openstack/trove
Code Issues Proposed changes
da998aeddc
trove/api-ref/source/user-management.inc
Zhao Chao d597bb4714 Return 204 instead of 200 for root-disable API 
As no content will be returned to the client if a root-disable request
succeeds, a HTTP 204 (Not Content) response is more appropriate.

Redis root-disable scenario test fails because it's return HTTP 204, but
all API related tests are expecting a HTTP 200. Although changing Redis
root-disable API is a much simpler way to resolve the problem, migrating
from HTTP 200 to HTTP 204 should be a better solution. Related tests and
documents are also updated accordingly.

APIImpact

Change-Id: If732a578009fd35436e810fb7ceceefd1ada3778
Signed-off-by: Zhao Chao <zhaochao1984@gmail.com>
2018-03-02 20:57:23 +08:00

304 lines
10 KiB
ReStructuredText
Raw Blame History

.. -*- rst -*-
=============
Users (users)
=============
Creates, lists all, and deletes users.
Enable root user
~~~~~~~~~~~~~~~~
.. rest_method:: POST /v1.0/{accountId}/instances/{instanceId}/root
Enables the root user for a database instance and returns the root password.
This operation generates a root password for the root user and
enables the root user to log in from any host.
Changes that you make as a root user can impact the database instance
and API operations in unpredictable and detrimental ways. When you
enable the root user, you accept the possibility that we cannot
support your database instance. We might not be able to assist you if
you change core database settings. These changes can be, but are not
limited to, turning off bin logs, removing users that we use to access
your instance, and so on.
Normal response codes: 200
Error response codes: badRequest(400), unauthorized(401), forbidden(403),
itemNotFound(404), badMethod(405), overLimit(413), unprocessableEntity(422),
instanceFault(500), notImplemented(501), serviceUnavailable(503)
Request
-------
.. rest_parameters:: parameters.yaml
- instanceId: instanceId
- accountId: accountId
Response Example
----------------
.. literalinclude:: samples/db-enable-root-user-response.json
:language: javascript
Show root-enabled status for database instance
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. rest_method:: GET /v1.0/{accountId}/instances/{instanceId}/root
Shows root-enabled status for a database instance.
Returns ``true`` if root user is enabled for a database instance.
Otherwise, returns ``false``.
Normal response codes: 200
Error response codes: badRequest(400), unauthorized(401), forbidden(403),
itemNotFound(404), badMethod(405), overLimit(413), unprocessableEntity(422),
instanceFault(500), notImplemented(501), serviceUnavailable(503)
Request
-------
.. rest_parameters:: parameters.yaml
- instanceId: instanceId
- accountId: accountId
Response Example
----------------
.. literalinclude:: samples/db-check-root-user-response.json
:language: javascript
Disable root user
~~~~~~~~~~~~~~~~~
.. rest_method:: DELETE /v1.0/{accountId}/instances/{instanceId}/root
Disables the root user.
Normal response codes: 204
Error response codes: badRequest(400), unauthorized(401), forbidden(403),
itemNotFound(404), badMethod(405), overLimit(413), unprocessableEntity(422),
instanceFault(500), notImplemented(501), serviceUnavailable(503)
Request
-------
.. rest_parameters:: parameters.yaml
- instanceId: instanceId
- accountId: accountId
Delete user
~~~~~~~~~~~
.. rest_method:: DELETE /v1.0/{accountId}/instances/{instanceId}/users/{name}
Deletes a user for a database instance.
Normal response codes: 202
Error response codes: badRequest(400), unauthorized(401), forbidden(403),
itemNotFound(404), badMethod(405), overLimit(413), unprocessableEntity(422),
instanceFault(500), notImplemented(501), serviceUnavailable(503)
Request
-------
.. rest_parameters:: parameters.yaml
- instanceId: instanceId
- accountId: accountId
- name: user_name
Create user
~~~~~~~~~~~
.. rest_method:: POST /v1.0/{accountId}/instances/{instanceId}/users
Creates a user for a database instance.
Asynchronously provisions a new user for the database instance by
using the configuration that you define in the request object.
After the API validates the request and starts progress on the
provisioning process, the call returns the ``Accepted (202)``
response code.
If the API cannot fulfill the corresponding request due to
insufficient data or data that is not valid, the API returns the
``Bad Request (400)`` response code with information about the
nature of the failure. You cannot recover from validation errors.
You must correct the cause of the failure and the request again.
This table lists the required attributes for creating users:
**Required attributes for user**
+-----------------+------+------------------------------------+----------+
| Applies to | Name | Description | Required |
+-----------------+------+------------------------------------+----------+
| User | name | Name of the user for the database. | Yes |
+-----------------+------+------------------------------------+----------+
