Changes between Version 2 and Version 3 of NewTestbedAPISpec


Ignore:
Timestamp:
Jun 26, 2013 6:16:48 PM (11 years ago)
Author:
faber
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • NewTestbedAPISpec

    v2 v3  
    5757[http://www.isi.edu/~faber/tmp/doc/net/deterlab/testbed/api/Users.html javadoc for Users]
    5858
     59=== Authentication ===
     60
    5961A user can authenticate to the testbed and receive a short-lived client x.509 certificate by requesting a challenge using the {{{requestChallenge}}} operation and responding to the challenge via the {{{challengeResponse}}} operation.
    6062
     
    7981  * Certificate - a binary string containing a PEM-encoded X.509 certificate and private key. (Passed down the encrypted connection)
    8082
     83=== Profile Manipulation ===
    8184
     85DETER keeps metadata about each user called a profile.  The API provides an authenticated user with several interfaces to query and modify their profile information.
    8286
     87In the API each element of profile data is represented as a structure with the following data in it:
    8388
     89 * name of the element
     90 * type of the element
     91  * string
     92  * integer
     93  * double
     94  * binary/opaque
     95 * value(s) of the element
     96 * a flag set if the element is optional
     97 * A flag set if the field can be removed from the profile
     98 * a modification type: elements may be read/write, read-only (e.g., username) or write-only (e.g., password)
     99 * a brief description of the field, intended to be presented by a web interface or other third party program
     100
     101To get a profile schema, for example to create an empty web page,
     102
     103 * '''Service:''' Users
     104 * '''Operation:''' getProfileDescription
     105 * '''Input Parameters:'''
     106 * '''Return Values:'''
     107   * Uid - always empty
     108   * A list of profile elements each containing
     109     * Name - a string, the element's name
     110     * DataType - a string giving the element's
     111       * string
     112       * integer
     113       * double
     114       * binary/opaque
     115     * StringValue - a string containing the element's value, unless it is binary/opaque
     116     * BinaryValue - a byte string containing the element's value if it is binary/opaque
     117     * Access - a 32-bit integer describing the access values (values at [http://www.isi.edu/~faber/tmp/doc/net/deterlab/testbed/user/UserAttribute.html Attribute's javadoc])
     118       * READ_WRITE
     119       * READ_ONLY
     120       * WRITE_ONLY (e.g., password)
     121     * Optional - a flag true if the field is optional (must be present but may be empty)
     122     * Removable - a flag true if the field can be removed
     123     * Description - a string explaining the field
     124
     125To read a user's profile (generally only users can read their own profile).
     126
     127 * '''Service:''' Users
     128 * '''Operation:''' getProfileDescription
     129 * '''Input Parameters:'''
     130  * userid - a string naming the user to be retrieved
     131 * '''Return Values:'''
     132   * Userid - the user whose profile is returned
     133   * A list of profile elements each containing
     134     * Name - a string, the element's name
     135     * DataType - a string giving the element's
     136       * string
     137       * integer
     138       * double
     139       * binary/opaque
     140     * StringValue - a string containing the element's value, unless it is binary/opaque
     141     * BinaryValue - a byte string containing the element's value if it is binary/opaque
     142     * Access - a 32-bit integer describing the access values (values at [http://www.isi.edu/~faber/tmp/doc/net/deterlab/testbed/user/UserAttribute.html Attribute's javadoc])
     143       * READ_WRITE
     144       * READ_ONLY
     145       * WRITE_ONLY (e.g., password)
     146     * Optional - a flag true if the field is optional (must be present but may be empty)
     147     * Removable - a flag true if the field can be removed
     148     * Description - a string explaining the field
     149
     150Finally a user can modify a profile:
     151 
     152 * '''Service:''' Users
     153 * '''Operation:''' getProfileDescription
     154 * '''Input Parameters:'''
     155   * Userid - the user's profile to modify
     156   * A list of change requests. Each request contains
     157     * Name - the name of the field to change
     158     * StringValue - the new value of the field if this is not an opaque/binary field
     159     * BinaryValue - the new value of the field if this is an opaque/binary field
     160     * Delete - a flag, if true delete the field rather than modify it
     161 * '''Return Values:'''
     162   * A list of responses each containing
     163    * Name - astring with the name of the field
     164    * Success - a flag indicating if the request succeeded
     165    * Reason - a string indicating the reason if Success is false
     166
     167=== Creation ===
     168
     169Finally a user can request access to the testbed by creating a profile.  The user has no privileges and consumes minimal resources until they join a vetted project.  This is an unauthenticated call, but the user profile is not created until an automated e-mail exchange is made between the testbed and the proto-user.
     170
     171 * '''Service:''' Users
     172 * '''Operation:''' getProfileDescription
     173 * '''Input Parameters:'''
     174   * Userid - the requested userid
     175   * A list of profile elements each containing
     176     * Name - a string, the element's name
     177     * StringValue - a string containing the element's value, unless it is binary/opaque
     178 * '''Return Values:'''
     179  * None
     180
     181Note that all non-optional fields must be provided, so this is best preceeded by a call to getProfileDescription to learn the fields.