*(Under Review for V2 - Not Completed Yet)
-API Routes
-JSON Response Samples
-WebApp Routes
Introduction
The User endpoint allows you to manage the users in Open-AudIT.
How Does it Work?
Creating a User Entry
A user entry can be created using the web interface if the current user logged in has a role that contains the user::create permission. Go to menu: Manage -> Users -> Create Users. Also can be created from the Users View, using the "Create" button.
To add a new user to Open-AudIT you have to provide the details of that person, assign the organization, select the relevant Roles (multiple roles can be selected), select if the user is active or not, etc. In addition, you must grand permission to that user to access one or more organisations. It is important to notice that selecting a parent organization will automatically provide access to its children.
View Users Details
Go to menu: Manage-> Users -> List Users.
Database Schema
The schema for the database is below. It can also be found in the application is the user has database::read permission by going to menu: Manage -> Database -> List, then clicking on the "users" table.
Create Table: CREATE TABLE `users` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`name` varchar(200) NOT NULL,
`org_id` int(10) unsigned NOT NULL DEFAULT '1',
`password` varchar(250) NOT NULL,
`full_name` varchar(100) NOT NULL,
`email` varchar(100) NOT NULL,
`roles` text NOT NULL,
`orgs` text NOT NULL,
`lang` enum('de','en','es','fr','pt-br') NOT NULL DEFAULT 'en',
`active` varchar(1) NOT NULL DEFAULT 'y',
`ldap` text NOT NULL,
`edited_by` varchar(200) NOT NULL DEFAULT '',
`edited_date` datetime NOT NULL DEFAULT '2000-01-01 00:00:00',
PRIMARY KEY (`id`),
KEY `user_id_index` (`id`)
) ENGINE=InnoDB AUTO_INCREMENT=5 DEFAULT CHARSET=utf8;
A typical entry looks as below.
id: 1
name: admin
org_id: 1
password: 0ab0a153e5bbcd80c50a02da8c97f3c87686eb8512f5457d30e328d2d4448c8968e9f4875c2eb61356197b851dd33f90658b20b32139233b217be54d903ca3b6
full_name: Administrator
email: admin@openaudit
roles: ["admin","org_admin"]
orgs: [1]
lang: en
active: y
ldap:
edited_by:
edited_date: 2000-01-01 00:00:00
API / Web Access
You can access the /summaries collection using the normal Open-AudIT JSON based API. Just like any other collection. Please see the API documentation for further details.
Access is provided as part of a roles permissions. Summaries is a standard resource and can have create, read, update and delete permissions.
The API routes below are usable from both a JSON Restful API and the web interface. The Web application routes are specifically designed to be called from the web interface (a browser).
API Routes
Request Method | ID | Action | Resulting Function | Permission Required | URL Example | Notes | Example Response |
|---|---|---|---|---|---|---|---|
| POST | n | create | summaries::create | /summaries | Insert a new summaries entry. | ||
| GET | y | read | summaries::read | /summaries/{id} | Returns a summaries details. | ||
| PATCH | y | update | summaries::update | /summaries/{id} | Update an attribute of a summaries entry. | ||
| DELETE | y | delete | summaries::delete | /summaries/{id} | Delete a summaries entry. | ||
| GET | n | collection | summaries::read | /summaries | Returns a list of summaries. | ||
| POST | n | import | import | summaries::create | /summaries/import | Import multiple connections using a CSV. | |
| GET | y | execute | execute | summaries::read | /summaries/2/execute | Execute (run) a summary and show the result. |
Web Application Routes
Request Method | ID | Action | Resulting Function | Permission Required | URL Example | Notes |
|---|---|---|---|---|---|---|
| GET | n | create | create_form | summaries::create | /summaries/create | Displays a standard web form for submission to POST /summaries. |
| GET | y | update | update_form | summaries::update | /summaries/{id}/update | Show the summaries details with the option to update attributes using PATCH to /summaries/{id} |
| GET | n | import | import_form | summaries::create | /summaries/import | Displays a standard web form for submission to POST /summaries/import. |