| password | | User password for database access. | Yes |
+-----------------+------+-------------------------+----------+----------+
| (database) name | | Name of the database(s) that the | |
| | | user can access. You can specify | No |
| | | one or more database names. | |
+-----------------+------+------------------------------------+----------+
Name of the database that the user can access. You can specify one or more
database names.
**Notes**
- The operation grants the user all privileges on the databases.
- Do not use the ``root`` user name, which is reserved.
These tables list the valid characters for database names, user
names, and passwords.
**Valid characters in database name, user name, and password**
+---------------------------------------------------------------------------------------------------------------------------------+
| Character |
+---------------------------------------------------------------------------------------------------------------------------------+
| Letters (upper and lower cases allowed) |
+---------------------------------------------------------------------------------------------------------------------------------+
| Numbers |
+---------------------------------------------------------------------------------------------------------------------------------+
| ``@``, ``?``, ``#``, and spaces are allowed, but **not** at the beginning and end of the database name, user name, and password |
+---------------------------------------------------------------------------------------------------------------------------------+
| ``_`` is allowed anywhere in the database name, user name, and password |
+---------------------------------------------------------------------------------------------------------------------------------+
**Characters that are not allowed in database name, user name, and password**
+---------------------------------------------------------+
| Character |
+---------------------------------------------------------+
| Single quotes |
+---------------------------------------------------------+
| Double quotes |
+---------------------------------------------------------+
| Back quotes |
+---------------------------------------------------------+
| Semicolons |
+---------------------------------------------------------+
| Commas |
+---------------------------------------------------------+
| Back slashes |
+---------------------------------------------------------+
| Forward slashes |
+---------------------------------------------------------+
| Spaces at the front or end of the user name or password |
+---------------------------------------------------------+
**Length restrictions for database name, user name, and password**
+------------------------------+-----------------------------+
| Restriction | Value |
+------------------------------+-----------------------------+
| Database name maximum length | 64 |
+------------------------------+-----------------------------+
| User name maximum length | 16 |
+------------------------------+-----------------------------+
| Password maximum length | unlimited (no restrictions) |
+------------------------------+-----------------------------+
Normal response codes: 202
Error response codes: badRequest(400), unauthorized(401), forbidden(403),
itemNotFound(404), badMethod(405), overLimit(413), unprocessableEntity(422),
instanceFault(500), notImplemented(501), serviceUnavailable(503)
Request
-------
.. rest_parameters:: parameters.yaml
- instanceId: instanceId
- accountId: accountId
Request Example
---------------
.. literalinclude:: samples/db-create-users-request.json
:language: javascript
List database instance users
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.. rest_method:: GET /v1.0/{accountId}/instances/{instanceId}/users
Lists the users in a database instance and the associated databases for that
user.
This operation does not return system users. A system user is a
database administrator who administers the health of the database.
Also, this operation returns the ``root`` user only if it is
enabled.
The following notes apply to MySQL users:
- User names can be up to 16 characters long.
- When you create accounts with INSERT, you must use FLUSH
PRIVILEGES to tell the server to reload the grant tables.
- For additional information, See:
`http://dev.mysql.com/doc/refman/5.1/en/user-account-
management.html <http://dev.mysql.com/doc/refman/5.1/en/user-
account-management.html>`_
Normal response codes: 200
Error response codes: badRequest(400), unauthorized(401), forbidden(403),
itemNotFound(404), badMethod(405), overLimit(413), unprocessableEntity(422),
instanceFault(500), notImplemented(501), serviceUnavailable(503)
Request
-------
.. rest_parameters:: parameters.yaml
- instanceId: instanceId
- accountId: accountId
Response Example
----------------
.. literalinclude:: samples/db-list-users-response.json
:language: javascript
View Git Blame Copy Permalink