Skip to main content
API docs by Redocly

permission management API definition

Download OpenAPI specification:Download

Provide functionality for adding, modifying, and deleting menus, permissions, and roles

menus

menu management

Initialization Modules, Menus, and Operation Items within Menu Page

Initialization process includes:

  • module registration(module code and internationalization information, etc.)
  • menu registration(basic menu information, request address, menu page operation information, and internationalization registration data for menus)

Initialization process is completed by uploading a YAML file, which supports configuring internationalization information.

Specific format requirements for related parameters can be found in the corresponding detailed description in the YAML file.

Based on the dataVersion field in the YAML file, determine whether the submission is for new addition or update operation. In the case of special scenarios during updates, the following explanations are provided:

  • menu update strategy:
    • update strategy: menu items already exist in the system and are included in API parameters. If the menu structure has been adjusted during the project period, the project-adjusted data will be retained, and the adjusted menu items will not be updated.
      • For example, if the menu has been moved to a directory outside of the current app during the project period, it will not be updated.
    • menu deletion strategy: menu items already exist in the system but are not included in API parameters. The menu items are hidden (soft deletion) for easy retrieval during re-registration.
      • If the menu has been assigned permissions, it will not be deleted and an error message will be displayed “The menu cannot be deleted because it has been assigned permissions!”
    • If a menu operation item (operateCode) under a menu is deleted, the role and user permissions associated with it will be physically deleted.
    • menu addition strategy: menu items do not exist in the system but are included in API parameters.

During the project period, menu adjustments include the following aspects:

  • Adjust menu positions, including sorting modification and folder arrangements
  • Enable or disable menus
  • Modify menu basic information (note: even if no changes are made, click the edit button on the page counts as a modification).

For example, if app A previously had 10 menus represented by menu_01 to menu_10and there are changes to the app and related menus, with menu_01 to menu_08 and menu_11 to menu_14 now, the API should be called to modify the full set of menus for the app with the following logic:

  • retain menus: menu_01 to menu_08
  • hide menus: menu_09, menu_10
  • add menus: menu_11 tomenu_14

YAML format is as follows

Request Body schema: application/octet-stream
string <binary>

Responses

Response samples

Content type
application/json
{
  • "code": 100105213,
  • "message": "Menu code already exists!"
}

Delete Menu According To Module Code

delete registered menu and operation items according to module code. The menu item is hidden (soft deletion) for easy retrieval during re-registration.

Delete related menus based on specified conditions:

  • ModuleCodes refer to module codes, with multiple codes separated by commas.

If a module does not have any associated menus, it is considered that the menus associated with that module have been deleted successfully.

All menus associated with the module need to be deleted, except for menus that meet the following condition:

  • In the displayed menu list, the menu has associated menus that are not related to the current module

In this case, the menu should not be deleted, but the 'URL' attribute on that menu should be cleared. Deleting a menu does not involve deleting permissions.

path Parameters
moduleCodes
required
Array of strings <= 10 items [ items <= 500 characters ]
Example: desktop,flow

Module codes, separated by commas.

query Parameters
clearPermission
boolean

used to determine whether to clear the permission configuration information related to the menus. The default value is true, indicating that the permission configuration information is cleared.

Responses

Response samples

Content type
application/json
{
  • "code": 100105256,
  • "message": "The number of module codes exceeds the maximum limit!"
}

Modify Module Information

This API is primarily used to modify the frozen status of menus associated with a module.

frozen status:

  • Frozen menus will be marked, and when users click to open the menu page, they will be notified that it is frozen. For example, when a user's subscription for an app expires, the platform will freeze the app's menu. As a result, the user will be unable to open menu pages, and the system will display a frozen notification.

unfrozen status:

  • By default, users can open the menu after the menu is unfrozen. For example, after the platform is frozen, if a user renews the subscription, the platform will be unfrozen and restore the original functionality.

If a module code does not have any associated menu, it is considered that the modification of the menu's frozen status under that module code is successful.

path Parameters
moduleCodes
required
Array of strings <= 10 items [ items <= 500 characters ]
Example: desktop,flow

Module codes, separated by commas.

