User role restriction (userrestrictrole)

The userrestrictrole model is an internal data model used to define the CRUD rights for an Alignak backend user.

This allows to defined, for a user and a given realm, the create, read, update, and delete rights on each backend endpoint.

../_images/userrestrictrole.png
Properties
Property Type Required Default Relation
Right
list   [‘read’]  
realm
Concerned realm
objectid True   realm
Concerned resource
string  
 
schema_version
integer   1  
Sub-realms
boolean   False  
user
Concerned user
objectid True   user

crud: User’s right for the concerned resource in the concerned realm. Use * if all resources are concerned.

Allowed values: [‘create’, ‘read’, ‘update’, ‘delete’, ‘custom’]

resource: Resource concerned with the right

Allowed values: [‘*’, ‘actionacknowledge’, ‘actiondowntime’, ‘actionforcecheck’, ‘alignak’, ‘alignakdaemon’, ‘realm’, ‘command’, ‘timeperiod’, ‘user’, ‘usergroup’, ‘userrestrictrole’, ‘host’, ‘hostgroup’, ‘hostdependency’, ‘hostescalation’, ‘service’, ‘servicegroup’, ‘servicedependency’, ‘serviceescalation’, ‘grafana’, ‘graphite’, ‘influxdb’, ‘statsd’, ‘timeseriesretention’, ‘aligank_notifications’, ‘livesynthesis’, ‘livesynthesisretention’, ‘logcheckresult’, ‘history’]

sub_realm: Is this right applicable to the sub-realms of the realm?