5.9 KiB
Permission URL
The permission URL, or target URI, refers to the specific endpoint or resource that is being granted permission to perform certain actions.
- PG: [process_group_identifier]: Applies to the specified process group, including all sub process groups and process models.
- PM: [process_model_identifier]: Applies to the specified process model.
- BASIC: Allows basic access to complete tasks and use the site.
- SUPPORT: BASIC permissions and add significant administrative permissions.
- ELEVATED: Includes SUPPORT permissions and adds the ability to view and modify secrets. Does not include the ability to view or modify process groups and process models.
- ALL: Grants access to all API endpoints, with no limitations.
An asterisk (*) can be used as a wildcard to give access to everything within a specific category. For example, `/process-models/*`, allows access to all resources related to process models.
This functionality is implemented in authorization service.py.
(pg)=
PG
Process Groups permissions controls access rights granted to users or entities within the given process group.
(pm)=
PM
These permissions relate to process models, and assigns permissions and access rights to users or entities specifically within a given process model.
BASIC
These permissions cover basic actions such as signing in to the site and completing tasks that are assigned to you.
SUPPORT
These permissions are significant, allowing support personnel to debug process instances and take corrective action when errors occur. In typical scenarios, a user with SUPPORT permissions would also be assigned access to view or modify process groups and models. See PG and PM.
ELEVATED
A user with elevated permissions can do anything on the site except interact with process models. In typical scenarios, a user with ELEVATED permissions would also be assigned access to view or modify process groups and models.
ALL
The "ALL" permission grants unrestricted access to all API endpoints. It provides administrator-level permissions, allowing the user to perform any action or operation available within the system.
ALL URLs
% use bash syntax here to avoid syntax highlighting. otherwise it gets highlighted as if it's python
/active-users/unregister/{last_visited_identifier}:
/active-users/updates/{last_visited_identifier}:
/authentication_callback/{service}/{auth_method}:
/authentications:
/connector-proxy/typeahead/{category}:
/debug/test-raise-error:
/debug/version-info:
/event-error-details/{modified_process_model_identifier}/{process_instance_id}/{process_instance_event_id}:
/github-webhook-receive:
/login:
/login_api:
/login_api_return:
/login_return:
/login_with_access_token:
/logout:
/logout_return:
/logs/typeahead-filter-values/{modified_process_model_identifier}/{process_instance_id}:
/logs/{modified_process_model_identifier}/{process_instance_id}:
/messages/{message_name}:
/messages:
/permissions-check:
/process-data-file-download/{modified_process_model_identifier}/{process_instance_id}/{process_data_identifier}:
/process-data/{modified_process_model_identifier}/{process_instance_id}/{process_data_identifier}:
/process-groups/{modified_process_group_identifier}/move:
/process-groups/{modified_process_group_id}:
/process-groups:
/process-instance-reset/{modified_process_model_identifier}/{process_instance_id}/{to_task_guid}:
/process-instance-resume/{modified_process_model_identifier}/{process_instance_id}:
/process-instance-suspend/{modified_process_model_identifier}/{process_instance_id}:
/process-instance-terminate/{modified_process_model_identifier}/{process_instance_id}:
/process-instances/find-by-id/{process_instance_id}:
/process-instances/for-me/{modified_process_model_identifier}/{process_instance_id}/task-info:
/process-instances/for-me/{modified_process_model_identifier}/{process_instance_id}:
/process-instances/for-me:
/process-instances/report-metadata:
/process-instances/reports/columns:
/process-instances/reports/{report_id}:
/process-instances/reports:
/process-instances/{modified_process_model_identifier}/{process_instance_id}/run:
/process-instances/{modified_process_model_identifier}/{process_instance_id}/task-info:
/process-instances/{modified_process_model_identifier}/{process_instance_id}:
/process-instances/{modified_process_model_identifier}:
/process-instances:
/process-model-natural-language/{modified_process_group_id}:
/process-model-publish/{modified_process_model_identifier}:
/process-model-tests/{modified_process_model_identifier}:
/process-models/{modified_process_group_id}:
/process-models/{modified_process_model_identifier}/files/{file_name}:
/process-models/{modified_process_model_identifier}/files:
/process-models/{modified_process_model_identifier}/move:
/process-models/{modified_process_model_identifier}/script-unit-tests/run:
/process-models/{modified_process_model_identifier}/script-unit-tests:
/process-models/{modified_process_model_identifier}:
/process-models:
/processes/callers/{bpmn_process_identifiers}:
/processes:
/secrets/{key}:
/secrets:
/send-event/{modified_process_model_identifier}/{process_instance_id}:
/service-tasks:
/status:
/task-complete/{modified_process_model_identifier}/{process_instance_id}/{task_guid}:
/task-data/{modified_process_model_identifier}/{process_instance_id}/{task_guid}:
/tasks/for-me:
/tasks/for-my-groups:
/tasks/for-my-open-processes:
/tasks/{process_instance_id}/send-user-signal-event:
/tasks/{process_instance_id}/{task_guid}/save-draft:
/tasks/{process_instance_id}/{task_guid}:
/tasks/{process_instance_id}:
/tasks:
/user-groups/for-current-user:
/users/exists/by-username:
/users/search: