zhangyue
8d1d100b18
Reviewed-by: Miskanin, Jan <jan.miskanin@t-systems.com> Reviewed-by: Sabelnikov, Dmitriy <dmitriy.sabelnikov@t-systems.com> Co-authored-by: zhangyue <zhangyue164@huawei.com> Co-committed-by: zhangyue <zhangyue164@huawei.com>
26 KiB
Creating a Permission Rule
Function
This API is used to create a permission rule.
URI
POST /v1/{project_id}/sfs-turbo/shares/{share_id}/fs/perm-rules
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
project_id |
Yes |
String |
Project ID |
share_id |
Yes |
String |
File system ID |
Request Parameters
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
X-Auth-Token |
Yes |
String |
Account token |
Content-Type |
Yes |
String |
MIME type |
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
rules |
Yes |
Array of Table 4 objects |
Permission rule details. A maximum of five rules can be created at a time. |
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
rw_type |
Yes |
String |
Read/write permission of the object to be authorized. The value can be rw (read and write permission), ro (read only permission), or none (no access permission). The default value is rw. |
user_type |
Yes |
String |
File system access permission granted to the user of the object to be authorized. The value can be no_root_squash, root_squash, or all_squash. Value no_root_squash allows the root user on the client to access the file system as root. Value root_squash allows the root user on the client to access the file system as nfsnobody. Value all_squash allows any user on the client to access the file system as nfsnobody. |
ip_cidr |
Yes |
String |
IP address or IP address range of the object to be authorized |
Response Parameters
Status code: 200
Parameter |
Type |
Description |
|---|---|---|
rules |
Array of Table 6 objects |
Permission rule details |
Parameter |
Type |
Description |
|---|---|---|
id |
String |
Permission rule ID |
ip_cidr |
String |
IP address or IP address range of the authorized object |
rw_type |
String |
Read/write permission of the authorized object. The value can be rw (read and write permission), ro (read only permission), or none (no access permission). The default value is rw. |
user_type |
String |
File system access permission granted to the user of the authorized object. The value can be no_root_squash, root_squash, or all_squash. Value no_root_squash allows the root user on the client to access the file system as root. Value root_squash allows the root user on the client to access the file system as nfsnobody. Value all_squash allows any user on the client to access the file system as nfsnobody. |
Status code: 400
Parameter |
Type |
Description |
|---|---|---|
errCode |
String |
Error code Minimum length: 8 characters Maximum length: 36 characters |
errMsg |
String |
Error message Minimum length: 2 characters Maximum length: 512 characters |
Status code: 500
Parameter |
Type |
Description |
|---|---|---|
errCode |
String |
Error code Minimum length: 8 characters Maximum length: 36 characters |
errMsg |
String |
Error message Minimum length: 2 characters Maximum length: 512 characters |
Example Request
{
"rules" : [ {
"ip_cidr" : "192.168.0.0/16",
"rw_type" : "rw",
"user_type" : "no_root_squash"
}, {
"ip_cidr" : "192.32.0.0/16",
"rw_type" : "rw",
"user_type" : "no_root_squash"
} ]
}
Example Response
{
"rules": [
{
"id": "2be0cc3d-cf1e-49d5-bce3-83e91e32ff42",
"ip_cidr": "*",
"rw_type": "rw",
"user_type": "no_root_squash"
},
{
"id": "d56a5130-6744-4a64-866b-9dc259f5a64c",
"ip_cidr": "192.32.0.0/16",
"rw_type": "ro",
"user_type": "no_root_squash"
}
],
"count": 2
}
Status code: 200
Successful creation
Status code: 400
Error response
{
"errCode" : "SFS.TURBO.0001",
"errMsg" : "Rules not allowed empty"
}
Status code: 500
Error response
{
"errCode" : "SFS.TURBO.0005",
"errMsg" : "Internal server error"
}
Status Codes
Status Code |
Description |
|---|---|
200 |
Successful creation |
400 |
Error response |
500 |
Error response |