Feature #981

Return user assigned roles via json API

Added by Corey Osman about 11 years ago. Updated over 9 years ago.

Target version:
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:


I need a way to check if a user has permissions to perform actions on foreman before executing those actions via the api. I would like to see some json code return that details what the user has access to.

Associated revisions

Revision d076d573 (diff)
Added by Joseph Magen over 9 years ago

This commit adds most of the functionality required for API v1

The overall goal was to extract the existing JSON response
overall controllers, and to move them to a seperate name space.

  • documentation was added to all requests (available under /apidoc)
    this include same request and response generated using
    APIPIE_RECORD=examples rake test:api
  • Also Fixes #1800, fixes #1419, fixes #981 and fixes #1774

whats missing:

1. Permissions checks for all new controllers
2. Nested routes (e.g. /hosts/id/reports)
3. running tests with oauth/basic_auth (instead of as_admin {get /})


#1 Updated by Ohad Levy about 11 years ago

You could always try to execute those commands and get a access denied 403 error?

What you are asking is basically allowed_to method over the api (something like a dry run?)

#2 Updated by Corey Osman about 11 years ago

I am currently just handling access denied. However, in the future it would be nice to let the user know what they are allowed to do pertaining to my mobile app. This would be used as a precheck to determine what the user can't do so I can disable features.

#3 Updated by Ohad Levy almost 11 years ago

  • Target version deleted (0.4)

#4 Updated by Joseph Magen over 9 years ago

  • Status changed from New to Ready For Testing
  • Target version set to Bug scrub

#5 Updated by Anonymous over 9 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

Also available in: Atom PDF