Tables of Permissions
The following tables display the actions that can perform the users with the specified role. To be specific it displays all endpoints available across KYPO microservices that can be called. Because of that tables are divided based on individual microservices and then divided based on the resource to which they relate. The more detailed description of the endpoints are in the pages in this section.
User and Group Microservice#
Users Endpoints#
| Action | CRUD operation | Guest | User | Administrator |
|---|---|---|---|---|
| Get users | READ | |||
| Get users In groups | READ | |||
| Get user | READ | |||
| Get all users not in given group | READ | |||
| Get roles of user | READ | |||
| Get user info | READ | |||
| Get users with given IDs | READ | |||
| Delete user | DELETE | |||
| Delete users | DELETE |
Groups Endpoints#
| Action | CRUD operation | Guest | User | Administrator |
|---|---|---|---|---|
| Create new group | CREATE | |||
| Get groups | READ | |||
| Get group | READ | |||
| Get roles of group | READ | |||
| Update group | UPDATE | |||
| Remove users | UPDATE | |||
| Assign role to group | UPDATE | |||
| Remove role from group | UPDATE | |||
| Add users | UPDATE | |||
| Delete group | DELETE | |||
| Delete groups | DELETE |
Roles Endpoints#
| Action | CRUD operation | Guest | User | Administrator |
|---|---|---|---|---|
| Get roles | READ | |||
| Get role | READ | |||
| Get users with given role | READ | |||
| Get users with given role type | READ | |||
| Get users with given role type and not with given IDs | READ |
Microservices Endpoints#
| Action | CRUD operation | Guest | User | Administrator |
|---|---|---|---|---|
| Get Microservices | READ | |||
| Register New Microservice | CREATE/UPDATE |
Warning
Registration of a microservice is not secured at all.
Training Microservice#
Linear Training Definitions Endpoints#
Note
The symbol means that action can be performed only by the designer of that particular training definition.
| Action | CRUD operation | Trainee | Organizer | Designer | Administrator |
|---|---|---|---|---|---|
| Create training definition | CREATE | ||||
| Clone training definition | CREATE | ||||
| Create level | CREATE | ||||
| Find training definition by ID | READ | ||||
| Find all training definitions | READ | ||||
| Find level by ID | READ | ||||
| Get designers | READ | ||||
| Get organizers | READ | ||||
| Get designers not in given training definition | READ | ||||
| Get beta testers | READ | ||||
| Get authors | READ | ||||
| Find all training definitions for organizers | READ | ||||
| Update training definition | UPDATE | ||||
| Swap levels | UPDATE | ||||
| Move level | UPDATE | ||||
| Update multiple levels | UPDATE | ||||
| Update training level | UPDATE | ||||
| Update info level | UPDATE | ||||
| Update assessment level | UPDATE | ||||
| Edit authors | UPDATE | ||||
| Switch state | UPDATE | ||||
| Delete training definition | DELETE | ||||
| Delete one level | DELETE |
Linear Training Instances Endpoints#
Note
The symbol means that action can be performed only by the organizer of that particular training instance.
| Action | CRUD operation | Trainee | Organizer | Designer | Administrator |
|---|---|---|---|---|---|
| Create training instance | CREATE | ||||
| Find training instance by ID | READ | ||||
| Find all training instances | READ | ||||
| Find all training runs by training instance ID | READ | ||||
| Get organizers of training instance | READ | ||||
| Get organizers not in given training instance | READ | ||||
| Update training instance | UPDATE | ||||
| Assign pool | UPDATE | ||||
| Unassign pool | UPDATE | ||||
| Edit organizers | UPDATE | ||||
| Delete training instance | DELETE |
Linear Training Runs Endpoints#
Note
The symbols:
means that action can be performed only by the trainee of that particular training run.
means that action can be performed only by the organizer of that particular training run.
| Action | CRUD operation | Trainee | Organizer | Designer | Administrator |
|---|---|---|---|---|---|
| Access training run | CREATE | ||||
| Is correct answer | CREATE | ||||
| Find training run by ID | READ | ||||
| Find all training runs | READ | ||||
| Get all accessed training runs | READ | ||||
| Get next level | READ | ||||
| Get correct answers of training run | READ | ||||
| Get solution | READ | ||||
| Get hint | READ | ||||
| Resume training run | READ | ||||
| Get participant | READ | ||||
| Finish training run | UPDATE | ||||
| Evaluate responses to assessment | UPDATE | ||||
| Archive training run | UPDATE | ||||
| Delete training runs | DELETE | ||||
| Delete training run | DELETE |
Export & Import Endpoints#
| Action | CRUD operation | Trainee | Organizer | Designer | Administrator |
|---|---|---|---|---|---|
| Import training definition | CREATE | ||||
| Get exported training definition and levels | READ | ||||
| Archive training instance | READ |
Visualizations Endpoints#
Note
The symbols:
means that action can be performed only by the trainee of that particular training run.