Request Body schema: application/json
Array (<= 10 items)
code
required
string <= 500 characters

Module encoding. Required field. Immutable.

Unless otherwise specified, it can be consistent with the id.

Letters, numbers, and underscores are supported. Must start with a letter and cannot end with an underscore.

name
string <= 500 characters

module name.

Generally, it is filled with the internationalized KEY of the name, and the encoding code convention format is: reg.moduleName. + moduleCode, such as: reg.moduleName.rbac

freezeStatus
required
boolean
Default: false

Freeze state, applied to the menu that this module belongs to. Required field.

Array of objects (i18nKeyValue) [ 1 .. 10 ] items

Internationalization data for module names.

Responses

Request samples

Content type
application/json
[
  • {
    }
]

Response samples

Content type
application/json
{
  • "code": 100105256,
  • "message": "The number of module codes exceeds the maximum limit!"
}

Menu Registration Deprecated

The API is deprecated!!! Please use the POST /open-api/rbac/v2/menus/modules API. The new API reduces the risk of distributed transactions caused by multiple API calls and simplifies the development complexity for developers. The basic information of the registration menu, the request address, the operation information of the menu page and the international registration data of the menu Attention

  • When registering a menu, submit all menu contents under the same APP ID at the same time.* Only one APP ID's menu can be registered per request.
Request Body schema: application/json
Array (<= 200 items)
companyCode
string <= 20 characters

The code of the company to which the menu belongs, the parameter is filled by the default company code when the system is passed

code
required
string <= 500 characters

The menu code needs to be globally unique. You can refer to the following methods to generate the menu code:

  • Use UUID to avoid duplication
  • Use a fixed string + 6-digit random number to avoid repetition, such as APP ID + 6-digit random number or serial number
parentCode
string <= 500 characters

Encoding of the parent menu, it is the root menu when it is empty

i18nKeyName
required
string <= 500 characters

Menu Internationalization Code

i18nDefaultValue
string <= 500 characters

The internationalized name of the menu. When i18nKeyName does not find the internationalized name of the current locale, this attribute will be used to replace it by default. If the value is not filled, it will be filled with the first item in the i18nKeyValues array by default.

i18nDefaultValue and i18nKeyValues cannot be empty at the same time

Array of objects (i18nKeyValue) <= 50 items

i18nDefaultValue and i18nKeyValues cannot be empty at the same time

sort
number <double>
Default: 99

Menu sorting, menus at the same level are sorted from small to large according to the size of the sort value. If not filled, the default is 99.

showType
required
integer
Default: 1
Enum: 0 1

Request method:

  • 0 - Configuration link page, that is, the page designed and developed through the "Tianfang (supIDE)" platform configuration design, such as large screen, flow chart, form, etc.
  • 1 - external link page, that is, a page that is not designed and developed through the "Tianfang (supIDE)" platform configuration, and is a page imported from the outside

Tianfang (supIDE), an efficient and low-code development system provided by the supOS platform, supports user-defined development of large screens, reports, form business and industrial flow charts. For detailed functions, please consult Lanzhuo Company.

url
string <= 500 characters

Menu request page URL address

target
required
string
Enum: "SELF" "BLANK"

How the menu opens on the browser page

  • SELF - current tab open
  • BLANK - open a new tab
scope
required
integer
Enum: 0 1

The scope of the menu

  • 0 - configuration period, that is, the administrator operation terminal or the project implementation operation terminal, which can be entered through the "system configuration" button in the system
  • 1 - Runtime, i.e. normal user operation side
source
required
string <= 50 characters

Menu registration source, the caller uses a word to identify itself. Such as MES=manufacturing system

  • saas
menuType
required
integer
Enum: 0 1 2 3

menu type

  • 0 - folder menu directory type, no pages
  • 1 - page menu page type, when clicked, the corresponding URL link can be opened
  • 2 - flow menu flow type
  • 3 - operation menu operation type
iconUrl
string <= 500 characters

Menu icon ICON URL address, allowing absolute and relative paths

tokenType
integer
Default: 0
Enum: 0 1

Do you need to pass a temporary token? If so, you need to splice the obtained temporary token into the query part when you click the menu.

