Hi Meruja, The Publisher REST APIs for role validation is used to check whether the given role exists and the logged-in user has the given role. Here the role is taken from the user input, AFAIU the requirement, in this case we need to check whether the new user has the subscriber role before changing the application owner. Please correct if it is wrong.
Since we need to validate whether the user has only a particular role, we do not need to have roleId in the resource path. Shall we have a resource name like /user/validate-subscriber-role. WDYT? Thanks, Vithursa On Tue, May 5, 2020 at 9:47 AM Meruja Selvamanikkam <[email protected]> wrote: > Hi All, > > We are planning to add a REST API endpoint to APIM 3.2.0 Admin Rest APIs > and the intention is to check the existence of a particular role name ( > Internal/subscriber) when transferring ownership of an application to a > user. We have similar API in the publisher to check the availability of > the role[1]. > We have to decide the OAuth2 scope which functionalities are used by Admin > . > > The swagger definition for the new endpoint would be as follows: > > ###################################################### > # The Role Name Existence > ###################################################### > /roles/{roleName}: > #----------------------------------------------------- > # The role name existence check resource > #----------------------------------------------------- > head: > security: > - OAuth2Security: > - apim:<To_be_added> > summary: > Check given role name already exists > description: > Using this operation, to check whether given role already exists > parameters: > - $ref : '#/parameters/roleName' > responses: > 200: > description: > OK. > Requested role name is returned. > 404: > description: > Not Found. > Requested role name does not exist. > > ###################################################### > # The Role Name Existence for the logged-in user > ###################################################### > /me/roles/{roleName}: > #----------------------------------------------------- > # Validate role against a user > #----------------------------------------------------- > head: > security: > - OAuth2Security: > - apim:<To_be_added> > summary: > Validate whether the logged-in user has the given role > description: > Using this operation, logged-in user can check whether he has given > role. > parameters: > - $ref : '#/parameters/roleName' > responses: > 200: > description: > OK. > Logged-in user has the role. > 404: > description: > Not Found. > Logged-in user does not have the role. > > Appreciate any feedback on this and correct me if I am wrong. > > [1] - [APIM-3.0] Publisher rest API to check a role name existence > > Thanks & Regards, > *S.Meruja* |Software Engineer | WSO2 Inc. > (m) +94779650506 | Email: [email protected] > Linkedin: https://www.linkedin.com/in/meruja > <https://www.google.com/url?q=https://www.linkedin.com/in/meruja> > Medium: https://medium.com/@meruja > <http://wso2.com/signature> > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > -- *Vithursa Mahendrarajah* | Senior Software Engineer | WSO2 Inc (m) +94 766 695 643 | (e) [email protected] * <http://wso2.com/signature>[image: https://wso2.com/signature] <https://wso2.com/signature>*
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
