Permissions
| Role | Description |
|---|---|
| Administrator | Administrator of the dex platform |
| Pr User | Public relation user. e.g. someone who takes care of the communication for Fontys, these people need to be able to highlight projects and create embeds |
| Registered User | A normal user |
| Guest | Someone who is not logged in |
| Permission | Roles | |||
|---|---|---|---|---|
| Administrator | PrUser (public relations) | RegisteredUser | Guest | |
| EmbedRead | x | x | x | x |
| EmbedWrite | x | x | x | |
| HighlightRead | x | x | x | x |
| HighlightWrite | x | |||
| ProjectWrite | x | x | x | |
| UserWrite | x | x | x | x |
| UserRead | x | x | x | x |
| RoleRead | x | |||
| RoleWrite | x | |||
| HighlightRead | x | x | x | x |
| HighlightWrite | x | |||
| EmbedRead | x | x | x | x |
| EmbedWrite | x | |||
| FileWrite | x | |||
| Endpoint | Required scope | Particulatirity |
|---|---|---|
| GetAllEmbeddedProjects | The user needs scope: EmbedRead to reach the endpoint. | |
| GetEmbeddedProject | ||
| CreateEmbeddedProject | The user should be at least registered to reach the endpoint (Role: RegisteredUser) | |
| DeleteEmbeddedProject | The user should be at least registered to reach the endpoint (Role: RegisteredUser) | The endpoint checks if the user is the owner of the embedded project or has Scope: EmbedWrite. |
| GetFilesAsync | The user should be at least registered to reach the endpoint (Role: RegisteredUser) | |
| UploadSingleFile | The user should be at least registered to reach the endpoint (Role: RegisteredUser) | |
| GetSingleFile | ||
| DeleteSingleFile | The user should be at least registered to reach the endpoint (Role: RegisteredUser) | The endpoint checks if the user is the owner of the file or has scope: FileWrite |
| GetAllHighlights | ||
| GetHighlight | ||
| GetHighlightsByProjectId | The user needs scope: HighlightRead to reach the endpoint. | |
| CreateHighlight | The user needs scope: HighlightWrite to reach the endpoint. | |
| UpdateHighlight | The user needs scope: HighlightWrite to reach the endpoint. | |
| DeleteHighlight | The user needs scope: HighlightWrite to reach the endpoint. | |
| GetAllProjects | ||
| GetProject | ||
| CreateProjectAsync | The user should be at least registered to reach the endpoint (Role: RegisteredUser) | |
| UpdateProject | The user should be at least registered to reach the endpoint (Role: RegisteredUser) | The endpoint checks if the user is the owner of the project and/or the user has scope: ProjectWrite |
| DeleteProject | The user should be at least registered to reach the endpoint (Role: RegisteredUser) | The endpoint checks if the user is the owner of the project and/or the user has scope: ProjectWrite |
| GetAllRoles | The user needs scope: RoleRead to reach the endpoint. | |
| GetAllPossibleScopes | The user needs scope: RoleRead to reach the endpoint. | |
| GetRole | The user needs scope: RoleRead to reach the endpoint. | |
| CreateRoleAsync | The user needs scope: RoleWrite to reach the endpoint. | |
| UpdateRole | The user needs scope: RoleWrite to reach the endpoint. | |
| DeleteRole | The user needs scope: RoleWrite to reach the endpoint. | If the user has role: Adminsitrator or RegisteredUser he/she is not authorized. |
| DeleteRole | The user needs scope: RoleWrite to reach the endpoint. | Scopes within Role.RegisteredUser or Role.Administrator can not be deleted. |
| SetRole | The user needs scope: RoleWrite to reach the endpoint. | Scopes within Role.RegisteredUser or Role.Administrator can not be deleted. |
| SearchInternalProjects | ||
| GetCurrentUser | The user should be at least registered to reach the endpoint (Role: RegisteredUser) | |
| GetUser | The user should be at least registered to reach the endpoint (Role: RegisteredUser) | |
| CreateAccountAsync | The user should have scope UserWrite to reach the endpoint | |
| UpdateAccount | The user should be at least registered to reach the endpoint (Role: RegisteredUser) | The user should be owner of the account and/or have scope: UserWrite |
| DeleteAccount | The user should be at least registered to reach the endpoint (Role: RegisteredUser) | The user should be owner of the account and/or have scope: UserWrite |
