Skip to main content

Vista (1.0)

Download OpenAPI specification:Download

API

API

Role Template

Role templates allow you to define allowable actions between resources and a particular actor. In Vista, this actor is representated as either a User or Userset (group of users).

Roles can also inherit permissions from other roles, allowing you to create a heirarchical structure.

assign role to role

Request Body schema: application/json
company_id
required
string
environment
required
string
parent_role_name
required
string
child_role_name
required
string

Responses

Request samples

Content type
application/json
{
  • "company_id": "e2df5f3c-8f3c-4eec-8783-8df7d7b750b9",
  • "environment": "test",
  • "parent_role_name": "admin3",
  • "child_role_name": "admin2"
}

create role

Request Body schema: application/json
company_id
required
string
environment
required
string
id
required
string
parent_roles
required
Array of strings
required
object (ActionsByResourceType)

Responses

Request samples

Content type
application/json
{
  • "company_id": "55d5d8c7-736c-4173-9519-8510fc41a963",
  • "environment": "test",
  • "id": "admin",
  • "parent_roles": [
    ],
  • "actions_by_resource_type": {
    }
}

list roles

Responses

Resource Template

Resource templates are types of resource that can be accessed. When creating Resource Templates, you must also specify the potential actions that can be taken on them (read, write, comment, push, pull, etc).

Vista allows defining fine-grain permissions to particular resource objects - these objects are recorded in the system when granting permissions to that resource.

create resource type

Request Body schema: application/json
company_id
required
string
environment
required
string
name
required
string
foreign_keys
required
Array of strings
attributes
required
Array of strings
actions
required
Array of strings

Responses

Request samples

Content type
application/json
{
  • "company_id": "92750316-605a-4353-928c-c27690423367",
  • "environment": "test",
  • "name": "document",
  • "foreign_keys": [ ],
  • "attributes": [ ],
  • "actions": [
    ]
}

list resource types

Responses

Users

Users represent the end user - they are allowed to perform actions on resources specified either when creating the user, or at a later time.

Users can also be assigned to Usersets, in which case they also inherit the permissions granted to the specified userset.

The API allows you to then check if that user can perform the specified action, on the specified resource.

assign userset to user

Request Body schema: application/json
company_id
required
string
environment
required
string
user_id
required
string
userset_id
required
string

Responses

Request samples

Content type
application/json
{
  • "company_id": "55d5d8c7-736c-4173-9519-8510fc41a963",
  • "environment": "test",
  • "user_id": "sid",
  • "userset_id": "group_admins"
}

create user

Request Body schema: application/json
company_id
required
string
environment
required
string
id
required
string
name
required
string

Responses

Request samples

Content type
application/json
{
  • "company_id": "92750316-605a-4353-928c-c27690423367",
  • "environment": "test",
  • "id": "sid",
  • "name": "sid"
}

check access for user

Responses

grant access to user

Request Body schema: application/json
user_id
required
string
action
required
string
resource_id
required
string
resource_type
required
string
company_id
required
string
environment
required
string

Responses

Request samples

Content type
application/json
{
  • "user_id": "sid",
  • "action": "write",
  • "resource_id": "document1",
  • "resource_type": "document",
  • "company_id": "92750316-605a-4353-928c-c27690423367",
  • "environment": "test"
}

create grant

Request Body schema: application/json
role_name
required
string
action
required
string
resource_id
required
string
resource_type
required
string
company_id
required
string
environment
required
string

Responses

Request samples

Content type
application/json
{
  • "role_name": "admin2",
  • "action": "write",
  • "resource_id": "some_document1",
  • "resource_type": "document",
  • "company_id": "e2df5f3c-8f3c-4eec-8783-8df7d7b750b9",
  • "environment": "test"
}

Usersets

A userset is a group that can be granted actions to specific resources - the actions and resources can be set either while creating the userset, or at a later time as well.

A userset can also be created from a Role template, in which case it is restricted to the actions and Resource type specified on the Role. These restrictions are a superset of the <action, resource> pairs specified on the role - you must specify which ones to grant.

grant access to usersets

Request Body schema: application/json
userset_id
required
string
action
required
string
resource_id
required
string
resource_type
required
string
company_id
required
string
environment
required
string

Responses

Request samples

Content type
application/json
{
  • "userset_id": "sid",
  • "action": "write",
  • "resource_id": "document1",
  • "resource_type": "document",
  • "company_id": "55d5d8c7-736c-4173-9519-8510fc41a963",
  • "environment": "test"
}

create usersets

Request Body schema: application/json
userset_name
required
string
id
required
string
required
object (ResourceObjects)
required
object (ParentUsersets)
company_id
required
string
environment
required
string

Responses

Request samples

Content type
application/json
{
  • "userset_name": "group_readers",
  • "id": "reader",
  • "resource_objects": {
    },
  • "parent_usersets": {
    },
  • "company_id": "55d5d8c7-736c-4173-9519-8510fc41a963",
  • "environment": "test"
}

Admin

create environment

Request Body schema: application/json
company_id
required
string
environment
required
string

Responses

Request samples

Content type
application/json
{
  • "company_id": "e2df5f3c-8f3c-4eec-8783-8df7d7b750b9",
  • "environment": "test"
}

api login

Request Body schema: application/json
secret_key
required
string

Responses

Request samples

Content type
application/json
{
  • "secret_key": ""
}