Grant Permissions
1. API Overview
Use this API to grant permissions on a resource to other users in batches. Supported resources include tenants, datasets, metrics, dimensions, metric views, metric categories, dataset categories, result acceleration categories, data sources, databases, and data source tables. If an authorized user already has a permission record, the permission role is upgraded when applicable. Downgrades are ignored.
2. API Endpoint
POST Http://{anymetrics_host:anymetrics_port}/anymetrics/api/v1/authority/grant
For how to obtain anymetrics_host:anymetrics_port, see Calling APIs.
3. Request Parameters
3.1 Common Request Parameters (HEADERS)
| Parameter | Type | Required | Max Length | Description |
|---|---|---|---|---|
| tenant-id | String | Yes | 32 | Current tenant ID |
| auth-type | String | Yes | 32 | Authentication type. Supported values: UID, TOKEN, ACCOUNT, and APIKEY |
| auth-value | String | Yes | 32 | The authentication value that corresponds to auth-type |
3.2.1 How to Obtain Common Parameters
To obtain tenant-id, select a metric application in the top navigation bar of Aloudata CAN, choose API Integration from the left-side menu, and copy it from the API Integration page. Set auth-value to the authentication value that corresponds to the selected auth-type.
3.2 Request Parameters
| Parameter | Type | Required | Description | Example Value |
|---|---|---|---|---|
| authorizedEntities | List |
Yes | List of userId values for users or user groups to authorize |
["336178570944581632"] |
| resources | [Object] | Yes | Batch resources. All resources must use the same resourceType. |
[resource] |
| authorityRole | String | Yes | Permission role to grant. For details, see AuthorityRoleEnum. |
ADMIN |
| expiredTime | Long | No | Expiration time, in days | 10 |
3.2.1 authorizedEntities
| Parameter | Type | Required | Description | Example |
|---|---|---|---|---|
| ids | [String] | Yes | Authorized entity identifiers | ["11223"] |
| authorizedEntityType | String | Yes | Authorized entity type | USER, USER_GROUP |
| idType | String | Yes | Authorized entity ID type | User: USER_ACCOUNT, USER_ID; user group: USER_GROUP_ID, USER_GROUP_CODE |
3.2.3 AuthorityRoleEnum
| Parameter | Description |
|---|---|
| AuthorityRoleEnum | Enum values: OWNER, ADMIN, USAGER, and CREATOR. OWNER cannot be granted directly and can grant ADMIN and USAGER; ADMIN is an administrator and can grant USAGER; USAGER can use the resource; CREATOR can create resources. |
3.2.4 resource
| Parameter | Type | Required | Max Length | Description |
|---|---|---|---|---|
| resourceType | ResourceTypeEnum | Yes | Resource type to authorize. Enum values: - TENANT: tenant- VIEW: metric view- DATASET: dataset- METRIC: metric- DIMENSION: dimension- CATEGORY_METRIC: metric category- CATEGORY_DATASET: dataset category- CATEGORY_RESULT_PLAN: result acceleration category- DATASOURCE: data source- DATABASE: data source database- TABLE: data source table |
|
| resourceId | String | Yes | Resource ID. For TENANT, use the tenant ID, for example tn_12345. For DATASET, use the dataset name, for example order. For METRIC, use the metric code, for example uv_7day. For DIMENSION, use the dimension code, for example dmfa48e4cb69c60912210bc5162ff324. For VIEW, use the metric view name, for example order_view. For CATEGORY_METRIC, use the metric category name. For CATEGORY_DATASET, use the dataset category name. For CATEGORY_RESULT_PLAN, use the result acceleration category name. For DATASOURCE, use the data source, for example default_catalog. For DATABASE, use the data source database, for example aloudata_datasource.. For TABLE, use the data source table, for example aloudata_datasource.. |
3.3 Resource Permission Points
| Type | Role | Description |
|---|---|---|
| TENANT | OWNER | Includes tenant grant, revoke, edit, and permissions to create and use datasets, metrics, and metric views |
| ADMIN | Includes tenant grant, revoke, edit, and permissions to create and use datasets, metrics, and metric views | |
| USAGER | Includes tenant usage permission | |
| DATASET | OWNER | Includes dataset grant, revoke, delete, edit, and use permissions |
| ADMIN | Includes dataset grant, revoke, edit, and use permissions | |
| USAGER | Includes dataset use permission | |
| METRIC | OWNER | Includes metric grant, revoke, delete, edit, and use permissions |
| ADMIN | Includes metric grant, revoke, edit, and use permissions | |
| USAGER | Includes metric use permission | |
| DIMENSION | OWNER | Includes dimension grant, revoke, delete, edit, and use permissions |
| ADMIN | Includes dimension grant, revoke, edit, and use permissions | |
| USAGER | Includes dimension use permission | |
| ANALYSIS_VIEW | OWNER | Includes metric view grant, revoke, delete, edit, and use permissions |
| ADMIN | Includes metric view grant, revoke, edit, and use permissions | |
| USAGER | Includes metric view use permission | |
| CATEGORY_METRIC | OWNER | Includes metric category grant, revoke, delete, edit, use, and permission to create metrics under the category |
| ADMIN | Includes metric category grant, revoke, edit, use, and permission to create metrics under the category | |
| USAGER | Includes metric category use permission | |
| CREATOR | Includes permission to create metrics under the metric category | |
| CATEGORY_DATASET | OWNER | Includes dataset category grant, revoke, delete, edit, use, and permission to create datasets under the category |
| ADMIN | Includes dataset category grant, revoke, edit, use, and permission to create datasets under the category | |
| USAGER | Includes dataset category use permission | |
| CREATOR | Includes permission to create datasets under the dataset category | |
| CATEGORY_RESULT_PLAN | OWNER | Includes result acceleration category grant, revoke, delete, edit, use, and permission to create result accelerations under the category |
| ADMIN | Includes result acceleration category grant, revoke, edit, and use permissions | |
| USAGER | Includes result acceleration category use permission | |
| CREATOR | Includes permission to create result accelerations under the category | |
| DATASOURCE | OWNER | Includes data source grant, revoke, and use permissions |
| ADMIN | Includes data source grant, revoke, and use permissions | |
| USAGER | Includes data source use permission | |
| DATABASE | OWNER | Includes database grant, revoke, and use permissions |
| ADMIN | Includes database grant, revoke, and use permissions | |
| USAGER | Includes database use permission | |
| TABLE | OWNER | Includes data source table grant, revoke, and use permissions |
| ADMIN | Includes data source table grant, revoke, and use permissions | |
| USAGER | Includes data source table use permission |
4. Response Parameters
| Parameter | Type | Required | Max Length | Description | Example Value |
|---|---|---|---|---|---|
| code | String | Yes | 32 | API response code | 200 |
| success | boolean | Yes | Whether the request succeeded | true | |
| errorMsg | String | Yes | 512 | Error message | null |
| detailErrorMsg | String | Yes | Detailed error message | null | |
| traceId | String | Yes | 128 | Trace ID | 343f9ff2dcd70.292.16857691758642861 |
| data | Boolean | Yes | Whether the grant operation succeeded | true |
5. Request Example
Grant a User the Administrator (ADMIN) Permission on a Tenant
- Request
{
"authorizedEntities": {
"ids": [
"648550115602075648"
],
"authorizedEntityType": "USER",
"idType": "USER_ID"
},
"authorityRole":"ADMIN",
"resource": {
"resourceType": "METRIC",
"resourceId": "mc72e6349d495d4400b7b0590e65ff30"
}
}
- Response