Comment on page
Users and Roles
Returns a list of all roles. Learn more about HarperDB roles here: https://harperdb.io/docs/security/users-roles/.
Operation is restricted to super_user roles only
- operation (required) - must always be
list_roles
{
"operation": "list_roles"
}
[
{
"__createdtime__": 1611615061106,
"__updatedtime__": 1611615061106,
"id": "05c2ffcd-f780-40b1-9432-cfe8ba5ad890",
"permission": {
"super_user": false,
"dev": {
"tables": {
"dog": {
"read": true,
"insert": true,
"update": true,
"delete": false,
"attribute_permissions": [
{
"attribute_name": "name",
"read": true,
"insert": true,
"update": true
}
]
}
}
}
},
"role": "developer"
},
{
"__createdtime__": 1610749235614,
"__updatedtime__": 1610749235614,
"id": "136f03fa-a0e9-46c3-bd5d-7f3e7dd5b564",
"permission": {
"cluster_user": true
},
"role": "cluster_user"
},
{
"__createdtime__": 1610749235609,
"__updatedtime__": 1610749235609,
"id": "745b3138-a7cf-455a-8256-ac03722eef12",
"permission": {
"super_user": true
},
"role": "super_user"
}
]
Creates a new role with the specified permissions. Learn more about HarperDB roles here: https://harperdb.io/docs/security/users-roles/.
Operation is restricted to super_user roles only
- operation (required) - must always be
add_role
- role (required) - name of role you are defining
- permission (required) - object defining permissions for users associated with this role:
- super_user (optional) - boolean which, if set to true, gives users associated with this role full access to all operations and methods. If not included, value will be assumed to be false.
- structure_user (optional) - boolean OR array of schema names (as strings). If boolean, user can create new schemas and tables. If array of strings, users can only manage tables within the specified schemas. This overrides any individual table permissions for specified schemas, or for all schemas if the value is true.
{
"operation": "add_role",
"role": "developer",
"permission": {
"super_user": false,
"structure_user": false,
"dev": {
"tables": {
"dog": {
"read": true,
"insert": true,
"update": true,
"delete": false,
"attribute_permissions": [
{
"attribute_name": "name",
"read": true,
"insert": true,
"update": true
}
]
}
}
}
}
}
{
"role": "develope3r",
"permission": {
"super_user": false,
"structure_user": false,
"dev": {
"tables": {
"dog": {
"read": true,
"insert": true,
"update": true,
"delete": false,
"attribute_permissions": [
{
"attribute_name": "name",
"read": true,
"insert": true,
"update": true
}
]
}
}
}
},
"id": "0a9368b0-bd81-482f-9f5a-8722e3582f96",
"__updatedtime__": 1598549532897,
"__createdtime__": 1598549532897
}
Modifies an existing role with the specified permissions. updates permissions from an existing role. Learn more about HarperDB roles here: https://harperdb.io/docs/security/users-roles/.
Operation is restricted to super_user roles only
- operation (required) - must always be
alter_role
- id (required) - the id value for the role you are altering
- role (optional) - name value to update on the role you are altering
- permission (required) - object defining permissions for users associated with this role:
- super_user (optional) - boolean which, if set to true, gives users associated with this role full access to all operations and methods. If not included, value will be assumed to be false.
- structure_user (optional) - boolean OR array of schema names (as strings). If boolean, user can create new schemas and tables. If array of strings, users can only manage tables within the specified schemas. This overrides any individual table permissions for specified schemas, or for all schemas if the value is true.
{
"operation": "alter_role",
"id": "f92162e2-cd17-450c-aae0-372a76859038",
"role": "another_developer",
"permission": {
"super_user": false,
"structure_user": false,
"dev": {
"tables": {
"dog": {
"read": true,
"insert": true,
"update": true,
"delete": false,
"attribute_permissions": [
{
"attribute_name": "name",
"read": false,
"insert": true,
"update": true
}
]
}
}
}
}
}
{
"id": "a7cb91e9-32e4-4dbf-a327-fab4fa9191ea",
"role": "developer",
"permission": {
"super_user": false,
"structure_user": false,
"dev": {
"tables": {
"dog": {
"read": true,
"insert": true,
"update": true,
"delete": false,
"attribute_permissions": [
{
"attribute_name": "name",
"read": false,
"insert": true,
"update": true
}
]
}
}
}
},
"__updatedtime__": 1598549996106
}
Deletes an existing role from the database. NOTE: Role with associated users cannot be dropped. Learn more about HarperDB roles here: https://harperdb.io/docs/security/users-roles/.
