Accessing NoSQL collections
| Line 1: | Line 1: | ||
| − | + | === Tutorial === | |
Setting up role-based access to NoSQL collections. | Setting up role-based access to NoSQL collections. | ||
| − | + | === Background === | |
Roles govern HTTP access to the REST API endpoints in DreamFactory. When you [set up a NoSQL database] in the 'Services' tab, no collections are accessible by default (unless you are a DreamFactory Admin). | Roles govern HTTP access to the REST API endpoints in DreamFactory. When you [set up a NoSQL database] in the 'Services' tab, no collections are accessible by default (unless you are a DreamFactory Admin). | ||
| Line 9: | Line 9: | ||
You can give access to specific NoSQL collections by following the examples below. | You can give access to specific NoSQL collections by following the examples below. | ||
| − | + | === Example - Enable HTTP access to NoSQL collections for a role === | |
1. Log into the DreamFactory admin console as an Admin. | 1. Log into the DreamFactory admin console as an Admin. | ||
| Line 21: | Line 21: | ||
[[File:Roles-nosql.png|1000px]] | [[File:Roles-nosql.png|1000px]] | ||
| − | + | === Example - Creating and updating role permissions with the REST API === | |
You can create and update role permissions directly with the API. Click on 'API Docs' in the DreamFactory Admin Console and view the '/system/role' API calls. <br> | You can create and update role permissions directly with the API. Click on 'API Docs' in the DreamFactory Admin Console and view the '/system/role' API calls. <br> | ||
Revision as of 18:15, 3 February 2016
Contents
Tutorial
Setting up role-based access to NoSQL collections.
Background
Roles govern HTTP access to the REST API endpoints in DreamFactory. When you [set up a NoSQL database] in the 'Services' tab, no collections are accessible by default (unless you are a DreamFactory Admin).
You can give access to specific NoSQL collections by following the examples below.
Example - Enable HTTP access to NoSQL collections for a role
1. Log into the DreamFactory admin console as an Admin.
2. Click on 'Roles' > 'Create'.
3. In the 'Access' tab, select your NoSQL database API for 'Service', the collection name for 'Component', HTTP verbs for 'Access', and API for 'Requestor'. Repeat for each collection you are exposing to this role.
Note: You can also allow script-only access to collections. This allows you to grant access to a collection by server-side scripts invoked by the API call, while not exposing direct access to the collection by the API.
Example - Creating and updating role permissions with the REST API
You can create and update role permissions directly with the API. Click on 'API Docs' in the DreamFactory Admin Console and view the '/system/role' API calls.
For example, the POST below to the /system/role API will create a role called 'ios-address-book' with full HTTP API access to the contact collection and the account collection.
{
"resource": [
{
"name": "ios-address-book",
"description": "Role for users accessing the iOS address book app",
"is_active": true,
"role_service_access_by_role_id": [
{
"service_id": 8,
"component": "_table/contact",
"verb_mask": 31,
"requestor_mask": 1
},
{
"service_id": 8,
"component": "_table/account",
"verb_mask": 31,
"requestor_mask": 1
}
]
}
]
}