  • 1: required
  • 0: not required
memo
string <= 500 characters

Remarks

extra
string <= 500 characters

Extra information

moduleCode
required
string <= 50 characters

Module coding, pre-registration required

APP ID
string <= 500 characters

The unique identification ID of the APP

Array of objects (MenuOperate) <= 200 items

Responses

Request samples

Content type
application/json
[
  • {
    }
]

Response samples

Content type
application/json
{
  • "code": 100000000,
  • "message": "operation succeeded"
}

Modify All Menus Deprecated

The API is deprecated!!!

**Please use thePOST /open-api/rbac/v2/menus/modules API. The new API reduces the risk of distributed transactions caused by multiple API calls and simplifies the development complexity for developers.

Used to modify the full menu under the same app. Note that all menus need to be submitted at this time. Each menu submitted with each request must belong to the same APP ID. **

For apps installed via an installation package that want to update the app menu using this interface, please note:

  • This interface does not have the routerPrefix attribute. You need to manually concatenate the complete url parameter based on the value of this parameter. If you are unsure how to concatenate the url, it is recommended to update through the app installation package for now and avoid using this interface temporarily.

The menu modification strategy is based on the unique matching of the menu's module code and menu code. The modification policy for the menu is as follows:

  • update strategy: menu items already exist in the system and are included in API parameters. If the menu structure has been adjusted during the project period, the project-adjusted data will be retained, and the adjusted menu items will not be updated.
    • For example, if the menu has been moved to a directory outside of the current app during the project period, it will not be updated.
  • menu deletion strategy: menu items already exist in the system but are not included in API parameters. The menu items are hidden (soft deletion) for easy retrieval during re-registration.
    • If the menu has been assigned permissions, it will not be deleted and an error message will be displayed “The menu cannot be deleted because it has been assigned permissions!”
    • If a menu operation item (operateCode) under a menu is deleted, the role and user permissions associated with it will be physically deleted.
  • Menu addition strategy: menu items do not exist in the system but are included in API parameters.

During the project period, menu adjustments include the following aspects:

  • Adjust menu positions, including sorting modification and folder arrangements
  • Enable or disable menus
  • Modify menu basic information (note: even if no changes are made, clicking the edit button on the page counts as a modification).

For example, if app A previously had 10 menus represented by menu_01 to menu_10and there are changes to the app and related menus, with  menu_01 to menu_08 and menu_11 to menu_14 now, the API should be called to modify the full set of menus for the app with the following logic:

  • retain menus: menu_01 to menu_08
  • delete menu:menu_09, menu_10
  • add menus: menu_11 tomenu_14
Request Body schema: application/json
Array (<= 200 items)
companyCode
string <= 20 characters

The code of the company to which the menu belongs, the parameter is filled by the default company code when the system is passed

code
required
string <= 500 characters

The menu code needs to be globally unique. You can refer to the following methods to generate the menu code:

  • Use UUID to avoid duplication
  • Use a fixed string + 6-digit random number to avoid repetition, such as APP ID + 6-digit random number or serial number
parentCode
string <= 500 characters

Encoding of the parent menu, it is the root menu when it is empty

i18nKeyName
required
string <= 500 characters

Menu Internationalization Code

i18nDefaultValue
string <= 500 characters

The internationalized name of the menu. When i18nKeyName does not find the internationalized name of the current locale, this attribute will be used to replace it by default. If the value is not filled, it will be filled with the first item in the i18nKeyValues array by default.

i18nDefaultValue and i18nKeyValues cannot be empty at the same time

Array of objects (i18nKeyValue) <= 50 items

i18nDefaultValue and i18nKeyValues cannot be empty at the same time

sort
number <double>
Default: 99

Menu sorting, menus at the same level are sorted from small to large according to the size of the sort value. If not filled, the default is 99.

showType
required
integer
Default: 1
Enum: 0 1

Request method:

  • 0 - Configuration link page, that is, the page designed and developed through the "Tianfang (supIDE)" platform configuration design, such as large screen, flow chart, form, etc.
  • 1 - external link page, that is, a page that is not designed and developed through the "Tianfang (supIDE)" platform configuration, and is a page imported from the outside