Operation is restricted to super_user roles only
- operation (required) - this must always be
drop_role
- id (required) - this is the id of the role you are dropping
{
"operation": "drop_role",
"id": "2ebc3415-0aa0-4eea-9b8e-40860b436119"
}
{
"message": "developer successfully deleted"
}
Returns a list of all users. Learn more about HarperDB users here: https://harperdb.io/docs/security/users-roles/.
Operation is restricted to super_user roles only
- operation (required) - must always be
list_users
{
"operation": "list_users"
}
[
{
"__createdtime__": 1635520961165,
"__updatedtime__": 1635520961165,
"active": true,
"role": {
"__createdtime__": 1635520961161,
"__updatedtime__": 1635520961161,
"id": "7c78ef13-c1f3-4063-8ea3-725127a78279",
"permission": {
"super_user": true,
"system": {
"tables": {
"hdb_table": {
"read": true,
"insert": false,
"update": false,
"delete": false,
"attribute_permissions": []
},
"hdb_attribute": {
"read": true,
"insert": false,
"update": false,
"delete": false,
"attribute_permissions": []
},
"hdb_schema": {
"read": true,
"insert": false,
"update": false,
"delete": false,
"attribute_permissions": []
},
"hdb_user": {
"read": true,
"insert": false,
"update": false,
"delete": false,
"attribute_permissions": []
},
"hdb_role": {
"read": true,
"insert": false,
"update": false,
"delete": false,
"attribute_permissions": []
},
"hdb_job": {
"read": true,
"insert": false,
"update": false,
"delete": false,
"attribute_permissions": []
},
"hdb_license": {
"read": true,
"insert": false,
"update": false,
"delete": false,
"attribute_permissions": []
},
"hdb_info": {
"read": true,
"insert": false,
"update": false,
"delete": false,
"attribute_permissions": []
},
"hdb_nodes": {
"read": true,
"insert": false,
"update": false,
"delete": false,
"attribute_permissions": []
},
"hdb_temp": {
"read": true,
"insert": false,
"update": false,
"delete": false,
"attribute_permissions": []
}
}
}
},
"role": "super_user"
},
"username": "HDB_ADMIN"
}
]
Returns user data for the associated user credentials.
- operation (required) - must always be
user_info
{
"operation": "user_info"
}
{
"__createdtime__": 1610749235611,
"__updatedtime__": 1610749235611,
"active": true,
"role": {
"__createdtime__": 1610749235609,
"__updatedtime__": 1610749235609,
"id": "745b3138-a7cf-455a-8256-ac03722eef12",
"permission": {
"super_user": true
},
"role": "super_user"
},
"username": "HDB_ADMIN"
}
Creates a new user with the specified role and credentials. Learn more about HarperDB users here: https://harperdb.io/docs/security/users-roles/.
Operation is restricted to super_user roles only
- operation (required) - must always be
add_user
- role (required) - 'role' name value of the role you wish to assign to the user. See
add_role
for more detail - username (required) - username assigned to the user. It can not be altered after adding the user. It serves as the hash
- password (required) - clear text for password. HarperDB will encrypt the password upon receipt
- active (required) - boolean value for status of user's access to your HarperDB instance. If set to false, user will not be able to access your instance of HarperDB.
{
"operation": "add_user",
"role": "role_name",
"username": "hdb_user",
"password": "password",
"active": true
}
{
"message": "hdb_user successfully added"
}
Modifies an existing user's role and/or credentials. Learn more about HarperDB users here: https://harperdb.io/docs/security/users-roles/.
Operation is restricted to super_user roles only
- operation (required) - must always be
alter_user
- username (required) - username assigned to the user. It can not be altered after adding the user. It serves as the hash.
- password (optional) - clear text for password. HarperDB will encrypt the password upon receipt
- role (optional) -
role
name value of the role you wish to assign to the user. Seeadd_role
for more detail - active (optional) - status of user's access to your HarperDB instance. See
add_role
for more detail
{
"operation": "alter_user",
"role": "role_name",
"username": "hdb_user",
"password": "password",
"active": true
}
{
"message": "updated 1 of 1 records",
"new_attributes": [],
"txn_time": 1611615114397.988,
"update_hashes": [
"hdb_user"
],
"skipped_hashes": []
}
Deletes an existing user by username. Learn more about HarperDB users here: https://harperdb.io/docs/security/users-roles/.
Operation is restricted to super_user roles only
- operation (required) - must always be
drop_user
- username (required) - username assigned to the user
{
"operation": "drop_user",
"username": "sgoldberg"
}
{
"message": "sgoldberg successfully deleted"
}
Last modified 18d ago