5.223
This topic describes behavior of the ACL Rules (Access Control List Rules) object in Moab Web Services. It contains the URLs, request bodies, and responses delivered to and from MWS.
The Fields: Access Control Lists (ACLs) reference contains the type and description of all fields in the ACL Rules object. It also contains details regarding which fields are valid during PUT and POST actions.
Supported methods
ACLs are not directly manipulated through a single URL, but with sub-URLs of the other objects such as Virtual Containers and Reservations.
| Resource | GET | PUT | POST | DELETE |
|---|---|---|---|---|
| /rest/reservations/<rsvId>/acl-rules/<aclId> | -- | Create or Update ACL | -- | Delete ACL |
| /rest/vcs/<vcId>/acl-rules/<aclId> | -- | Create or Update ACL | -- | Delete ACL |
This topic contains these sections:
Although ACL Rules cannot be retrieved directly using the GET method on any of the acl-rules resources, ACL Rules are attached to supported objects when querying for them. Each supported object contains a field named aclRules, which is a collection of the ACL Rules defined on that object.
Supported objects
The following is a list of objects that will return ACL Rules when queried:
5.223.2 Creating or Updating ACLs
The HTTP PUT method is used to create or update ACL Rules. The request body can contain one or more ACL Rules. If an ACL Rule with the same type and value exists, then it will be overwritten.
Quick reference
PUT http://localhost:8080/mws/rest/reservations/<rsvId>/acl-rules?api-version=3
5.223.2.A Create or Update ACL
URLs and parameters
PUT http://localhost:8080/mws/rest/reservations/<rsvId>/acl-rules?api-version=3
| Parameter | Required | Type | Valid values | Description |
|---|---|---|---|---|
| objectId | Yes | String | -- | The unique identifier of the object. |
See Global URL Parameters for available URL parameters.
Request body
The request body below shows all the fields that are available for the PUT method, along with some sample values.
JSON Request Body
------------------------------------
{"aclRules": [{
"affinity": "POSITIVE",
"comparator": "LEXIGRAPHIC_EQUAL",
"type": "USER",
"value": "ted"
}]}
Sample response
This message may not match the message returned from Moab exactly, but is given as an example of the structure of the response.
JSON Request Body
------------------------------------
{"messages":["Reservation 'rsv1' successfully modified"]}
Samples
Create or update multiple ACLs on a single object:
CPUT http://localhost:8080/mws/rest/reservations/system.21/acl-rules?api-version=3
------------------------------------
{"aclRules": [
{
"affinity": "POSITIVE",
"comparator": "LESS_THAN_OR_EQUAL",
"type": "DURATION",
"value": "3600"
},
{
"affinity": "POSITIVE",
"comparator": "LEXIGRAPHIC_EQUAL",
"type": "USER",
"value": "ted"
}
]}
Restrictions
- ACL Rules cannot be added to or updated on Standing Reservations.
The HTTP DELETE method is used to remove ACL Rules.
Quick reference
ACL Rules cannot be removed from Standing Reservations.
DELETE http://localhost:8080/mws/rest/reservations/<rsvId>/acl-rules?api-version=3/<aclId>
URLs and parameters
DELETE http://localhost:8080/mws/rest/reservations/<objectId>/acl-rules?api-version=3/<aclId>
| Parameter | Required | Type | Valid values | Description |
|---|---|---|---|---|
| objectId | Yes | String | -- | The unique identifier of the object from which to remove the ACL Rule. |
| aclId | Yes | String | -- | A string representing the ACL Rule, with the format type:value. |
See Global URL Parameters for available URL parameters.
Sample response
This message may not match the message returned from Moab exactly, but is given as an example of the structure of the response.
JSON Response
------------------------------------
{"messages":["Successfully modified reservation 'rsv1'"]}
Restrictions
- ACL Rules cannot be removed from Standing Reservations.
Related Topics