Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[User Story] As a developer I want documentation of NGSI-LD updateBridge API so that I can use it to to develop new features #557

Open
wagmarcel opened this issue May 31, 2024 · 1 comment
Open

[User Story] As a developer I want documentation of NGSI-LD updateBridge API so that I can use it to to develop new features #557

wagmarcel opened this issue May 31, 2024 · 1 comment
Assignees
@MericFeyz
Labels
user story

Comments

@wagmarcel
Copy link
Member

Details

Acceptance Criteria

  1. [If I do A.]
  2. [B should happen.]

Resources:

  • Mockups: [Here goes a URL to or the name of the mockup(s) in inVision];
  • Testing URL: [Here goes a URL to the testing branch or IP];
  • Staging URL: [Here goes a URL to the feature on staging];

Notes

[Some complementary notes if necessary:]

  • Here goes a quote from an email

  • Here goes whatever useful information can exist…
@wagmarcel wagmarcel mentioned this issue May 31, 2024
Closed
@MericFeyz
Copy link
Collaborator

ScorpioBroker API and RBAC review:

Entity Operations

  • Factory-Admin can create, update and delete
  • Factory-Writer can create and update
  • Factory-Editor can update (Exception: Factory-Editor can run batch upsert letting the role to create objects)

Query Entity Operations

  • Factory-Admin, Factory-Reader and Factory-Editor roles have the same authorization level to query and filter entities, attributes and type catalogues.
  • Exception: The newly added entity map endpoints to CRUD entity maps are not secured with RBAC. It's a new feature of the NGSI-LD 1.8.1, might be worth taking a look at.
  • There's a query endpoint that's not been used by us before with the path "/ngsi-ld/v1/entityOperations/query". Will investigate how it behaves in comparisons to the default GET calls on /entities path.

Subscription Operations

  • Factory-Admin and Subscriber roles can create, delete and update subscriptions.
  • Factory-Admin and Factory-Reader can read subscriptions, and Subscriber can only read the subscription by ID.
  • Suggestion: Subscriber role does not comply with the naming scheme we have and is a very narrow role. It should either be removed or its name changed.
  • There's an unsecured endpoint with the path "/remotenotify" which lets us send manual notifications to specific subscription IDs. Should be secured or deactivated if no use case exists.

Context Source Registry Operations ("/ngsi-ld/v1/csourceRegistrations")

  • Factory-Admin can CRUD the context source registrations and Factory-Reader can read the registrations.
  • Factory-Admin and Subscriber role can subscribe to context source registrations and manage those subscriptions analog to the subscription endpoint. ("/ngsi-ld/v1/csourceSubscriptions")

@context Server Operations ("/ngsi-ld/v1/jsonldContexts/")

  • There are endpoints to CRUD contexts into the Scorpio however they are all unsecured. Should be secured.
  • There are two other endpoints, one with the path "/createimplicitly" (forgoing the camel case for some reason) and "/createcache/{url}" which are unknown to me. I can investigate if there's interest

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@MericFeyz MericFeyz

Labels
user story
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@wagmarcel @MericFeyz