Tianfang (supIDE), an efficient and low-code development system provided by the supOS platform, supports user-defined development of large screens, reports, form business and industrial flow charts. For detailed functions, please consult Lanzhuo Company.

url
string <= 500 characters

Menu request page URL address

target
required
string
Enum: "SELF" "BLANK"

How the menu opens on the browser page

  • SELF - current tab open
  • BLANK - open a new tab
scope
required
integer
Enum: 0 1

The scope of the menu

  • 0 - configuration period, that is, the administrator operation terminal or the project implementation operation terminal, which can be entered through the "system configuration" button in the system
  • 1 - Runtime, i.e. normal user operation side
source
required
string <= 50 characters

Menu registration source, the caller uses a word to identify itself. Such as MES=manufacturing system

  • saas
menuType
required
integer
Enum: 0 1 2 3

menu type

  • 0 - folder menu directory type, no pages
  • 1 - page menu page type, when clicked, the corresponding URL link can be opened
  • 2 - flow menu flow type
  • 3 - operation menu operation type
iconUrl
string <= 500 characters

Menu icon ICON URL address, allowing absolute and relative paths

tokenType
integer
Default: 0
Enum: 0 1

Do you need to pass a temporary token? If so, you need to splice the obtained temporary token into the query part when you click the menu.

  • 1: required
  • 0: not required
memo
string <= 500 characters

Remarks

extra
string <= 500 characters

Extra information

moduleCode
required
string <= 50 characters

Module coding, pre-registration required

APP ID
string <= 500 characters

The unique identification ID of the APP

Array of objects (MenuOperate) <= 200 items

Responses

Request samples

Content type
application/json
[
  • {
    }
]

Response samples

Content type
application/json
{
  • "code": 100000000,
  • "message": "operation succeeded"
}

Delete Menu Deprecated

The API is deprecated!!!

Use DELETE /open-api/rbac/v2/menus/modules/{moduleCodes}

Delete related menus based on specified conditions:

  • APP IDs IDs of the apps, separated by commas. If an APP does not have any associated menus, it is considered as a successful deletion. All menus associated with the APP need to be deleted, except for the menus that meet the following condition:
  • On the displayed menu list, there are menus under this menu that are associated with other apps. Deleting a menu does not involve deleting permissions.
query Parameters
APP IDs
Array of strings <= 10 items [ items <= 500 characters ]
Example: APP IDs=desktop,flow

APP ID. Multiple ID is separated by commas.

Responses

Response samples

Content type
application/json
{
  • "code": 100000000,
  • "message": "operation succeeded"
}

Modify the freeze status of the associated menu based on the ID of the APP. Deprecated

The API is deprecated!!!

To freeze or unfreeze a menu, please use PUT /open-api/rbac/v2/menus/modules/{moduleCodes}.

To modify the freeze status of the menu associated with an APP:

  • Freeze status: When a menu is frozen, it will be marked, and users will be notified when they attempt to open the menu page. For example, when a subscribed APP exceeds its usage period, the platform will freeze the menu associated with that APP. As a result, users will be unable to access the menu pages and will receive a notification indicating that the menu has been frozen.
  • Unfreeze status: This is the default status, and once unfrozen, users can access the menu pages normally. For example, if a menu is frozen and a user renews their subscription, the platform will unfreeze the menu and restore its original functionality.

When the menu is frozen, it can only be unfrozen by calling this interface. Modifying the frozen menu will not modify the frozen state of the current menu.

If an APP ID does not have an associated menu, it is directly considered that the modification of the frozen status of the APP is successful.

query Parameters
APP IDs
required
Array of strings <= 10 items [ items <= 500 characters ]
Example: APP IDs=desktop,flow

APP ID, multiple IDs separated by ","

Request Body schema: application/json
status
required
boolean

frozen state:

  • true: frozen
  • false: unfreeze

Responses

Request samples

Content type
application/json
{
  • "status": true
}

Response samples

Content type
application/json
{
  • "code": 100000000,
  • "message": "operation succeeded"
}

roles

role management

Add roles in batches

  • name、code required.
  • The number of new batches is limited to 50.
  • Character numbering rules: letters, numbers or underscores and their combinations, no more than 50 characters.
  • Character name cannot exceed 50 characters.
  • Role description cannot exceed 255 characters.
  • Role code cannot be repeated or already exists。
  • If the verification fails or is abnormal, all new additions will fail.
Request Body schema: application/json
Array
code
required
string <= 50 characters

role code

name
required
string <= 50 characters

role name

description
string <= 255 characters

role description

Responses

Request samples

Content type
application/json
[
  • {
    }
]

