Roles and Rights
A admin user can create different roles. A role has details about which parts of the system a user can access.
When a role is assigned to a user the rights are visible in the /me
request.
Get all rights groups
GET /rights-groups
All rights belong to a group, and can have dependencies on other rights.
If a right has dependencies
, it can only be enabled if all of the dependencies are enabled.
If a right has user_types
, it only works for the listed User Types.
Response
Status code 200
{
"data": [
{
"name": "basic",
"rights": [
{
"name": "additional_data",
"assignable": true,
"default": false,
"dependencies": [
"contacts"
],
"group": "additional_data"
},
{
"name": "cases",
"assignable": true,
"default": false,
"dependencies": [
"contacts",
"email_inbox",
"tasks.create"
],
"group": "cases"
}
]
},
{
"name": "user_management",
"rights": [
{
"name": "user_management.delete",
"assignable": true,
"default": false,
"user_types": [
"admin"
]
},
{
"name": "user_management.invite",
"assignable": true,
"default": false,
"user_types": [
"admin",
"team_admin"
]
}
]
}
]
}
Get all roles
GET /roles
Query string parameters
- Supports Pagination
Response
Status code 200
{
"data": [
{
"id": 1,
"name": "Test role",
"created_at": "2015-06-04 05:50:10",
"updated_at": "2015-06-04 05:50:10"
}
],
"pagination": {
"total": 12,
"page": 1,
"per_page": 15,
"urls": {
"previous": null,
"next": null
}
}
}
Get a role
GET /roles/:role_id
Rights is an array of strings defining which rights a Role gives access to.
If a right is not present on the role, that means the role does not give access to it.
Response
Status code 200
{
"id": 2,
"name": "Can only access contacts",
"rights": [
"cases",
"cases.create",
"contacts"
],
"created_at": "2015-06-04 05:50:10",
"updated_at": "2015-06-04 05:50:10"
}
Create a role
POST /roles
Parameters
name
string- Required
- Must be unique.
rights
array - List of right names.
Payload
{
"name": "Some role",
"rights": [
"cases",
"cases.create",
"contacts"
]
}
Response
Status code 201
{
"id": 13,
"name": "Some role",
"rights": [
"cases",
"cases.create",
"contacts"
],
"created_at": "2015-06-04 06:44:10",
"updated_at": "2015-06-04 06:44:10"
}
Update a role
PUT /roles/:role_id
Parameters
name
string- Required
- Must be unique.
rights
array - List of right names.
Payload
{
"name": "Some role",
"rights": [
"cases",
"cases.create",
"contacts"
]
}
Response
Status code 200
{
"id": 13,
"name": "Some updated role",
"rights": [
"cases",
"cases.create",
"contacts"
],
"created_at": "2015-06-04 06:44:10",
"updated_at": "2015-06-04 06:46:20"
}
Delete a role
DELETE /roles/:role_id
Response
Status code 204
Get delete role impact
GET /roles/:role_id/delete-impact
Gets the amount of users in a company that are affected by the deletion.
Response
Status code 200
{
"blocked_by": [],
"deletes": [],
"affects": [
{
"type": "users",
"amount": 3
}
]
}
Response
Status code 200