Enabling script access
From DreamFactory
(Created page with "### Tutorial Setting up role-based access to server-side event scripts. ### Background Roles govern HTTP access to the REST API endpoints in DreamFactory as well as server-...") |
|||
| (2 intermediate revisions by one other user not shown) | |||
| Line 1: | Line 1: | ||
| − | + | === Tutorial === | |
Setting up role-based access to server-side event scripts. | Setting up role-based access to server-side event scripts. | ||
| − | + | === Background === | |
Roles govern HTTP access to the REST API endpoints in DreamFactory as well as server-side event scripts. Server-side event scripts are programs that execute when an API event fires (either an API request or an API response). When you implement server-side scripts in the 'Scripts' tab, no scripts are accessible by default (unless you are a DreamFactory Admin). | Roles govern HTTP access to the REST API endpoints in DreamFactory as well as server-side event scripts. Server-side event scripts are programs that execute when an API event fires (either an API request or an API response). When you implement server-side scripts in the 'Scripts' tab, no scripts are accessible by default (unless you are a DreamFactory Admin). | ||
| Line 9: | Line 9: | ||
You can give access to specific event scripts by following the examples below. | You can give access to specific event scripts by following the examples below. | ||
| − | + | === Example - Enable HTTP access to both the API and event scripts for a role. === | |
| − | 1. Log into the DreamFactory admin console as an Admin. | + | :1. Log into the DreamFactory admin console as an Admin. |
| − | 2. Click on 'Roles' > 'Create'. | + | :2. Click on 'Roles' > 'Create'. |
| − | 3. In the 'Access' tab, select your SQL database API for 'Service', the table name for 'Component', HTTP verbs for 'Access', and API for 'Requestor'. Repeat for each table you are exposing to this role. <br><br> | + | :3. In the 'Access' tab, select your SQL database API for 'Service', the table name for 'Component', HTTP verbs for 'Access', and both API and Script for 'Requestor'. Repeat for each table and script you are exposing to this role. <br><br> |
| − | + | In this example, we've exposed API access to the Contact table itself and also allowed event scripts to run for API calls to the Contact table. | |
<br> | <br> | ||
| − | [[File:Roles- | + | [[File:Roles-api-plus-script.png|1000px]] |
| − | + | === Example - Enable HTTP access to only event scripts for a role. === | |
| − | + | :1. Log into the DreamFactory admin console as an Admin. | |
| + | :2. Click on 'Roles' > 'Create'. | ||
| + | :3. In the 'Access' tab, select your SQL database API for 'Service', the table name for 'Component', HTTP verbs for 'Access', and Script for 'Requestor'. Repeat for each table and script you are exposing to this role. <br><br> | ||
| − | [[File: | + | In this example, we've not exposed API access to the Contact table itself but have allowed event scripts to run for API calls to the Contact table. |
| + | |||
| + | <br> | ||
| + | |||
| + | [[File:Roles-script.png|1000px]] | ||
Latest revision as of 18:24, 3 February 2016
Contents
Tutorial
Setting up role-based access to server-side event scripts.
Background
Roles govern HTTP access to the REST API endpoints in DreamFactory as well as server-side event scripts. Server-side event scripts are programs that execute when an API event fires (either an API request or an API response). When you implement server-side scripts in the 'Scripts' tab, no scripts are accessible by default (unless you are a DreamFactory Admin).
You can give access to specific event scripts by following the examples below.
Example - Enable HTTP access to both the API and event scripts for a role.
- 1. Log into the DreamFactory admin console as an Admin.
- 2. Click on 'Roles' > 'Create'.
- 3. In the 'Access' tab, select your SQL database API for 'Service', the table name for 'Component', HTTP verbs for 'Access', and both API and Script for 'Requestor'. Repeat for each table and script you are exposing to this role.
In this example, we've exposed API access to the Contact table itself and also allowed event scripts to run for API calls to the Contact table.
Example - Enable HTTP access to only event scripts for a role.
- 1. Log into the DreamFactory admin console as an Admin.
- 2. Click on 'Roles' > 'Create'.
- 3. In the 'Access' tab, select your SQL database API for 'Service', the table name for 'Component', HTTP verbs for 'Access', and Script for 'Requestor'. Repeat for each table and script you are exposing to this role.
In this example, we've not exposed API access to the Contact table itself but have allowed event scripts to run for API calls to the Contact table.