Response samples

Content type
application/json
{
  • "code": 100105000,
  • "message": "Required parameters cannot be empty!"
}

Modify roles in batches

  • name、code required.
  • The number of batch edits is limited to 50.
  • Character numbering rules: letters, numbers or underscores and their combinations, no more than 50 characters.
  • Character name cannot exceed 50 characters.
  • Role description cannot exceed 255 characters.
  • Role encoding must exist.
  • If the verification fails or is abnormal, all modifications will fail.
Request Body schema: application/json
Array
code
required
string <= 50 characters

role code

name
required
string <= 50 characters

role name

description
string <= 255 characters

role description

Responses

Request samples

Content type
application/json
[
  • {
    }
]

Response samples

Content type
application/json
{
  • "code": 100105000,
  • "message": "Required parameters cannot be empty!"
}

query role

Query role list data.

  • Only supports querying the role data of a certain company
  • When the company code does not exist, the returned data is an empty collection
  • Support pagination query
  • Support fuzzy query according to role code (roleCode), role name (roleName), role description (description)
  • Support query based on role creation time and update time
  • Support for querying deleted roles
query Parameters
keyword
string <= 50 characters
Example: keyword=systemRole

Keyword, supports fuzzy query according to role code (roleCode), role name (roleName), and role description (description).
For example: input "personCode1" to match and query all data containing "personCode1" in the role code, role name, and role description;

  • When querying, it is not case-sensitive. For example, if "person1" is passed in, query results containing "Person1" will be returned.
  • Multiple query conditions are not supported, and the input data will be used as a single value to match the query;
  • If the relevant data matching the query does not exist, the returned data structure is an empty collection.
companyCode
required
string <= 50 characters
Example: companyCode=default_org_company

company code

includeDeleted
boolean
Default: false
Example: includeDeleted=true

Whether to query for deleted roles

  • Description:
    • true: Deleted roles are included in the returned results
    • false: Deleted roles are not included in the returned results
    • In the returned result, use the "valid" field to identify whether it is a deleted role
createTimeRange
string <= 60 characters
Example: createTimeRange=[2022-11-29T00:00:00.000+0000,2022-11-30T00:00:00.000+0000)

Role creation time query range;
After passing the parameter, you can query the roles whose creation time is within this range, or query all the roles whose creation time is not passed;
The time range is represented by time plus opening and closing intervals;

  • For example:
    • "[2022-11-29T00:00:00.000+0000,)": indicates that it is greater than or equal to zero o'clock on November 29, 2022.
    • "(,2022-11-29T00:00:00.000+0000)": Indicates that it is less than midnight on November 29, 2022.
    • "[2022-11-29T00:00:00.000+0000,2022-11-30T00:00:00.000+0000)": indicates the whole day of November 29, 2022.

The time format is (the time format must include a time zone): "yyyy-MM-dd'T'HH:mm:ss.SSSZ".

  • Example:
    • Zero time zone time: "2021-01-26T16:02:15.666+0000";
    • East Eighth District Time: "2021-01-26T16:02:15.666+0800";
modifyTimeRange
string <= 60 characters
Example: modifyTimeRange=[2022-11-29T00:00:00.000+0000,2022-11-30T00:00:00.000+0000)

Role update time query scope;
After the parameter is passed, you can query the roles whose update time is within this range, if not, you can query all the roles with update time;
The time range is represented by time plus opening and closing intervals;

  • For example:
    • "[2022-11-29T00:00:00.000+0000,)": indicates that it is greater than or equal to zero o'clock on November 29, 2022.
    • "(,2022-11-29T00:00:00.000+0000)": Indicates that it is less than midnight on November 29, 2022.
    • "[2022-11-29T00:00:00.000+0000,2022-11-30T00:00:00.000+0000)": indicates the whole day of November 29, 2022.

