From 04f5c20c0893912c15792376e68dd3e70aaca625 Mon Sep 17 00:00:00 2001 From: Daniel Bell Date: Mon, 2 Oct 2023 09:27:44 +0100 Subject: [PATCH] Storage permissions endpoint docs (#4319) * Add docs for storage permisions requests * add scaladoc --- .../StoragePermissionProvider.scala | 3 +++ .../docs/delta/api/user-permissions-api.md | 27 +++++++++++++------ 2 files changed, 22 insertions(+), 8 deletions(-) diff --git a/delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/permissions/StoragePermissionProvider.scala b/delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/permissions/StoragePermissionProvider.scala index 171ffa7bad..a61853f23c 100644 --- a/delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/permissions/StoragePermissionProvider.scala +++ b/delta/sdk/src/main/scala/ch/epfl/bluebrain/nexus/delta/sdk/permissions/StoragePermissionProvider.scala @@ -6,6 +6,9 @@ import ch.epfl.bluebrain.nexus.delta.sdk.permissions.model.Permission import ch.epfl.bluebrain.nexus.delta.sourcing.model.ProjectRef import monix.bio.UIO +/** + * Provides the permission a user needs to have in order to access files on this storage + */ trait StoragePermissionProvider { def permissionFor(id: IdSegmentRef, project: ProjectRef, accessType: AccessType): UIO[Permission] diff --git a/docs/src/main/paradox/docs/delta/api/user-permissions-api.md b/docs/src/main/paradox/docs/delta/api/user-permissions-api.md index 9b84b098d1..dc49acb52e 100644 --- a/docs/src/main/paradox/docs/delta/api/user-permissions-api.md +++ b/docs/src/main/paradox/docs/delta/api/user-permissions-api.md @@ -11,20 +11,31 @@ The described endpoints are experimental and the responses structure might chang @@@ -## Head +Requests +: All requests should have no body -This operation determines whether the current logged in user has a specific permission in a specific context +Responses +: A response will have a 204 (no content) status code if the user is authorised +: A response will have a 403 (forbidden) status code if the user is not authorised + + +## Standard permissions +This operation determines whether the current logged in user has a specific permission in a specific context ``` HEAD /v1/user/permissions/{org_label}/{project_label}?permission={permission} ``` - where - `{permission}`: String - the permission to check -Request -: The request should have no body -Response -: The response will have a 204 (no content) status code if the user is authorised -: The response will have a 403 (forbidden) status code if the user is not authorised +## Storage access permissions + +This operation determines whether the current logged in user would be able to access files on a specific storage +``` +HEAD /v1/user/permissions/{org_label}/{project_label}?storage={storage_id}&type={access_type} +``` +where +- `{storage_id}`: String - the id of the storage +- `{access_type}`: String - the access type of the storage. Can be `read` or `write` +