Querying Permissions of a User Group Corresponding to a Project¶
Function¶
This API is used to query the permissions of a specified user group corresponding to a project. A role is a set of permissions and represents a group of actions.
URI¶
URI format
GET /v3/projects/{project_id}/groups/{group_id}/roles
URI parameters
Parameter
Mandatory
Type
Description
project_id
Yes
String
Project ID.
group_id
Yes
String
ID of a user group.
Request Parameters¶
Parameters in the request header
Parameter
Mandatory
Type
Description
X-Auth-Token
Yes
String
Authenticated token with the Security Administrator permission.
Example request
curl -i -k -H "X-Auth-Token:$token" -H 'Content-Type:application/json;charset=utf8' -X GET https://sample.domain.com/v3/projects/073bbf60da374853841cf6624c94de4b/groups/47d79cabc2cf4c35b13493d919a5bb3d/roles
Response Parameters¶
Parameters in the response body
Parameter
Mandatory
Type
Description
links
Yes
Dict
Role resource link.
roles
Yes
Array
List of roles.
Role parameter description
Parameter
Mandatory
Type
Description
id
Yes
String
ID of a role.
links
Yes
Dict
Role resource link.
name
Yes
String
Name of a role.
domain_id
Yes
String
ID of the domain to which a role belongs.
type
Yes
String
Display mode of a role.
AX: A role is displayed at the domain layer.
XA: A role is displayed at the project layer.
AA: A role is displayed at both the domain and project layers.
XX: A role is not displayed at the domain or project layer.
display_name
No
String
Displayed name of a role.
catalog
No
String
Directory where a role locates.
policy
No
Dict
Policy of a role.
description
No
String
Description of a role.
Example response
{ "links": { "self": " https://sample.domain.com/v3/projects/3a4cd4d559d8492bbe7bd355643f9763/groups/728da352c017480f80b5a96beb15f0e6/roles", "previous": null, "next": null }, "roles": [ { "catalog": "BASE", "display_name": "Guest", "name": "readonly", "links": { "self": " https://sample.domain.com/v3/roles/13d132b7856945788f6df7eb3ed5c35e" }, "policy": { "Version": "1.0", "Statement": [ { "Action": [ "*:*:Get*", "*:*:List*" ], "Effect": "Allow" }, { "Action": [ "identity:*" ], "Effect": "Deny" } ] }, "domain_id": null, "type": "AA", "id": "13d132b7856945788f6df7eb3ed5c35e", "description": "Guest" }, { "catalog": "BASE", "display_name": "Tenant Administrator", "name": "te_admin", "links": { "self": " https://sample.domain.com/v3/roles/1def304b73f14e8eb8d1eb9bf8337ae6" }, "policy": { "Version": "1.0", "Statement": [ { "Action": [ "*" ], "Effect": "Allow" }, { "Action": [ "identity:*" ], "Effect": "Deny" } ] }, "domain_id": null, "type": "AA", "id": "1def304b73f14e8eb8d1eb9bf8337ae6", "description": "Tenant Administrator" } ] }
Status Codes¶
Status Code | Description |
---|---|
200 | The request is successful. |
400 | The server failed to process the request. |
401 | Authentication failed. |
403 | Access denied. |
404 | The requested resource cannot be found. |