Add User
Path
http://{supOS ip:port}/open-api/auth/v2/users
Request body
{
"username": "test", //required
"password": "xxxxx", //required
"userDesc": "general user",
"timeZone": "GMT+0800", //required
"personCode": "person01", //required
"companyCode": "default", //required
"accountType": 0, //required
"roleNameList": [ //role code list
"role1"
],
"recoveryDeleted": false //whether to restore deleted users
}{
"username": "test",
"password": "xxxxx",
"userDesc": "general user",
"timeZone": "GMT+0800",
"personCode": "person01",
"companyCode": "default",
"accountType": 0,
"roleNameList": [
"role1"
],
"recoveryDeleted": false
}
Response
- 200: Successful.
- 400
{
"code": 100106021,
"message": "password rule: Contains upper and lower cases, and number, and the length is 6-8 digits."
}
- 100106500: Parameter validation error
- 100106004: Username already exists
- 100106005: Person is already bound to a user
- 100106012: Person does not exist
- 100106013: Role does not exist
- 100106021: Password complexity does not meet system requirements
- 100106014: Company does not exist
- 100106020: Person does not belong to this company
- 100106022: Role does not belong to this company
- 500
{
"code": 100000001,
"message": "internal service exception"
}
Get User List
Path
http://{supOS ip:port}/open-api/auth/v2/users
Query parameter
- keyword: Keyword for fuzzy matching.
- pageIndex: Page number. Required.
- pageSize: Items on the page.
- companyCode: Required.
- roleCode: Role code.
- modifyTime: Modify time.
Response
- 200: Successful.
{
"list": [
{
"username": "admin",
"userDesc": "super admin",
"accountType": 0,
"lockStatus": 0,
"personCode": "person01",
"personName": "person01",
"modifyTime": "2020-09-22T07:38:13.893+0800",
"createTime": "2020-09-22T07:38:13.893+0800",
"userRoleList": [
{
"name": "systemRole",
"showname": "admin role",
"description": "string"
}
],
"avatar": "/auth/v2/users/admin/avatar"
}
],
"pagination": {
"total": 100,
"pageSize": 20,
"pageIndex": 1
}
}
- 400
{
"code": 100106500,
"message": "pageSize exceeds the maximum of 500"
}
100106014: Company does not exist.
- 500
{
"code": 100000001,
"message": "internal service exception"
}
Delete User in Batches
Path
http://{supOS ip:port}/open-api/auth/v2/users
Query parameter
usernames: Required. For example, usernames=user1,user2...
Response
- 200: Successful.
- 400
{
"code": 100106017,
"message": "{name},pending tasks exist, {name} cannot be deleted"
}
- 100106500: pageSize exceeds the maximum of 500.
- 100106018: xxx (name), admin xxx cannot be deleted.
- 500
{
"code": 100000001,
"message": "internal service exception"
}
Get User Details
Path
http://{supOS ip:port}/open-api/auth/v2/users/{username}
Response
- 200: Successful.
{
"username": "admin",
"userDesc": "super admin",
"accountType": 0,
"lockStatus": 0,
"personCode": "person01",
"personName": "person01",
"modifyTime": "2020-09-22T07:38:13.893+0800",
"createTime": "2020-09-22T07:38:13.893+0800",
"userRoleList": [
{
"name": "systemRole",
"showname": "admin role",
"description": "string"
}
],
"avatar": "/auth/v2/users/admin/avatar"
}
- 500
{
"code": 100000001,
"message": "internal service exception"
}
Edit User
Path
http://{supOS ip:port}/open-api/auth/v2/users/{username}
Request body
{
"userDesc": "manager",
"timeZone": "GMT+0000",
"personCode": "person01",
"lockStatus": 0 //0-not locked, 1-locked
}
Response
- 200: Successful.
- 400
{
"code": 100106500,
"message": "timeZone format error"
}
- 100106500: Parameter validation error.
- 100106012: Person does not exist.
- 500
{
"code": 100000001,
"message": "internal service exception"
}
Unbind User
info
Up to 10 roles can be unbind.
Path
http://{supOS ip:port}/open-api/auth/v2/users/{username}/role
Request body
{
"roleCodes": [ //required
"role1"
]
}
Response
- 200: Successful.
- 400
{
"code": 100106013,
"message": "role1,role2 do not exist"
}
- 100106500: Parameter validation error.
