4ee22e0ed8
This change tests authorization of the admin api. Issue: https://github.com/storj/storj/issues/5699 Change-Id: Iecfe4c27a70ab1b48aeb5ed3251b51a3406140e8 |
||
---|---|---|
.. | ||
ui | ||
apikeys_test.go | ||
apikeys.go | ||
bucket_test.go | ||
bucket_testplanet_test.go | ||
bucket.go | ||
common.go | ||
oauthclients_testplanet_test.go | ||
oauthclients.go | ||
project_test.go | ||
project.go | ||
README.md | ||
restkeys_test.go | ||
restkeys.go | ||
server_test.go | ||
server.go | ||
testutils_test.go | ||
user_test.go | ||
user.go |
satellite/admin
Satellite Admin package provides API endpoints for administrative tasks.
Requires setting Authorization
header for requests.
- satellite/admin
- API design
- API Endpoints
- User Management
- OAuth Client Management
- Project Management
- POST /api/projects
- GET /api/projects/{project-id}
- PUT /api/projects/{project-id}
- DELETE /api/projects/{project-id}
- GET /api/projects/{project}/apikeys
- POST /api/projects/{project}/apikeys
- DELETE /api/projects/{project}/apikeys/{name}
- GET /api/projects/{project-id}/usage
- GET /api/projects/{project-id}/limit
- Update limits
- POST /api/projects/{project-id}/limit?usage={value}
- POST /api/projects/{project-id}/limit?bandwidth={value}
- POST /api/projects/{project-id}/limit?rate={value}
- POST /api/projects/{project-id}/limit?buckets={value}
- POST /api/projects/{project-id}/limit?burst={value}
- POST /api/projects/{project-id}/limit?segments={value}
- Bucket Management
- APIKey Management
API design
Successful responses
For non-get requests (PUT
, POST
, DELETE
), endpoints should return an empty response body on success. GET
requests can return a non-empty body for the resource that we're interacting with.
Error responses
When an API endpoint returns a client error (status code 4XX) it returns a JSON error response which contains 2 fields:
error
: The error message.detail
(may be empty): Some detail about the returned error.
Example:
{
"error": "usage for the current month exists",
"detail": ""
}
API Endpoints
User Management
POST /api/users
Adds a new user.
An example of a required request body:
{
"email": "alice@mail.test",
"fullName": "Alice Test",
"password": "password"
}
A successful response body:
{
"id": "12345678-1234-1234-1234-123456789abc",
"email": "alice@mail.test",
"fullName": "Alice Test",
"shortName": "",
"passwordHash": ""
}
PUT /api/users/{user-email}
Updates the details of existing user found by its email.
Some example request bodies:
{
"email": "alice+2@mail.test"
}
{
"email": "alice+2@mail.test",
"shortName": "myNickName"
}
{
"projectLimit": 200
}
GET /api/users/{user-email}
This endpoint returns information about user and their projects.
A successful response body:
{
"user":{
"id": "12345678-1234-1234-1234-123456789abc",
"fullName": "Alice Bob",
"email":"alice@example.test",
"projectLimit": 10
},
"projects":[
{
"id": "abcabcab-1234-abcd-abcd-abecdefedcab",
"name": "Project",
"description": "Project to store data.",
"ownerId": "12345678-1234-1234-1234-123456789abc"
}
]
}
GET /api/users/{user-email}/limits
This endpoint returns information about users limits.
DELETE /api/users/{user-email}
Deletes the user.
PUT /api/users/{user-email}/limits
Updates the limits of the user and user's existing project(s) limits found by its email.
DELETE /api/users/{user-email}/mfa
Disables the user's mfa.
PUT /api/users/{user-email}/freeze
Freezes a user account so no uploads or downloads may occur.
DELETE /api/users/{user-email}/freeze
Unfreezes a user account so uploads and downloads may resume.
OAuth Client Management
Manages oauth clients known to the Satellite.
POST /api/oauth/clients
Create a new OAuthClient. A client ID and clientSecret will be returned upon creation.
Example request:
{
"id": "uuid-of-the-client",
"secret": "shh-this-should-be-kept-safe",
"redirectURL": "http://localhost:8888/oauth/storj/callback",
"userID": "uuid-of-the-owner",
"appName": "Example App",
"appLogoURL": "http://localhost:8888/logo.png"
}
PUT /api/oauth/clients/{id}
Update an existing oauth client.
