rel="roles"
link obtained from the entry point URI (see Chapter 4, Entry Point) provides access to a static set of system roles. Each individual role
element contains the following:
Element | Type | Description | Properties |
---|---|---|---|
link="permits"
| relationship |
A link to the permits sub-collection for role permits.
|
![]() |
mutable
| Boolean: true or false |
Defines the ability to update or delete the role. Roles with mutable set to false are roles built into the Red Hat Enterprise Virtualization environment.
|
![]() |
administrative
| Boolean: true or false | Defines the role as administrative-only. |
<roles> <role id="00000000-0000-0000-0000-000000000001" href="/api/roles/00000000-0000-0000-0000-000000000001"> <name>SuperUser</name> <description>Roles management administrator</description> <link rel="permits" href="/api/roles/00000000-0000-0000-0000-000000000001/permits"/> <mutable>false</mutable> <administrative>true</administrative> </role> <role id="00000000-0000-0000-0001-000000000001" href="/api/roles/00000000-0000-0000-0001-000000000001"> <name>RHEVMUser</name> <description>RHEVM user</description> <link rel="permits" href="/api/roles/00000000-0000-0000-0001-000000000001/permits"/> <mutable>false</mutable> <administrative>false</administrative> </role> <role id="00000000-0000-0000-0001-000000000002" href="/api/roles/00000000-0000-0000-0001-000000000002"> <name>RHEVMPowerUser</name> <description>RHEVM power user</description> <link rel="permits" href="/api/roles/00000000-0000-0000-0001-000000000002/permits"/> <mutable>false</mutable> <administrative>false</administrative> </role> </roles>
name
, administrative
and a list of initial permits
. See Section 7.2.4, “ Creating a Resource in a Collection ” for more information.
POST /api/roles HTTP/1.1 Accept: application/xml Content-type: application/xml <role> <name>Finance Role</name> <administrative>true</administrative> <permits> <permit id="1"/> </permits> </role>
name
, description
and administrative
elements are updatable post-creation. See Section 7.3.2, “ Updating a Resource ” for more information.
PUT /api/roles/8de42ad7-f307-408b-80e8-9d28b85adfd7 HTTP/1.1 Accept: application/xml Content-type: application/xml <role> <name>Engineering Role</name> <description>Standard users in the Engineering Role</description> <administrative>false</administrative> </role>
DELETE
request.
DELETE /api/roles/8de42ad7-f307-408b-80e8-9d28b85adfd7 HTTP/1.1 HTTP/1.1 204 No Content
permits
, which the API lists in capabilities
. For more information on access to permits
, see Section 6.2, “Permits”.
permits
are listed as a sub-collection:
GET /api/roles/b67dfbe2-0dbc-41e4-86d3-a2fbef02cfa9/permits HTTP/1.1 Accept: application/xml HTTP/1.1 200 OK Content-Type: application/xml <permits> <permit id="1" href="/api/roles/b67dfbe2-0dbc-41e4-86d3-a2fbef02cfa9/permits/1"> <name>create_vm</name> <administrative>false</administrative> <role id="b67dfbe2-0dbc-41e4-86d3-a2fbef02cfa9" href="/api/roles/b67dfbe2-0dbc-41e4-86d3-a2fbef02cfa9"/> </permit> ... </permits>
permit
to a role with a POST
request to the permits
sub-collection. Use either an id
attribute or a name
element to specify the permit
to assign.
POST /api/roles/b67dfbe2-0dbc-41e4-86d3-a2fbef02cfa9/permits HTTP/1.1 Accept: application/xml Content-Type: application/xml <permit id="1"/> HTTP/1.1 201 Created Content-Type: application/xml <permits> <permit id="1" href="/api/roles/b67dfbe2-0dbc-41e4-86d3-a2fbef02cfa9/permits/1"> <name>create_vm</name> <administrative>false</administrative> <role id="b67dfbe2-0dbc-41e4-86d3-a2fbef02cfa9" href="/api/roles/b67dfbe2-0dbc-41e4-86d3-a2fbef02cfa9"/> </permit> </permits>
permit
from a role with a DELETE
request to the permit
resource.
DELETE /api/roles/b67dfbe2-0dbc-41e4-86d3-a2fbef02cfa9/permits/1 HTTP/1.1 HTTP/1.1 204 No Content