means that action can be performed only by the organizer of that particular training instance.
| Action | CRUD operation | Trainee | Organizer | Designer | Administrator |
|---|---|---|---|---|---|
| Gather visualization info for training run | READ | ||||
| Gather visualization info for training instance | READ | ||||
| Get clustering visualization dat for organizer | READ | ||||
| Get table visualization dat for organizer | READ | ||||
| Get timeline visualization dat for organizer | READ | ||||
| Get progress visualization dat for organizer | READ | ||||
| Get level tabs visualization dat for organizer | READ | ||||
| Get participants for given training instance | READ | ||||
| Get commands in training run | READ | ||||
| Get clustering visualization data for trainee | READ | ||||
| Get table visualization data for trainee | READ | ||||
| Get timeline visualization data for trainee | READ | ||||
| Get users by IDs | READ |
Adaptive Training Microservice#
Adaptive Training Definitions Endpoints#
Note
The symbol means that action can be performed only by the designer of that particular training definition.
| Action | CRUD operation | Trainee | Organizer | Designer | Administrator |
|---|---|---|---|---|---|
| Create training definition | CREATE | ||||
| Clone training definition | CREATE | ||||
| Get training definition by ID | READ | ||||
| Get all training definitions | READ | ||||
| Get designers | READ | ||||
| Get organizers | READ | ||||
| Get designers not in given training definition | READ | ||||
| Get authors | READ | ||||
| Find all training definitions for organizers | READ | ||||
| Update training definition | UPDATE | ||||
| Edit authors | UPDATE | ||||
| Switch state | UPDATE | ||||
| Delete training definition | DELETE |
Phases Endpoints#
Note
The symbol means that action can be performed only by the designer of that particular training definition.
| Action | CRUD operation | Trainee | Organizer | Designer | Administrator |
|---|---|---|---|---|---|
| Create phase | CREATE | ||||
| Get phase by ID | READ | ||||
| Get phases by training definition ID | READ | ||||
| Move phase | UPDATE | ||||
| Update training phase | UPDATE | ||||
| Update info phase | UPDATE | ||||
| Update questionnaire phase | UPDATE | ||||
| Delete phase | DELETE |
Tasks Endpoints#
Note
The symbols:
means that action can be performed only by the designer of that particular training phase.
means that action can be performed only by the designer of that particular task.
| Action | CRUD operation | Trainee | Organizer | Designer | Administrator |
|---|---|---|---|---|---|
| Create task in phase | CREATE | ||||
| Clone task | CREATE | ||||
| Get task by ID | READ | ||||
| Move task | UPDATE | ||||
| Update task | UPDATE | ||||
| Delete task | DELETE |
Adaptive Training Instances Endpoints#
Note
The symbol means that action can be performed only by the organizer of that particular training instance.
| Action | CRUD operation | Trainee | Organizer | Designer | Administrator |
|---|---|---|---|---|---|
| Create training instance | CREATE | ||||
| Find training instance by ID | READ | ||||
| Find all training instances | READ | ||||
| Find all training runs by training instance ID | READ | ||||
| Get organizers of training instance | READ | ||||
| Get organizers not in given training instance | READ | ||||
| Update training instance | UPDATE | ||||
| Assign pool | UPDATE | ||||
| Unassign pool | UPDATE | ||||
| Edit organizers | UPDATE | ||||
| Delete training instance | DELETE |
Adaptive Training Runs Endpoints#
Note
The symbols:
means that action can be performed only by the trainee of that particular training run.
means that action can be performed only by the organizer of that particular training run.
| Action | CRUD operation | Trainee | Organizer | Designer | Administrator |
|---|---|---|---|---|---|
| Access training run | CREATE | ||||
| Is correct answer | CREATE | ||||
| Get training run by ID | READ | ||||
| Get all training runs | READ | ||||
| Get all accessed training runs | READ | ||||
| Get next phase | READ | ||||
| Get solution | READ | ||||
| Resume training run | READ | ||||
| Get participant | READ | ||||
| Finish training run | UPDATE | ||||
| Evaluate responses to questionnaire | UPDATE | ||||
| Archive training run | UPDATE | ||||
| Delete training runs | DELETE | ||||
| Delete training run | DELETE |
Export & Import Endpoints#
| Action | CRUD operation | Trainee | Organizer | Designer | Administrator |
|---|---|---|---|---|---|
| Import training definition | CREATE | ||||
| Get exported training definition and phases | READ | ||||
| Archive training instance | READ |
Visualizations Endpoints#
Note
The symbols:
means that action can be performed only by the trainee of that particular training run.