The time format is (the time format must include a time zone): "yyyy-MM-dd'T'HH:mm:ss.SSSZ".

  • Example:
  • Zero time zone time: "2021-01-26T16:02:15.666+0000";
  • East Eighth District Time: "2021-01-26T16:02:15.666+0800";
pageSize
integer [ 1 .. 500 ]
Default: 20
Example: pageSize=20

Number of records per page.
Supports a maximum of 500 records per page. When the passed parameter is greater than 500, the system defaults to the maximum value of 500;
If not passed, the default value is 20;

current
integer
Default: 1
Example: current=1

The current page number, starting from 1. When not passed in, the default value is 1.

header Parameters
Accept-Language
string <= 8 characters
Example: zh-cn

Internationalized language (depending on the language, the system encoding value returns content in different languages), the default is the language of the server operating system. English is en-us, Chinese is zh-cn.

Responses

Response samples

Content type
application/json
{
  • "list": [
    ],
  • "pagination": {
    }
}

Batch delete roles

  • The number of deleted characters is limited to 50.
  • Do not omit when deleting a role that does not exist.
  • The roles associated with positions and users cannot be deleted.
  • Support idempotent operations.
  • When the verification fails or is abnormal, all deletions will fail.
path Parameters
roleCodes
required
string

Delete roles in batches through role codes, multiple role codes are connected by ","

Responses

Response samples

Content type
application/json
{
  • "code": 100000001,
  • "message": "Unknown exception occurred in the system"
}

menu permission

menu permission management

Query whether the specified user has the permission of the specified menu and its menu operation under the specified company

  • Query the authority of the user to specify the menu under the specified company
  • Returns an empty object if the user does not have permission for the menu
  • If the user has the permission of the menu, but does not have the menu operation permission under the menu, the operations attribute in the returned object is an empty set
path Parameters
username
required
string <= 50 characters
Example: zhangsan

username

menuCode
required
string <= 500 characters
Example: basic

menu code

query Parameters
companyCode
string <= 50 characters
Example: companyCode=tecCompany

Company code, when the parameter is empty, the system will query the default company data

Responses

Response samples

Content type
application/json
{
  • "menuCode": "hj89ki95bb7c90256c912eb1c03ajjjj",
  • "menuName": "Device management",
  • "menuUrl": "/project/compute-engine/datadump",
  • "operations": [
    ]
}

Query the menu that the user has access to according to the user name

  • Required fields: company code and username
  • Optional item: source, if not passed, it means full search
path Parameters
username
required
string

Query the menu that this user has permission by user name

query Parameters
companyCode
required
string

Query the authorized menu of this user in this company according to the company code of the user

source
string

Query according to the menu source is source=IDE, means to only query the menus that use the APP designer as the source; if it is empty, it means to query all types of menus that users can access, without distinguishing the source

Responses

Response samples

Content type
application/json
{
  • "list": [
    ]
}

Query the menu that the user has permission

  • Query the configuration period menu or runtime menu that the user has authority under the specified company
  • This interface is a trial interface and may not be compatible in the future
  • Menus at the same level are sorted in ascending order by the sort sort field
path Parameters
username
required
string
Example: zhangsan

username

query Parameters
companyCode
required
string
Example: companyCode=tecCompany

company code

scope
integer

If you do not pass it, you can check all the menus, whether you want to check the configuration menu (0) or the runtime menu (1)

Responses

Response samples

Content type
application/json
{
  • "list": [
    ]
}

Query the menu that the role has access to according to the role code

  • Mandatory items: company code and role code
  • Optional items: scope, configuration menu (0), or runtime menu (1), if not passed, it means full search
path Parameters
rolecode
required
string

Use the role code to query the menus that this role has permission, and the length is less than 150 characters

query Parameters
companyCode
required
string

Query the authorized menu of this user in this company according to the company code of the user, the length is within 50 characters

scope
integer

Query configuration period menu 0, query runtime menu 1, if not, query all menus

Responses

Response samples

Content type
application/json
{
  • "list": [
    ]
}

Query the menu that the user has access to according to the user name, which will be discarded and migrated to /rbac/v2/users/{username}/permissions/menus Deprecated

  • Required field: username
  • Optional item: source, if not passed, it means full search
path Parameters
username
required
string

Query the menu that this user has permission by user name

query Parameters
source
string

Query according to the menu source is source=IDE, means to only query the menus that use the APP designer as the source; if it is empty, it means to query all types of menus that users can access, without distinguishing the source

Responses

Response samples

Content type
application/json
{
  • "list": [
    ]
}

resource collection

Data resource collection management API

Save resource collections in batches

Used to add and modify resource collections. Added resource collection, save code, name, link address and company. Modify the resource collection, support to modify the resource collection name and link address.