Example request:
{
"redirectURL": "http://localhost:8888/oauth/storj/callback",
"appName": "Example App",
"appLogoURL": "http://localhost:8888/logo.png"
}
DELETE /api/oauth/clients/{id}
Delete the identified oauth client.
Project Management
POST /api/projects
Adds a project for specific user.
An example of a required request body:
{
"ownerId": "ca7aa0fb-442a-4d4e-aa36-a49abddae837",
"projectName": "My Second Project"
}
A successful response body:
{
"projectId": "ca7aa0fb-442a-4d4e-aa36-a49abddae646"
}
GET /api/projects/{project-id}
Gets the common information about a project.
PUT /api/projects/{project-id}
Updates project name or description.
{
"projectName": "My new Project Name",
"description": "My new awesome description!"
}
DELETE /api/projects/{project-id}
Deletes the project.
GET /api/projects/{project}/apikeys
Get the list of the API keys of a specific project.
A successful response body:
[
{
"id": "b6988bd2-8d21-4bee-91ac-a3445bf38180",
"ownerId": "ca7aa0fb-442a-4d4e-aa36-a49abddae837",
"name": "mine",
"partnerID": "a9d3b7ee-17da-4848-bb0e-1f64cf45af18",
"createdAt": "2020-05-19T00:34:13.265761+02:00"
},
{
"id": "f9f887c1-b178-4eb8-b669-14379c5a97ca",
"ownerId": "3eb45ae9-822a-470e-a51a-9144dedda63e",
"name": "family",
"partnerID": "",
"createdAt": "2020-02-20T15:34:24.265761+02:00"
}
]
POST /api/projects/{project}/apikeys
Adds an apikey for specific project.
An example of a required request body:
{
"name": "My first API Key"
}
Note: Additionally you can specify partnerId
to associate it with the given apikey.
If you specify it, it has to be a valid uuid and not an empty string.
A successful response body:
{
"apikey": "13YqdMKxAVBamFsS6Mj3sCQ35HySoA254xmXCCQGJqffLnqrBaQDoTcCiCfbkaFPNewHT79rrFC5XRm4Z2PENtRSBDVNz8zcjS28W5v"
}
DELETE /api/projects/{project}/apikeys/{name}
Deletes the given apikey by its name.
GET /api/projects/{project-id}/usage
This endpoint returns whether the project has outstanding usage or not.
A project with not usage returns status code 200 and {"result":"no project usage exist"}
.
Otherwise, it returns status code 409 with a JSON error.{"error":"usage for current month exists""}
.
GET /api/projects/{project-id}/limit
This endpoint returns information about project limits.
A successful response body:
{
"usage": {
"amount": "1.0 TB",
"bytes": 1000000000000
},
"bandwidth": {
"amount": "1.0 TB",
"bytes": 1000000000000
},
"rate": {
"rps": 0
},
"maxBuckets": 1000,
"maxSegments": 1000000000
}
Update limits
You can update the different limits with one single request just adding the
various query parameters (e.g. usage=5000000&bandwidth=9000000
)
POST /api/projects/{project-id}/limit?usage={value}
Updates usage limit for a project. The value must be in bytes.
POST /api/projects/{project-id}/limit?bandwidth={value}
Updates bandwidth limit for a project. The value must be in bytes.
POST /api/projects/{project-id}/limit?rate={value}
Updates rate limit for a project.
POST /api/projects/{project-id}/limit?buckets={value}
Updates number of buckets limit for a project.
POST /api/projects/{project-id}/limit?burst={value}
Updates burst limit for a project.
POST /api/projects/{project-id}/limit?segments={value}
Updates number of segments limit for a project.
Bucket Management
This set of APIs provide administrative functionality over bucket functionality.
GET /api/projects/{project-id}/buckets/{bucket-name}
Returns all the information of the specified bucket.
Geofencing
Manage geofencing capabilities for a given bucket.
POST /api/projects/{project-id}/buckets/{bucket-name}/geofence?region={value}
Enables the geofencing configuration for the specified bucket. The bucket MUST be empty in order for this to work. Valid
values for the region
parameter are:
EU
- restrict placement to data nodes that reside in the European UnionEEA
- restrict placement to data nodes that reside in the European Economic AreaUS
- restricts placement to data nodes in the United StatesDE
- restricts placement to data nodes in Germany
DELETE /api/projects/{project-id}/buckets/{bucket-name}/geofence
Removes the geofencing configuration for the specified bucket. The bucket MUST be empty in order for this to work.
APIKey Management
DELETE /api/apikeys/{apikey}
Deletes the given apikey.