be requested by passing the marker to the same operation. |
marker |
string |
Opaque marker that may be passed to this API call to
fetch the next page of results if the returned document
has |
{
"code": "success",
"data": [
{
"DATA_TYPE": "role#1.0.0",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"collection": "65986b24-c0b1-41fa-b21f-4a319273f511",
"principal": "string",
"role": "owner"
}
],
"DATA_TYPE": "result#1.0.0",
"http_response_code": 200,
"detail": null,
"message": "Operation successful",
"has_next_page": false,
"marker": "string"
}Details
Delete a Role
DELETE /roles/{role_id}
Delete one of the Globus Connect Server’s Role
documents by its ID.
Responses
200 - Delete Role result
Name |
Type |
Description |
code |
string |
|
DATA_TYPE |
string |
Type of this document. |
http_response_code |
integer |
Numeric HTTP response code |
detail |
Machine readable response details |
|
message |
string |
Message describing this result. |
data |
array (object) |
|
has_next_page |
boolean |
Boolean flag indicating whether or not additional pages of response data may be requested by passing the marker to the same operation. |
marker |
string |
Opaque marker that may be passed to this API call to
fetch the next page of results if the returned document
has |
{
"code": "success",
"DATA_TYPE": "result#1.0.0",
"http_response_code": 200,
"detail": null,
"message": "Operation successful",
"data": [
{}
],
"has_next_page": false,
"marker": "string"
}Get a Role
GET /roles/{role_id}
Get one of the Globus Connect Server’s Role
documents by its ID.
Responses
200 - Get role result
Name |
Type |
Description |
code |
string |
|
data |
array ( Role ) |
|
DATA_TYPE |
string |
Type of this document. |
http_response_code |
integer |
Numeric HTTP response code |
detail |
Machine readable response details |
|
message |
string |
Message describing this result. |
has_next_page |
boolean |
Boolean flag indicating whether or not additional pages of response data may be requested by passing the marker to the same operation. |
marker |
string |
Opaque marker that may be passed to this API call to
fetch the next page of results if the returned document
has |
{
"code": "success",
"data": [
{
"DATA_TYPE": "role#1.0.0",
"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"collection": "65986b24-c0b1-41fa-b21f-4a319273f511",
"principal": "string",
"role": "owner"
}
],
"DATA_TYPE": "result#1.0.0",
"http_response_code": 200,
"detail": null,
"message": "Operation successful",
"has_next_page": false,
"marker": "string"
}