Versions Compared

Old Version 5

changes.mady.by.user ravinder kumar

Saved on

compared with

New Version 6

changes.mady.by.user ravinder kumar

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Expand
titleAPI to get meta data + datasets

Proposed response structure - to get meta + datasets.

Success Scenario - Status Code 200

Code Block
languagejson
{
    "id": "api.report.read",
    "ver": "string",
    "ts": "timestamp",
    "params": {
      "resmsgid": "string",
      "msgid": "string",
      "status": "success",
      "err": "string",
      "errmsg": "string"
    },
    "responseCode": "OK",
    "result": {
        "metadata": {... similar to above API},
        "datasets": {
            "dataset_one_example": {
                "isParameterized": true,
                "parameters": ["$state"],
                "data": {
                    "rj": {
                        "signedUrl": "url"
                    },
                    "tn": {
                        "signedUrl": "url"
                    },
                }
    "...otherParameters": {
           },             "dataset_two_examplesignedUrl": {"url"
                "isParameterized": false,   }
             "parameters": null,  }
            },
 "data": {          "dataset_two_example": {
         "default": {        "isParameterized": false,
                "signedUrlparameters": "url"null,
                "data": {
  }                 } "default": {
          }         }     }
}
Error Response
Unauthorized Access - Status Code 401
Code Block
{
    "id"signedUrl": "api.report.read",url"
     "ver": "v1",     "ts": "timestamp",     "params": {   }
         "resmsgid": null,      }
  "msgid": "string",         "err": "UNAUTHORIZED_USER",}
        }
"status": "UNAUTHORIZED_USER",   }
}


Error Response

Unauthorized Access - Status Code 401

Code Block
languagejson
{
    "errmsgid": "You are not authorized."api.report.read",
    }"ver": "v1",
    "responseCodets": "UNAUTHORIZEDtimestamp",
    "resultparams": {}
}
Internal Server Error - Status Code - 500
Code Block
{
        "idresmsgid": "api.report.read"null,
  "ver": "v1",      "tsmsgid": "timestampstring",
  "params": {     "resmsgiderr": null"UNAUTHORIZED_USER",
    "msgid": "string",     "errstatus": "stringUNAUTHORIZED_USER",
    "status": "SERVER_ERROR",     "errmsg": "string"You are not authorized."
    },
    "responseCode": "SERVER_ERRORUNAUTHORIZED",
    "result": {}
}


Invalid Report Id Internal Server Error - Status Code 404- 500

Code Block
languagejson
{
  "id": "api.report.read",
  "ver": "v1",
  "ts": "1.0.0timestamp",
  "params": {
    "resmsgid": "string"null,
    "msgid": null"string",
    "statuserr": "failedstring",
    "errstatus": null"SERVER_ERROR",
    "errmsg": "no report foundstring"
  },
  "responseCode": "stringSERVER_ERROR",
  "result": {}
}

Access Controls

...

visibility :

  • Type - string

  • Enum - [ Public, private ]

  • Description - Validates the visibility of the report whether it’s public or private

...

authorizedRoles:

  • Type - [string] or string

  • Description - Roles authorized to read the report

...

tenant :

  • Type - [string] or string

  • Description - tenants authorized to read the report.

showOnDashboard:

...

Type - boolean

...

Default: true

...


Invalid Report Id - Status Code 404

Code Block
languagejson
{
  "id": "api.report.read",
  "ver": "1.0.0",
  "params": {
    "resmsgid": "string",
    "msgid": null,
    "status": "failed",
    "err": null,
    "errmsg": "no report found"
  },
  "responseCode": "string",
  "result": {}
}

...

Access Control Spec

  • Controls who can access a report based on certain rules.

  • This can be achieved using two attributes visibility and accessPath.

Visibility

It can be defined both at the report level or it's children (i.e table, chart, map etc ) within a report.

Visibility

Access

public (default)

Accessible by all users. Anyone can discover and consume these Reports.

protected

Accessible only to a limited set of users based on a criteria.

Default can be users belonging to the same organisation or tenant etc.

private

Similar to “protected” - accessible only to a limited set of users defined by the “access path” attribute.

parent

Accessible only from within the parent object, i.e access to the users is based on the visibility of the parent object.

Can be defined at chart, table or map defined within a parent report.

AccessPath

This attribute is applicable for Reports with “protected” or “private” visibility only. This attribute can be used to restrict the access based on or more of the following criteria: organisation, role, group, user id, and location.

AccessPath interface is as follows :-
**Note - All keys are optional.

Code Block
languagejson
interface IAccessPath {
  organisation: Array<string> | string;
  role: Array<string> | string;
  tenant: Array<string> | string;
  channel: Array<string> | string;
  group: Array<string> | string;
  userType: Array<string> | string;
  framework: Array<string> | string;
  isSuperAdmin: Array<string> | string;
  board: Array<string> | string;
  userId: Array<string> | string;
  userLocation: {
    state: Array<string> | string;
    district: Array<string> | string;
    block: Array<string> | string;
  };
  ...anyOtherAttribute: any
}

...

Resources

...