Defines management of authentication tokens. Some API calls may be used only with a valid auth_token parameter. Otherwise the API calls will result into a denied access response. A value which is valid for an auth_token is the logged user's session ID. The session ID can be fetched by SK.Singletons.env.get( 'session_id' ).
access.add
- auth_token
- name
- extra - specifies database permissions for the current token. The tokens can be related to the following groups of API calls:
1. Database operations (db.*). The structure is the following:
{ "db_permissions": [ { "databases": [ "", "", ... ], /* If this is ['*'] then it applies to all databases owned by the user */ "permissions": { /* At least one of the possible permission flags below should be available */ "get": <0 or 1>, /* Read data */ "update": <0 or 1>, /* Update cells */ "add": <0 or 1>, /* Add rows, columns, databases */ "remove": <0 or 1>, /* Remove rows, columns, databases */ "alter": <0 or 1> /* Change database components' meta information — adding/updating/removing databases/virtual databases/columns */ } }, { "databases": [ "<....>", "<...>", ... ], "permissions": { ... } }, ... ] } |
2. Stock images (site.stock_images.*). The structure is the following:
{ "stock_images": "0" or "1" // "1" means "enabled" } |
Adds a new authentication token for the user who owns the passed auth_token. If a database ID exists on several places in the "databases" array, the permissions are overlapped in the order the database ID exists.
Returns a hash with information about the token:
{ "id": "", "token": "", "name": "", "extra": {...the information you've placed...} } |
access.get
- auth_token
- token_id - the "id" of the token
Returns information about the given token_id.
Returns a hash like access.add.
access.get_all
- auth_token
Returns all authentication tokens for the owner of the auth_token.
Returns an array of hashes. Each of the hash structures has the same structure as the returned value of access.add.
access.update
- auth_token
- token_id
- meta — a hash with the following keys (at least one of them should exist) — name, extra. The semantic of the values for these keys is the same as for access.add
Updates the meta information of a given token.
Returns the same as for access.add
access.remove
- auth_token
- token_id
Removes a given token by its ID.
Returns only error code.