How to restrict Role to allow import for only spec...

Tomasz_Kowalczy · 11-23-2016 11:57 PM

Hi Apigee Community,

In my company, I'd like to give access to each bunch of api proxies to specific departments (users), for example api proxies A and B should be managed by user C while proxies D and E - by user F.

I already created role roleC (for user C) and roleF (for user F). They can only edit their proxies and no any other proxies.

Now I'd like to ask you how can I add permission to roleC so that user having that role is able to import (from git) proxy A and B. I already tried following calls:

{{MGMTSVR}}/v1/organizations/{{ORG}}/userroles/roleC/permissions

body:

{
"path" : "/applications/proxyA/*",
"permissions" : [ "put", "get" ]
}

OR

{{MGMTSVR}}/v1/organizations/{{ORG}}/userroles/roleC/permissions

body:

{
"path" : "/apis?action=import&name=proxyA",
"permissions" : [ "put", "get" ]
}

Can you help me with adding this restriction?

Regards,

Tomasz

adas

You should be able to do this from the UI. See the screenshot below. You can edit the role and and specific proxies with edit, delete, view permissions and so on.

You can also click the "Roles" button next to the api proxies listing page and give access to specific roles.

gaurav_bhandari

@Tomasz.Kowalczyk

You can also automate this process.

1) As soon as the API PROXY is created by individual, find the name of the individual who created the APi proxy.

2) FInd the role name to which the individual belongs to

3) Add the API PROXY to this role and provide edit, deploy and trace access.

4) Create a cron job combining step 1,2 and 3 which can run every 15 or 30 min.

Let me know if you need the apicalls for all the above four steps.

nathalylozano

@gbhandari

Can you provide me those APIs

vamsisrikakarla

@gbhandari @nathalylozano

can you provide those APIs.

How to restrict Role to allow import for only specific api proxies