User
m (→cURL example) |
m (→cURL example) |
||
Line 100: | Line 100: | ||
=== cURL example === | === cURL example === | ||
curl -X GET -H 'subjectid:TOKEN' http://toxbanktest1.opentox.org:8080/toxbank/user/U2/organisation | curl -X GET -H 'subjectid:TOKEN' http://toxbanktest1.opentox.org:8080/toxbank/user/U2/organisation | ||
+ | |||
+ | |||
+ | == Add project/organisation to the user profile == | ||
+ | |||
+ | === cURL example === | ||
+ | curl -X POST -H 'subjectid:TOKEN' -H 'Content-Type:application/x-www-form-urlencoded' -d 'organisation_uri=ORGANISATION_URI' http://toxbanktest1.opentox.org:8080/toxbank/user/U2/organisation | ||
+ | |||
+ | |||
+ | == Remove project/organisation from the user profile == | ||
+ | |||
+ | === cURL example === | ||
+ | curl -X DELETE -H 'subjectid:TOKEN' -H 'Content-Type:application/x-www-form-urlencoded' http://toxbanktest1.opentox.org:8080/toxbank/user/U2/organisation/G1 | ||
== GET: Retrieve Studies by User == | == GET: Retrieve Studies by User == |
Revision as of 16:30, 17 January 2012
User |
---|
An User is a REST resource,representing users from SEURAT cluster, or external users. An User is identified by its URI, and may be assigned an LDAP user name. The LDAP user name should be one of the existing ToxBank LDAP accounts and accessible via ToxBank OpenAM. External users may or may not be assigned an LDAP user name.
A Protocol is always associated with a single user, considered its owner, and the protocol representation includes a link to the owner URI. The owner URI should be an user with a valid LDAP user name. The protocol owner is assigned automatically, when the protocol is uploaded by a logged-in user. Non registered users are not allowed to upload protocols.
A Protocol may be associated with one or more users, considered its authors. The protocol representation includes links to the author URIs.
REST interface
GET: Retrieve users
Description | Retrieve list of users |
---|---|
Resource | User |
Method | GET |
URI | /user |
Parameters | none, or ?search=prefix_of_firstname_or_lastname or paging parameters: page, pagesize or ?username=USERNAME |
Header Parameters | subjectid:SECURITY-TOKEN |
Media Type (input) | none |
Results | The project representation in supported media type |
Media Type (output) | application/rdf+xml;text/n3;text/uri-list |
Status code | 200,400,401,402,403 |
Links: Page, Edit with form
Example: http://toxbanktest1.opentox.org:8080/toxbank/user
cURL example
curl -X GET -H 'Accept:text/uri-list' -H 'subjectid:TOKEN' http://toxbanktest1.opentox.org:8080/toxbank/user
curl -X GET -H 'Accept:application/rdf+xml' -H 'subjectid:TOKEN' http://toxbanktest1.opentox.org:8080/toxbank/user?search=J
curl -X GET -H 'Accept:application/rdf+xml' -H 'subjectid:TOKEN' http://toxbanktest1.opentox.org:8080/toxbank/user?username=guest
curl -X GET -H 'Accept:text/uri-list' -H 'subjectid:TOKEN' http://toxbanktest1.opentox.org:8080/toxbank/user?page=0&pagesize=5
GET: Retrieve user details
Description | Retrieve user details |
---|---|
Resource | User |
Method | GET |
URI | /user/{obfuscated_id} |
Parameters | none |
Header Parameters | subjectid:SECURITY-TOKEN |
Media Type (input) | none |
Results | The user representation in supported media type |
Media Type (output) | application/rdf+xml;text/n3;text/uri-list |
Status code | 200,400,401,402,403 |
Links: Page, Edit with form
cURL example
curl -X GET -H 'Accept:application/rdf+xml' -H 'subjectid:TOKEN' http://toxbanktest1.opentox.org:8080/toxbank/user/U1
POST: Create an User
Description | Creates an user |
---|---|
Resource | User |
Method | POST |
URI | /user |
Parameters | (see the cURL example) |
Header Parameters | subjectid:SECURITY-TOKEN |
Media Type (input) | application/x-www-form-urlencoded |
Results | Task representation in supported MIME formats |
Media Type (output) | application/rdf+xml;text/n3;text/uri-list |
Status code | 200,202,400,401,402,403,500 |
Example: http://toxbanktest1.opentox.org:8080/toxbank/user
cURL example
curl -X POST -H 'subjectid:TOKEN' -H 'Content-Type:application/x-www-form-urlencoded' \ -d 'username=VALUE' -d 'title=VALUE' -d 'firstname=VALUE' -d 'lastname=VALUE' \ -d 'institute=VALUE' -d 'weblog=VALUE' -d 'homepage=VALUE' http://toxbanktest1.opentox.org:8080/toxbank/user
PUT: Update an user
Description | Updates the user properties |
---|---|
Resource | User |
Method | PUT |
URI | /user/{id} |
Parameters | (see cURL examples) |
Header Parameters | subjectid:SECURITY-TOKEN |
Media Type (input) | application/x-www-form-urlencoded |
Results | Task representation in supported MIME formats |
Media Type (output) | application/rdf+xml;text/n3;text/uri-list |
Status code | 200,202,400,401,402,403,500 |
cURL example
curl -X PUT -H 'subjectid:TOKEN' -H 'Content-Type:application/x-www-form-urlencoded' \ -d 'username=VALUE' -d 'title=VALUE' -d 'firstname=VALUE' -d 'lastname=VALUE' \ -d 'institute=VALUE' -d 'weblog=VALUE' -d 'homepage=VALUE' http://toxbanktest1.opentox.org:8080/toxbank/user
DELETE: Delete an user
Description | Removes an existing user |
---|---|
Resource | User |
Method | DELETE |
URI | /user/{id} |
Parameters | none |
Header Parameters | subjectid:SECURITY-TOKEN |
Media Type (input) | none |
Results | Task representation in supported MIME formats |
Media Type (output) | application/rdf+xml;text/n3;text/uri-list |
Status code | 200,202,400,401,402,403,500 |
cURL example
curl -X DELETE -H 'subjectid:TOKEN' http://toxbanktest1.opentox.org:8080/toxbank/user/U2
GET: Retrieve Protocols by User
Same as API_Protocol:RetrieveList, but filtered by the user.
