tg-authApi
userExists
Checks whether this UserID (eduPersonPrincipalName) exists in RBAC.
-
- Input Parameters userExistsRequest, with elements
-
- auth - String, SessionID of application or user asking
- log - String for log information, optional
-
- username - String containing the ID (ePPN) of the user
-
- Output Parameters booleanResponse, with element
- result - boolean, true if user exists, false otherwise
-
- Faults:
-
- authenticationFault
getNames
Returns user records for a list of ePPNs
-
- Input Parameters getNamesRequest, with elements
-
- auth - String, SessionID of user that wants to query for names
- log - String,
- ePPN - List of Strings
getIDs
Returns user records for a name or mail address.
-
- Input Parameters getIDsRequest, with elements
-
- auth - String, SessionID of user that wants to query for names
- log - String,
- name - String with Name
- mail - String with E-Mail Address
- organisation - String with Organisation
-
- Output Parameters getIDsResponse. It contains 0...n userDetails, which themselves have elements
-
- ePPN - String holding ePPN of user
- name - String holding Name (cn) of user
- mail - String holding E-Mail address of user
- organisation - String holding user' affiliation
- agreesearch - Boolean, whether user wants his ID to be found be a search for name or mail address
- usersupplieddata - Boolean, whether user himself or his organisation supplied these data
- Faults none
getObjects
Returns URIs of all resources in project. Caller must have some role in the project.
- Input Parameters getObjectsRequest, with elements
- auth - String, SessionID of user
- log - String for log information, optional
- project - String with projectID
- Output Parameters resourcesetResponse, with element
- resource - String with URI of resource in project. Can occur multiple times
tgCheckAccess
Returns access decision for given operation on given resource for session.
- Input Parameters tgCheckAccessRequest, with elements
- auth - String, SessionID of user (or service) that wants to intitiate the check
- log - String for log information, optional
- sid - String, SessionID of user for whom the check is to be done. Leave empty if check is to be done for user's own session given under auth
- operation - String, such as "read", "write"
- resource - String, name of project or role, or URI of TgObject resource
- Output Parameters booleanResponse, with element
- result - boolean, true if operation was successful, false otherwise
- Faults
- unknownResourceFault
tgAssignedRoles
Returns the roles the requesting user has, in any project. Can be called for another user by project leaders, then roles will be limited to the intersection of those projects where auth is leader AND username has some role in.
- Input Parameters tgAssignedRolesRequest, with elements
- auth - String, SessionID of user that wants to query for roles
- log - String for log information, optional
- username - String, ePPN of user for whom the query is to be done. Can be empty.
- Output Parameters rolesetResponse, with element
- role - String with full-qualified role name of the role. The full-qualified role name has the form "Administrator,TGPR3,Projekt-Teilnehmer". Can occur multiple times.
tgAssignedProjects
Returns projectIDs of all projects the user has some role in.
- Input Parameters tgAssignedProjectsRequest, with elements
- auth - String, SessionID of user that wants to query for roles
- log - String for log information, optional
- level - Integer. Can be either empty (= level 0) or one of the following:
- 0 - Returns all projects the user has any role in (default).
- 1 - Returns only projects where the user has read access, i.e.
- she is Beobachter (observer) or
- she is Bearbeiter (editor) or
getAllProjects
Returns all projects stored in this RBAC instance with ID, name, and description. See also getProjectDescription().
- Input Parameters getAllProjectsRequest, with elements
- auth - String, SessionID of user that wants to query for projects. Can be omitted as this information can be reviewed publicly
- log - String for log information, optional
- Output Parameters getAllProjectsResponse, with element
- project - projectInfo, can occur multiple times
- The type projectInfo consists of the following elements:
- id - String, project ID, such as "TGPR123"
- description - String, project description
- name - String, project name
- file - String with URI of project file for project-specific settings.
getDeactivatedProjects
Returns all projects stored in this RBAC instance with ID, name, and description that are deactivated and can be reactivated by the current user.
- Input Parameters getAllProjectsRequest, with elements
- auth - String, SessionID of user that wants to query for projects. Can be omitted as this information can be reviewed publicly
- log - String for log information, optional
- Output Parameters getDeactivatedProjectsResponse, with element
- project - projectInfo, can occur multiple times.
- The type projectInfo consists of the following elements:
- id - String, project ID, such as "TGPR123"
- description - String, project description
- name - String, project name
- file - String with URI of project file for project-specific settings.
getLeader
Returns Project Leader/s (i.e. who have delegate right on the respective project resource).
- Input Parameters getLeaderRequest, with elements
- auth - String, SessionID of user that wants to query for projects. Can be omitted as this information can be reviewed publicly
- log - String for log information, optional
- project - String with project ID, such as "TGPR123"
- Output Parameters usersetResponse, with element
- username - String holding ePPN of user, can occur multiple times.
filterBySid
This is tgCheckAccess in batch operation: Returns a list of the resources where a given operation with this SessionID is allowed. The resource parameter must contain a list of resources, and the subset of this list that matches will be returned.
- Input Parameters filterBySidRequest, with elements
- auth - String, SessionID of user that wants to do the check
- log - String for log information, optional
- resource - String with projectID, or URI of TgObject resource. Can occur multiple times.
- operation - String, such as "read", "write"
- Output Parameters filterResponse, with element
- resource - String with projectID, or URIs that match. Can occur multiple times.
- Faults
- authenticationFault
getOwner
Returns ePPN of owner that was set in registerResource. User must have read permission on the resource, or resource must be public.
- Input Parameters getOwnerRequest, with elements
- auth - String, SessionID of user that wants to query for the owner
- log - String for log information, optional
- resource - String, URI of TgObject
- Output Parameters getOwnerResponse, with element
- owner - String, ePPN of owner.
- Faults
- authenticationFault
getMembers
Returns ePPNs of all members in the project, caller must be member herself.
- Input Parameters getMembersRequest, with elements
- auth - String, SessionID of user that wants to query for members
- log - String for log information, optional
- project - String, ProjectID, such as "TGPR123"
- Output Parameters usersetResponse, with element
- username - String holding ePPN of user, can occur multiple times.
- Faults
- authenticationFault
getUserRole
Returns ePPNs plus Array of Roles of all members in the project, caller must be member herself.
- Input Parameters getUserRoleRequest, with elements
- auth - String, SessionID of user that wants to query for roles
- log - String for log information, optional
- project - String, ProjectID, such as "TGPR123"
- Output Parameters getUserRoleResponse. It contains 0...n userRoles, which themselves have elements
- username - String holding ePPN of user
- roles - array of Strings with roles the user has (e.g. "Bearbeiter").
- Faults
- authenticationFault
- unknownProjectFault
getFriends
Returns ePPNs of the users the authenticated user has relations with, i.e. they are signed into the same project role. Each user name has a score which shows how many roles the requester shares with that user.