openstack/manila
Code Issues Proposed changes
fab04b5751
manila/api-ref/source/share-access-rules.inc
silvacarloss 0f82690ddd Allow restricting access rules fields and deletion 
Access rules rules allow API will now take three additional
parameters:

- lock_visibility: when True, only services, administrators and
  the same user will be able to see the content of ``access_to`` and
  access_key.

- lock_deletion: when True, the access rule will be locked for
  deletion. Only services, administrators or the user that placed
  the lock will be able to drop the access rule.

- lock_reason: a reason for the lock. This parameter should only
  be provided in the presence of at least one of the former
  parameters.

In order to delete an access rule that is currently locked, the
requester will need to specify ``unrestrict=True`` in the request.

In case a service placed the restrictions, only the own service or
the system administrator will be able to release it.

This change also implements filters to the access list API. It is
now possible to filter access rules based on `access_to`,
`access_type`, `access_level` and `access_key`.

DocImpact

Change-Id: Iea422c9d6bc99a81cd88c5f4b7055d6a1cf97fdc
2023-08-24 14:53:06 -03:00

134 lines
2.8 KiB
ReStructuredText
Raw Blame History

.. -*- rst -*-
.. _get-access-rules-after-2-45:
Share access rules (since API v2.45)
====================================
Retrieve details about access rules
.. note::
Starting from API version 2.82, access rule visibility can be restricted
by a project user, or any user with "service" or "admin" roles. When
restricted, the access_to and access_key fields will be redacted to other
users. This redaction applies irrespective of the API version.
Describe share access rule
~~~~~~~~~~~~~~~~~~~~~~~~~~
.. rest_method:: GET /v2/share-access-rules/{access_id}
.. versionadded:: 2.45
Retrieve details about a specified access rule.
Response codes
--------------
.. rest_status_code:: success status.yaml
- 200
.. rest_status_code:: error status.yaml
- 400
- 401
- 403
- 404
Request
-------
.. rest_parameters:: parameters.yaml
- project_id: project_id_path
- access_id: access_id_path
Response parameters
-------------------
.. rest_parameters:: parameters.yaml
- share_id: access_share_id
- created_at: created_at
- updated_at: updated_at
- access_type: access_type
- access_to: access_to
- access_key: access_key_share_access_rules
- state: state
- access_level: access_level
- id: access_rule_id
- metadata: access_metadata
Response example
----------------
.. literalinclude:: samples/share-access-rules-show-response.json
:language: javascript
List share access rules
~~~~~~~~~~~~~~~~~~~~~~~
.. rest_method:: GET /v2/share-access-rules?share_id={share-id}
.. versionadded:: 2.45
Lists the share access rules on a share.
.. note::
This API replaces the older :ref:`List share access rules
<get-access-rules-before-2-45>` API from version 2.45.
.. note::
Starting from API version 2.82, access rule visibility can be restricted
by a project user, or any user with "service" or "admin" roles. When
restricted, the access_to and access_key fields will be redacted to other
users. This redaction applies irrespective of the API version.
Response codes
--------------
.. rest_status_code:: success status.yaml
- 200
.. rest_status_code:: error status.yaml
- 400
- 401
- 403
- 404
- 409
Request
-------
.. rest_parameters:: parameters.yaml
- project_id: project_id_path
- share_id: share_id_access_rules_query
- metadata: metadata
Response parameters
-------------------
.. rest_parameters:: parameters.yaml
- metadata: access_metadata
- access_type: access_type
- access_key: access_key_share_access_rules
- access_to: access_to
- access_level: access_level
- state: state
- access_list: access_list
- id: access_rule_id
- created_at: created_at
- updated_at: updated_at
Response example
----------------
.. literalinclude:: samples/share-access-rules-list-response.json
:language: javascript
View Git Blame Copy Permalink