import cherrypy
-from . import ApiController, RESTController, UiApiController,\
- CreatePermission
from .. import mgr
-from ..exceptions import RoleDoesNotExist, DashboardException,\
- RoleIsAssociatedWithUser, RoleAlreadyExists
-from ..security import Scope as SecurityScope, Permission
+from ..exceptions import DashboardException, RoleAlreadyExists, \
+ RoleDoesNotExist, RoleIsAssociatedWithUser
+from ..security import Permission
+from ..security import Scope as SecurityScope
from ..services.access_control import SYSTEM_ROLES
+from . import ApiController, ControllerDoc, CreatePermission, EndpointDoc, \
+ RESTController, UiApiController
+
+ROLE_SCHEMA = [{
+ "name": (str, "Role Name"),
+ "description": (str, "Role Descriptions"),
+ "scopes_permissions": ({
+ "cephfs": ([str], "")
+ }, ""),
+ "system": (bool, "")
+}]
@ApiController('/role', SecurityScope.USER)
+@ControllerDoc("Role Management API", "Role")
class Role(RESTController):
@staticmethod
def _role_to_dict(role):
if permissions:
role.set_scope_permissions(scope, permissions)
+ @EndpointDoc("Display Role list",
+ responses={200: ROLE_SCHEMA})
def list(self):
# type: () -> list
roles = dict(mgr.ACCESS_CTRL_DB.roles)