means that action can be performed only by the organizer of that particular training run.
| Action | CRUD operation | Trainee | Organizer | Designer | Administrator |
|---|---|---|---|---|---|
| Get Sankey diagram data | READ | ||||
| Get transition graph data for organizer | READ | ||||
| Get transition graph data for trainee | READ |
Sandbox Microservice#
Pools Endpoints#
| Action | CRUD operation | Trainee | Organizer | Designer | Administrator |
|---|---|---|---|---|---|
| Create sandbox allocation unit | CREATE | ||||
| Lock given pool | CREATE | ||||
| Create new pool | CREATE | ||||
| Create cleanup requests | CREATE | ||||
| Get a list of Sandbox Allocation Units | READ | ||||
| List locks for given pool | READ | ||||
| List Allocation Request for this pool | READ | ||||
| Get lock of the given pool | READ | ||||
| Retrieve the definition associated with a pool | READ | ||||
| Get a list of pools | READ | ||||
| List Cleanup Request for this pool | READ | ||||
| Get unlocked sandbox in given pool and lock it | READ | ||||
| Get a list of sandboxes in given pool | READ | ||||
| Generate SSH config for User access to this sandbox | READ | ||||
| Retrieve a pool | READ | ||||
| Delete all Sandbox Allocation Units in pool | DELETE | ||||
| Delete given lock | DELETE | ||||
| Delete pool | DELETE |
Cleanup Requests Endpoints#
| Action | CRUD operation | Trainee | Organizer | Designer | Administrator |
|---|---|---|---|---|---|
| Retrieve a Sandbox Provisioning Cleanup stage | READ | ||||
| Retrieve a Sandbox Networking Cleanup stage | READ | ||||
| Retrieve a Sandbox Cleanup Request | READ | ||||
| Retrieve an openstack Cleanup stage | READ | ||||
| Cancel given Cleanup Request | UPDATE |
Cloud Endpoints#
| Action | CRUD operation | Trainee | Organizer | Designer | Administrator |
|---|---|---|---|---|---|
| Get list of images | READ | ||||
| Retrieve a Sandbox Networking Cleanup stage | READ | ||||
| Get the quota set and name of project | READ |
Definitions Endpoints#
| Action | CRUD operation | Trainee | Organizer | Designer | Administrator |
|---|---|---|---|---|---|
| Create a new sandbox definition | CREATE | ||||
| Retrieve the definition | READ | ||||
| Retrieve a list of sandbox definitions | READ | ||||
| Retrieve a list of definition refs (branches and tags) | READ | ||||
| Delete the definition | DELETE |
Allocation Requests Endpoints#
| Action | CRUD operation | Trainee | Organizer | Designer | Administrator |
|---|---|---|---|---|---|
| List sandbox Resources | READ | ||||
| Retrieve a Sandbox Networking Allocation stage | READ | ||||
| Retrieve a list of Ansible Outputs | READ | ||||
| Retrieve a Sandbox Provisioning Allocation stage | READ | ||||
| Retrieve a Sandbox Allocation Request | READ | ||||
| List sandbox Events | READ | ||||
| Retrieve a list of Ansible Outputs | READ | ||||
| Retrieve an openstack allocation stage | READ | ||||
| Cancel given Allocation Request | UPDATE |
Sandbox Allocation Units Endpoints#
| Action | CRUD operation | Trainee | Organizer | Designer | Administrator |
|---|---|---|---|---|---|
| Create cleanup request | CREATE | ||||
| Retrieve a Sandbox Allocation Unit | READ | ||||
| Retrieve a Sandbox Cleanup Request for an Allocation Unit. | READ | ||||
| Retrieve a Sandbox Allocation Request for an Allocation Unit | READ | ||||
| Delete cleanup request | DELETE |
Sandboxes Endpoints#
| Action | CRUD operation | Trainee | Organizer | Designer | Administrator |
|---|---|---|---|---|---|
| Lock given sandbox | CREATE | ||||
| Get Spice consoles urls | READ | ||||
| Get MAN out port IP | READ | ||||
| List locks for given sandbox | READ | ||||
| Get topology data for given sandbox | READ | ||||
| Generate SSH config for User access to this sandbox | READ | ||||
| Get a console for given machine | READ | ||||
| Get lock of given sandbox | READ | ||||
| Retrieve a sandbox | READ | ||||
| Retrieve a VM info | READ | ||||
| Perform specified action on given VM | UPDATE | ||||
| Delete given lock | DELETE |