堆栈内存溢出
  简体   繁体   English

Fiware IDM-Keyrock:如何使用Keyrock API检查用户是否具有某些许可权(permission_fiware)

[英]Fiware IDM-Keyrock: How to check if user has some permission(permission_fiware) using keyrock API

 原文  2015-11-05 12:59:58       fiware

问题描述

I created some permissions(permission_fiware table) in Horizon regarding urls that can or cant be seen.I created permission(name:Upload images, with resource: "/image_upload") and role(role_fiware) admin that has this permission. 我在Horizo​​n中创建了一些关于可以看到或无法看到的url的权限(permission_fiware表)。我创建了权限(名称:上传图像,资源:“ / image_upload”)和角色(role_fiware)管理员具有此权限。 Now i want to check whether some user that is logged in to my application can view that page on url "/image_upload" that i defined in horizons permission.So my guess is i should first check what roles user has, and after that whether those roles that user is assigned have required permission. 现在,我想检查是否有一些登录到我的应用程序的用户可以查看我在Horizo​​ns权限中定义的URL“ / image_upload”上的该页面。所以我的猜测是我应该首先检查该用户具有哪些角色,然后检查这些角色是否分配给用户的角色具有必需的权限。 So, my question is next: How can i list what permission one specific user has. 所以,我的问题是下一个:我如何列出一个特定用户的权限。 In Keyrocks API: 在Keyrocks API中:

http://docs.keyrock.apiary.io/#reference/keystone-extensions/role-user-relationships/list-users-role-assignments http://docs.keyrock.apiary.io/#reference/keystone-extensions/role-user-relationships/list-users-role-assignments

i found how i can list all permissions for a specific role 我发现了如何列出特定角色的所有权限 

http://keyrock/OS-ROLES/roles/role_id/permissions

but how can i get information about what roles(role_fiware) are assigned to a user? 但是我如何获取有关分配给用户的角色(role_fiware)的信息?

1 个解决方案

解决方案1
 2  2015-11-11 09:05:39

As stands in the FIWARE-IDM documentation doing a request against the resource user of your IDM host using the access_token , will return the user information, and within that information you will find the roles that user have assigned: FIWARE-IDM文档中所述,使用access_token对IDM主机的资源user进行请求,将返回用户信息,在该信息中,您将找到用户已分配的角色: 

GET
/user?access_token=XXXXXXXXXXXXXXXXXXXX


Response:

{
  "organizations": [{
    "website": "",
    "city": "",
    "name": "Franchise1",
    "img": "/static/dashboard/img/logos/small/group.png",
    "domain_id": "default",
    "enabled": true,
    "id": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
    "roles": [{
      "name": "Franchise manager",
      "id": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
    }],
    "email": "",
    "description": "Test Organization"
  }],
  "displayName": "user1",
  "roles": [{
    "name": "End user",
    "id": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
  }],
  "app_id": "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
  "email": "user1@test.com",
  "id": "user1"
}

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在Fiware IdM Keyrock中自定义或替换OAuth2登录屏幕 - How to customize or replace OAuth2 login screen in Fiware IdM Keyrock FIWARE如何从Wirecloud小部件访问KeyRock IdM令牌 - FIWARE how to access KeyRock IdM token from Wirecloud widget 访问SCIM API-Keyrock Fiware - Access SCIM API - Keyrock Fiware 在FIWARE Lab之外使用KeyRock - Using KeyRock outside of FIWARE Lab Fiware Keyrock-不退还组织 - Fiware Keyrock - organizations are not returned Fiware Keyrock安装 - Fiware keyrock installation FIWARE-Keyrock新用户无法访问 - FIWARE - Keyrock new user without access Fiware KeyRock API错误:未返回组织的成员身份 - Fiware KeyRock API bug: Membership of organisations not returned fiware spagobi api rest使用keyrock进行验证 - fiware spagobi api rest validate with keyrock Fiware-如何集成Keyrock IdM,Wilma PEP代理和Orion上下文代理? - Fiware - How to integrate Keyrock IdM, Wilma PEP Proxy and Orion Context Broker?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM