Each resource contains a permissions
sub-collection. Each permission
contains a user
, an assigned role
and the specified resource. For example:
GET /rhevm-api/{collection}/{resource_id}/permissions HTTP/1.1
Accept: application/xml
HTTP/1.1 200 OK
Content-Type: application/xml
<permissions>
<permission id="{permission-id}"
href="/rhevm-api/{collection}/{resource_id}/permissions/{permission_id}">
<role id="{role_id}" href="/rhevm-api/roles/{role_id}"/>
<user id="{user_id}" href="/rhevm-api/users/{user_id}"/>
<{resource} id="{resource_id}" href="/rhevm-api/{collection}/{resource_id}"/>
</permission>
...
</permissions>
A resource acquires a new permission
when POST
ed to its permissions
sub-collection. Each new permission requires a role
and a user
:
POST /rhevm-api/{collection}/{resource_id}/permissions HTTP/1.1
Accept: application/xml
<permission">
<role id="{role_id}"/>
<user id="{user_id}"/>
</permission>
HTTP/1.1 201 Created
Content-Type: application/xml
<permission id="{permission_id}"
href="/rhevm-api/resources/{id}/permissions/{permission_id}">
<role id="{role_id}" href="/rhevm-api/roles/{role_id}"/>
<user id="{user_id}" href="/rhevm-api/users/{user_id}"/>
<{resource} id="{resource_id}" href="/rhevm-api/{collection}/{resource_id}"/>
</permission>