- 100106013: Person does not exist.
- 100106019: System admin cannot edit roles.
- 500
{
"code": 100000001,
"message": "internal service exception"
}
Bind User
info
Up to 10 roles can be bound.
Path
http://{supOS ip:port}/open-api/auth/v2/users/{username}/role
Request body
{
"roleCodes": [ //required
"role1"
]
}
Response
- 200: Successful.
- 400
{
"code": 100106013,
"message": "role1,role2 do not exist"
}
- 100106500: Parameter validation error.
- 100106013: Person does not exist.
- 100106019: System admin cannot edit roles.
- 100106022: Role does not belong to the company.
- 500
{
"code": 100000001,
"message": "internal service exception"
}
Reset Default Admin Password
info
- Only works on admin.
- Permission must be granted before using this API.
Path
http://{supOS ip:port}/open-api/auth/v2/users/{username}/role
Response
- 200: Successful.
{
"password": "9Bo0JPnIfi0A9tptjB/pwisHnom1gSPm/OLyuPDXldM="
}
info
The returned password is encrypted with base64. Decipher with following algorithms:
- Symmetric decryption algorithm: AES-128-ECB
- Data: PKCS5Padding
- Symmetric decryption key: aeskey=md5(sk). aeskey has 16 bytes.
Unbind Third-party Role
info
- Works on 1-10 third-party roles.
- No reminders when unbinding non-existent roles.
Path
http://{supOS ip:port}/open-api/auth/v2/users/{username}/role/third/identity
Query parameter
identityIds: Unique identity code. Required. For example: identityIds=12131231,123123123.
Response
- 200: Successful.
- 400
{
"code": 100106500,
"message": "number of roles exceeds the maximum of 10"
}
Get Accessible Menus by Username
Path
http://{supOS ip:port}/open-api/rbac/v2/users/{username}/permissions/menus
Query parameter
- companyCode: Required. Based on the company code, get accessible menus of the user in this company.
- source: Menu source. source=IDE means to get menus whose source is APP designer; emptyt means to get all menus.
Response
- 200: Successful.
{
"list": [
{
"name": "device management",
"url": "/project/compute-engine/datadump",
"code": "bisDesigner"
}
]
}
- 400
{
"code": 100105225,
"message": "specified user does not exist"
}
- 100105226: Specified user is not employed by specified company.
- 100105227: Specified company does not exist.
- 100000001: Source is not in compliance with the rules, example: IDE.
- 100000001: Company code cannot be empty.
- 100000001: Internal service exception.
- 500
{
"code": 100000001,
"message": "internal service exception"
}
Get Accessible Menus by Role
Path
http://{supOS ip:port}/open-api/rbac/v2/roles/{rolecode}/permissions/menus
Query parameter
- companyCode: Required. Based on the company code, get accessible menus of the role in this company.
- scope: Menu source. 0-design center menu; 1-operation center menu; emptyt means to get all menus.
Response
- 200: Successful.
{
"list": [
{
"name": "device management",
"url": "/project/compute-engine/datadump",
"code": "bisDesigner"
}
]
}
- 400
{
"code": 100105228,
"message": "specified role does not exist"
}
- 100000003: Illegal scope. For example:0, 1.
- 100105225: Specified user does not exist.
- 100105226: Specified user is not employed by specified company.
- 100105227: Specified company does not exist.
- 100000001: Company code cannot be empty.
- 500
{
"code": 100000001,
"message": "internal service exception"
}
Load User Icon
Path
http://{supOS ip:port}/open-api/auth/v2/users/{username}/avatar
Query parameter
- companyCode: Required. Based on the company code, get accessible menus of the user in this company.
- source: Menu source. source=IDE means to get menus whose source is APP designer; emptyt means to get all menus.
Response
- 200: Successful.
- 400
{
"code": 100106114,
"message": "avatar file does not exist"
}
Upload User Icon
Path
http://{supOS ip:port}/open-api/auth/v2/users/{username}/avatar
Query parameter
fileName: Required.
Response
- 200: Successful.
{
"fileName": "string",
"fileFullPath": "string",
"fileDownloadUrl": "string"
}
- 400
{
"code": 100106112,
"message": "file type can only be jpg, gif and png"
}
- 100106111: File name length cannot exceed 20.
- 100106113: File size exceeds the limit. The maximum size is 5 M.