Notice:

  • Make a unique identifier according to the resource collection code, if it does not exist, add it, if it exists, modify it; a request can be added and modified at the same time.
  • It is not supported to modify the resource collection code resCollectionCode and company code companyCode when modifying.
  • A request supports up to 20 pieces of data.
  • All resource collections in a request, either all of them are saved successfully, or all of them fail to be saved, and there will be no partial success
Request Body schema: application/json
Array ([ 1 .. 20 ] items)
companyCode
string <= 20 characters

The code of the company to which the resource collection belongs, and the passed parameter is filled with the default company code "default_org_company" for the space-time system

resCollectionCode
required
string <= 200 characters

Resource collection encoding, only letters and numbers are supported
The resource collection code needs to be globally unique. You can refer to the following methods to generate the resource collection code:

    1. Use UUID to avoid repetition, such as "3b66936c37c411ed9381020017000b7b"
    1. Use a fixed string + 6-digit random number to avoid repetition, such as APP ID + 6-digit random number or serial number. The algorithm of the APP ID is MD5 (appVendorName-appName), which is obtained by encoding the developer name of the APP - the name of the APP using the MD5 algorithm. It is recommended to lowercase the value. For example, if the APP ID is "170d1e0dc2fd76604461b435c4b6d111" and the serial number is "000001", the final resource collection code generated is "170d1e0dc2fd76604461b435c4b6d111000001".
resCollectionName
string <= 200 characters

Resource collection name, required when adding

resCollectionDataQueryUrl
string <= 500 characters

Call back the app to query the resource information address, and refer to Callbacks for detailed interface definitions

Responses

Callbacks

Request samples

Content type
application/json
[
  • {
    }
]

Response samples

Content type
application/json
{
  • "code": 100000000,
  • "message": "operation succeeded"
}

Delete resource collections in batches

Used to delete resource collections.

Notice:

  • Resource collection encodings that do not exist are ignored.
  • The maximum number of deletions: 20
  • The minimum number of deletions: 1
  • For all resource collections in a request, either all deletions are successful, or all deletions fail, and there will be no partial success
  • Support idempotence
path Parameters
resourceCollectionCodes
required
Array of strings [ 1 .. 20 ] items [ items <= 200 characters ]
Example: 1a7c29a037c411ed8087020017000b7b,3b6692ae37c411ed9381020017000b7b

resource collection encoding collection

Responses

Response samples

Content type
application/json
{
  • "code": 100000000,
  • "message": "operation succeeded"
}

User resource permission query interface

Query the resource permissions assigned by the user (and the associated role) under the resource collection.

path Parameters
resourceCollectionCode
required
string <= 200 characters
Example: 3b6692ae37c411ed9381020017000b7b

resource collection encoding

query Parameters
userName
required
string <= 32 characters
Example: userName=admin123

username

companyCode
string <= 20 characters
Example: companyCode=default_org_company

Company code, the passed parameter is filled with the default company code "default_org_company" for the space-time system

keyCode
string <= 200 characters
Example: keyCode=keyCode123

Resource key, if it is empty, return the resource collection and combine all authorized resources

resType
string <= 200 characters
Example: resType=tag_1

Resource type, used to filter resource permissions. If this parameter is passed, the resource permissions will be filtered according to the incoming parameters (this field is obtained from the returned data body of the third party through the query of resCollectionDataQueryUrl by the platform). If this parameter is not passed, all resource permissions under this resource collection will be queried.

pageSize
required
integer <= 500
Example: pageSize=500

The number of data items per page, the maximum number is 500; the recommended value is 500 to reduce the calling frequency

current
required
integer
Default: 1
Example: current=1

current page number, starting from 1

header Parameters
Accept-Language
string <= 8 characters
Example: zh-cn

Internationalized language (depending on the language, the system encoding value returns content in different languages), the default is the language of the server operating system. English is en-us, Chinese is zh-cn.