Description | Retrieves list of protocols, including metadata, filtered by the user |
---|---|
Resource | User |
Method | GET |
URI | /user/{obfuscated_id}/protocols |
Parameters | TBD , search parameters to query/filter protocols |
Header Parameters | subjectid:SECURITY-TOKEN |
Media Type (input) | none |
Results | List of protocols in supported MIME formats |
Media Type (output) | text/uri-list, RDF, JSON, XML |
Status code | 200, 400, 401, 402, 403 |
Links: Page, Edit with form
cURL example
curl -X GET -H 'subjectid:TOKEN' http://toxbanktest1.opentox.org:8080/toxbank/user/U2/protocol
GET: Retrieve Projects by User
cURL example
curl -X GET -H 'subjectid:TOKEN' http://toxbanktest1.opentox.org:8080/toxbank/user/U2/project
GET: Retrieve Organisation by User
cURL example
curl -X GET -H 'subjectid:TOKEN' http://toxbanktest1.opentox.org:8080/toxbank/user/U2/organisation
Add project/organisation to the user profile
cURL example
curl -X POST -H 'subjectid:TOKEN' -H 'Content-Type:application/x-www-form-urlencoded' -d 'organisation_uri=ORGANISATION_URI' http://toxbanktest1.opentox.org:8080/toxbank/user/U2/organisation
Remove project/organisation from the user profile
cURL example
curl -X DELETE -H 'subjectid:TOKEN' -H 'Content-Type:application/x-www-form-urlencoded' http://toxbanktest1.opentox.org:8080/toxbank/user/U2/organisation/G1
GET: Retrieve Studies by User
Same as API_Study:RetrieveList, but filtered by the user.
Description | Retrieves list of studies, including metadata, filtered by the user |
---|---|
Resource | User |
Method | GET |
URI | /user/{obfuscated_id}/study |
Parameters | TBD , search options to query/filter studies |
Header Parameters | subjectid:SECURITY-TOKEN |
Media Type (input) | none |
Results | List of studies in supported Media Type formats |
Media Type (output) | text/uri-list, RDF, JSON, XML |
Status code | 200,400,401,402,403 |
Links: Page, Edit with form
GET: Retrieve alerts by User
Description | Retrieves list of alerts, filtered by the user |
---|---|
Resource | User |
Method | GET |
URI | /user/{obfuscated_id}/alerts |
Parameters | TBD , search options to query/filter alerts |
Header Parameters | subjectid:SECURITY-TOKEN |
Media Type (input) | none |
Results | List of alerts in supported Media Type formats |
Media Type (output) | text/uri-list;application/rdf+xml;text/n3 |
Status code | 200,400,401,402,403 |
Links: Page, Edit with form
cURL example
curl -X GET -H 'subjectid:TOKEN' http://toxbanktest1.opentox.org:8080/toxbank/user/U2/alert
Security
Only a logged in user is allowed to modify content under its URI /user/{id}
Q: what part of the information should be visible to others? e.g. to display authors? Everything except LDAP username?
Only an admin user allowed to create new users at /user
Registered users
Should have URI in Toxbank system, and assigned LDAP username. LDAP/OpenAM backend to be synced with the User service.
Non-registered users
Could have an user URI in Toxbank system, but not LDAP username
RDF representation
RDF N3 example: User.full.n3
This RDF representation is automatically generated by the latest version of the Toxbank Java client library
HasOperation | RetrieveList +, Details +, RetrieveProtocols +, RetrieveStudies + and RetrieveAlerts + |