openapi: 3.0.0 info: title: Rbac Authorization Privileges APIs. description: Rbac Authorization Privileges APIs. termsOfService: https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/product/vmware-product-guide.pdf contact: name: VMware license: name: Copyright (c) 2020-2021 VMware, Inc. All rights reserved. version: "1.0" servers: - url: /admin/hybridity/api/authz/rbac tags: - name: RbacPrivileges description: Rbac Authorization Privileges Apis paths: /privileges: get: tags: - RbacPrivileges summary: Get all Rbac authorization privileges summary description: This api gives the summary of all the privileges. responses: "200": description: Accepted content: application/json: schema: $ref: '#/components/schemas/privilegesSummary' "401": description: Unauthorized "403": description: Forbidden "500": description: Internal Server Error content: application/json: schema: $ref: '#/components/schemas/errorResponse' /privileges/query: post: tags: - RbacPrivileges summary: Get all Rbac authorization privileges details description: Get all Rbac authorization privileges details operationId: getPrivilegesDetails requestBody: description: Filter object. content: application/json: schema: $ref: '#/components/schemas/filter' required: true responses: "200": description: Accepted content: application/json: schema: $ref: '#/components/schemas/privileges' "401": description: Unauthorized "403": description: Forbidden "400": description: Bad Request content: application/json: schema: $ref: '#/components/schemas/errorResponse' "500": description: Internal Server Error content: application/json: schema: $ref: '#/components/schemas/errorResponse' /userPrivileges: get: tags: - RbacUserPrivileges summary: Get all Rbac authorization privileges for the logged in user description: This api gives the summary of all the privileges for the logged in user. operationId: getUserPrivileges responses: "200": description: Accepted content: application/json: schema: $ref: '#/components/schemas/userPrivileges' "401": description: Unauthorized "403": description: Forbidden "500": description: Internal Server Error content: application/json: schema: $ref: '#/components/schemas/errorResponse' /userPrivileges/query: post: tags: - RbacPrivileges summary: Get all Rbac authorization privileges for the logged in user based on filters provided. description: Get all Rbac authorization privileges for the logged in user based on filters provided. operationId: queryUserPrivileges requestBody: description: Filter object. content: application/json: schema: $ref: '#/components/schemas/userPrivilegesFilter' required: true responses: "200": description: Accepted content: application/json: schema: $ref: '#/components/schemas/queryPrivilegesResponse' "400": description: Bad Request content: application/json: schema: $ref: '#/components/schemas/errorResponse' "500": description: Internal Server Error content: application/json: schema: $ref: '#/components/schemas/errorResponse' components: schemas: privilegesSummary: type: object properties: items: type: array items: $ref: '#/components/schemas/privilegesSummary_items' privileges: type: object properties: items: type: array items: $ref: '#/components/schemas/privileges_items' filter: type: object properties: filter: $ref: '#/components/schemas/filter_filter' userPrivilegesFilter: title: The Root Schema type: object properties: filter: type: array items: $ref: '#/components/schemas/userPrivilegesFilter_filter' queryPrivilegesResponse: type: object properties: items: type: array items: $ref: '#/components/schemas/queryPrivilegesResponse_items' errorResponse: type: object properties: errors: type: array items: $ref: ../../../api-common/swagger/1.0/components/schemas/error.yaml userPrivileges: type: object properties: items: type: array items: type: string privilegesSummary_items: type: object properties: description: type: string id: type: string privilege: type: string enum: - SYSTEM ADMIN - ROLE ADMIN - SYSTEM AUDIT - VIRTUAL INFRASTRUCTURE ADMIN - VIRTUAL INFRASTRUCTURE AUDIT - VIRTUAL INFRASTRUCTURE CONSUME - NETWORK FUNCTION CATALOG DESIGN - NETWORK FUNCTION CATALOG READ - NETWORK FUNCTION CATALOG INSTANTIATE - NETWORK FUNCTION INSTANCE READ - NETWORK FUNCTION INSTANCE LIFECYCLE MANAGEMENT - NETWORK SERVICE CATALOG DESIGN - NETWORK SERVICE CATALOG READ - NETWORK SERVICE CATALOG INSTANTIATE - NETWORK SERVICE INSTANCE READ - NETWORK SERVICE INSTANCE LIFECYCLE MANAGEMENT - PARTNER SYSTEM READ - PARTNER SYSTEM ADMIN - ROLE AUDIT - INFRASTRUCTURE DESIGN - INFRASTRUCTURE LIFECYCLE MANAGEMENT privileges_items: type: object properties: id: type: string description: type: string category: type: string enum: - SYSTEM WIDE - VIRTUAL INFRASTRUCTURE - NETWORK FUNCTION CATALOG - NETWORK SERVICE CATALOG - PARTNER SYSTEM - NETWORK FUNCTION INSTANCE - NETWORK SERVICE INSTANCE - INFRASTRUCTURE accessibleObjects: type: array items: type: string enum: - Network Function Catalog - Network Service Catalog - Network Function Instance - Network Service Instance - Virtual Infrastructure - K8s Cluster Template - K8s Cluster Instance includedPrivileges: type: array items: type: string enum: - SYSTEM ADMIN - ROLE ADMIN - SYSTEM AUDIT - VIRTUAL INFRASTRUCTURE ADMIN - VIRTUAL INFRASTRUCTURE AUDIT - VIRTUAL INFRASTRUCTURE CONSUME - NETWORK FUNCTION CATALOG DESIGN - NETWORK FUNCTION CATALOG READ - NETWORK FUNCTION CATALOG INSTANTIATE - NETWORK FUNCTION INSTANCE READ - NETWORK FUNCTION INSTANCE LIFECYCLE MANAGEMENT - NETWORK SERVICE CATALOG DESIGN - NETWORK SERVICE CATALOG READ - NETWORK SERVICE CATALOG INSTANTIATE - NETWORK SERVICE INSTANCE READ - NETWORK SERVICE INSTANCE LIFECYCLE MANAGEMENT - PARTNER SYSTEM READ - PARTNER SYSTEM ADMIN - ROLE AUDIT - INFRASTRUCTURE DESIGN - INFRASTRUCTURE LIFECYCLE MANAGEMENT privilege: type: string enum: - SYSTEM ADMIN - ROLE ADMIN - SYSTEM AUDIT - VIRTUAL INFRASTRUCTURE ADMIN - VIRTUAL INFRASTRUCTURE AUDIT - VIRTUAL INFRASTRUCTURE CONSUME - NETWORK FUNCTION CATALOG DESIGN - NETWORK FUNCTION CATALOG READ - NETWORK FUNCTION CATALOG INSTANTIATE - NETWORK FUNCTION INSTANCE READ - NETWORK FUNCTION INSTANCE LIFECYCLE MANAGEMENT - NETWORK SERVICE CATALOG DESIGN - NETWORK SERVICE CATALOG READ - NETWORK SERVICE CATALOG INSTANTIATE - NETWORK SERVICE INSTANCE READ - NETWORK SERVICE INSTANCE LIFECYCLE MANAGEMENT - PARTNER SYSTEM READ - PARTNER SYSTEM ADMIN - ROLE AUDIT - INFRASTRUCTURE DESIGN - INFRASTRUCTURE LIFECYCLE MANAGEMENT filter_filter: type: object properties: id: type: array items: type: string roleId: type: array items: type: string userPrivilegesFilter_filter: type: object properties: objectType: type: string enum: - Network Function Catalog - Network Service Catalog - Network Function Instance - Network Service Instance - Virtual Infrastructure - K8s Cluster Template - K8s Cluster Instance objectId: type: array items: type: string queryPrivilegesResponse_items: type: object properties: objectId: type: string objectType: type: string privileges: type: array items: type: string responses: InternalServerError: description: Internal Server Error content: application/json: schema: $ref: '#/components/schemas/errorResponse' BadRequest: description: Bad Request content: application/json: schema: $ref: '#/components/schemas/errorResponse' SucessGetResponse: description: Accepted content: application/json: schema: $ref: '#/components/schemas/privilegesSummary' Privileges: description: Accepted content: application/json: schema: $ref: '#/components/schemas/privileges' QueryPrivilegesResponse: description: Accepted content: application/json: schema: $ref: '#/components/schemas/queryPrivilegesResponse' UserPrivileges: description: Accepted content: application/json: schema: $ref: '#/components/schemas/userPrivileges' securitySchemes: x-hm-authorization: type: apiKey description: Obtained from /hybridity/api/session name: x-hm-authorization in: header