Responses

Response samples

Content type
application/json
{
  • "list": [
    ],
  • "pagination": {
    }
}

Role resource permission query interface

Query the resource permissions assigned by the role under the resource collection.

path Parameters
resourceCollectionCode
required
string <= 200 characters
Example: 3b6692ae37c411ed9381020017000b7b

resource collection encoding

query Parameters
roleCode
required
string <= 50 characters
Example: roleCode=managerCode1

role code

keyCode
string <= 200 characters
Example: keyCode=keyCode123

Resource key, if it is empty, all authorized resources under the resource collection will be returned

resType
string <= 200 characters
Example: resType=tag_1

Resource type, used to filter resource permissions. If this parameter is passed, the resource permission will be filtered according to the incoming parameter (this field is obtained from the returned data body of the third-party query by the platform through resCollectionDataQueryUrl. For details of the third-party interface, see the batch save resource collection interface). If this parameter is not passed, all resource permissions under this resource collection will be queried。

pageSize
required
integer <= 500
Example: pageSize=500

The number of data items per page, the maximum number is 500; the recommended value is 500 to reduce the calling frequency

current
required
integer
Default: 1
Example: current=1

current page number, starting from 1

header Parameters
Accept-Language
string <= 8 characters
Example: zh-cn

Internationalized language (depending on the language, the system encoding value returns content in different languages), the default is the language of the server operating system. English is en-us, Chinese is zh-cn.

Responses

Response samples

Content type
application/json
{
  • "list": [
    ],
  • "pagination": {
    }
}

Query role interface based on resource permissions

Query all roles that have permissions for this resource.

path Parameters
resourceCollectionCode
required
string <= 200 characters
Example: 1a7c29a037c411ed8087020017000b7b

resource collection encoding

keyCode
required
string <= 200 characters
Example: keyCode123

resource key

header Parameters
Accept-Language
string <= 8 characters
Example: zh-cn

Internationalized language (depending on the language, the system encoding value returns content in different languages), the default is the language of the server operating system. English is en-us, Chinese is zh-cn.

Responses

Response samples

Content type
application/json
{
  • "code": 100000000,
  • "message": "search successful",
  • "list": [
    ]
}

Query user menu permissions and resource permissions

Query user menu permissions and resource permissions.
If the amount of returned data is too large, there may be performance problems. It is recommended that the total number of user menu permissions and resource permissions to be queried should not exceed 1000.
The returned result data is 0 in the following cases:

  • Username does not exist
  • Company code does not exist
  • User does not belong to current company
query Parameters
username
required
string <= 32 characters
Example: username=admin123

Username, required

companyCode
string <= 50 characters
Example: companyCode=default_org_company

Company code, optional
When the passed parameter is empty, the system uses the default value "default_org_company" to query the data of the default company

header Parameters
Accept-Language
string <= 8 characters

Internationalized language (depending on the language, return content in different languages), the default is the language of the server operating system, en_us for English, zh_cn for Chinese

Responses

Response samples

Content type
application/json
{
  • "username": "userA",
  • "menuPermissions": [
    ],
  • "resCollectionPermissions": [
    ]
}

Query role menu permissions and resource permissions

Query role menu permissions and resource permissions.
If the amount of returned data is too large, there may be performance problems. It is recommended that the total number of role menu permissions and resource permissions to be queried should not exceed 1000.
When the role code does not exist, the returned result data is 0.

query Parameters
roleCode
required
string <= 50 characters
Example: roleCode=roleCode1

role code

header Parameters
Accept-Language
string <= 8 characters

Internationalized language (depending on the language, return content in different languages), the default is the language of the server operating system, en_us for English, zh_cn for Chinese

Responses

Response samples

Content type
application/json
{
  • "roleCode": "roleCodeA",
  • "menuPermissions": [
    ],
  • "resCollectionPermissions": [
    ]
}