Merge branch 'docs/cleanup-4.8'

Evolveum · Mar 7, 2024 · 16a146a · 16a146a
2 parents 6dd3b75 + b5d87b8
commit 16a146a
Show file tree

Hide file tree

Showing 9 changed files with 751 additions and 99 deletions.
diff --git a/docs/interfaces/rest/endpoints/users.adoc b/docs/interfaces/rest/endpoints/users.adoc
@@ -87,8 +87,10 @@ include::../operations/examples/raw/user-pwd-generate.adoc[]
 == Common Use-case Examples
 
 1. xref:/midpoint/reference/interfaces/rest/operations/examples/create-user/[Create User]
-2. xref:/midpoint/reference/interfaces/rest/operations/examples/get-user-unique-id/[Get user based on his unique identificator]
-3. xref:/midpoint/reference/interfaces/rest/operations/examples/get-user-self/[Get Users Data with Direct and Indirect assignments]
+2. xref:/midpoint/reference/interfaces/rest/operations/examples/get-user-unique-id/[Get User Based on his unique identificator]
+3. xref:/midpoint/reference/interfaces/rest/operations/examples/get-user-self/[Get Users data with direct and indirect assignments]
+4. xref:/midpoint/reference/interfaces/rest/operations/examples/access-request/[User access request]
+5. xref:/midpoint/reference/interfaces/rest/operations/examples/access-request-review/[Access request review]
 
 == UserType JSON Example
 

diff --git a/docs/interfaces/rest/index.adoc b/docs/interfaces/rest/index.adoc
@@ -70,24 +70,34 @@ addition of a *request header*.
 "Content-Type: application/json"
 ----
 
+The following are examples of the content type:
+
 .*Content examples*
 [source,xml]
 ----
 <q:query xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3">
-    <!-- empty query = return all records -->
+    <q:filter>
+        <q:text>name startsWith "a"</q:text>
+    </q:filter>
 </q:query>
 ----
 
 [source,json]
 ----
 {
-  "query" : ""
+  "query": {
+    "filter": {
+      "text": "name startsWith \"a\""
+    }
+  }
 }
 ----
 
 [source,yaml]
 ----
-query: "\n    \n"
+query:
+  filter:
+    text: "name startsWith \"a\""
 ----
 
 ==== Reply ("Accept") Content Types
@@ -108,28 +118,26 @@ You could have multiple different types of output format:
 .*Reply content type examples*
 [source,xml]
 ----
-<t:object xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3" xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3" xmlns:apti="http://midpoint.evolveum.com/xml/ns/public/common/api-types-3" xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3" xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"
- xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3"
- xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
- xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:type="apti:ObjectListType">
-    <apti:object oid="a9885c61-c442-42d8-af34-8182a8653e3c" version="" xsi:type="c:UserType">
-        <name>Jack</name>
+<t:object xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
+xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
+xmlns:apti="http://midpoint.evolveum.com/xml/ns/public/common/api-types-3"
+xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
+xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"
+xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3"
+xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
+xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
+xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+xsi:type="apti:ObjectListType">
+
+    <apti:object oid="6506b8f0-9e34-4197-bba1-bd1f75820f12" version="1" xsi:type="c:UserType">
+        <name>adam</name>
         <metadata/>
         <operationExecution/>
-        <assignment/>
         <iteration>0</iteration>
         <iterationToken/>
-        <roleMembershipRef/>
-        <linkRef oid="062ac29f-f296-4824-aeab-9a0feb9e8bd3" relation="org:default" type="c:ShadowType"/>
         <activation/>
-        <emailAddress>jacko@evolveum.com</emailAddress>
-        <credentials/>
-        <givenName>Jack</givenName>
-        <familyName>Sparrow</familyName>
     </apti:object>
-    <apti:object oid="00000000-0000-0000-0000-000000000002" version="" xsi:type="c:UserType">
+    <apti:object oid="00000000-0000-0000-0000-000000000002" version="905" xsi:type="c:UserType">
         <name>administrator</name>
         <description>Description parameter modified via REST</description>
         <metadata/>
@@ -149,56 +157,47 @@ You could have multiple different types of output format:
     </apti:object>
 </t:object>
 
+
 ----
 
 [source,json]
 ----
 {
-	"@ns": "http://prism.evolveum.com/xml/ns/public/types-3",
-	"object": {
-		"@type": "http://midpoint.evolveum.com/xml/ns/public/common/api-types-3#ObjectListType",
-		"object": [
-			{
-				"@type": "c:UserType",
-				"oid": "a9885c61-c442-42d8-af34-8182a8653e3c",
-				"version": "",
-				"name": "Jack",
-				"metadata": {},
-				"operationExecution": [],
-				"assignment": [],
-				"iteration": 0,
-				"iterationToken": "",
-				"roleMembershipRef": [],
-				"linkRef": {},
-				"activation": {},
-				"emailAddress": "jacko@evolveum.com",
-				"credentials": {},
-				"givenName": "Jack",
-				"familyName": "Sparrow"
-			},
-			{
-				"@type": "c:UserType",
-				"oid": "00000000-0000-0000-0000-000000000002",
-				"version": "",
-				"name": "administrator",
-				"description": "Description parameter modified via REST",
-				"metadata": {},
-				"operationExecution": [],
-				"indestructible": true,
-				"assignment": [],
-				"iteration": 0,
-				"iterationToken": "",
-				"archetypeRef": {},
-				"roleMembershipRef": [],
-				"activation": {},
-				"credentials": {},
-				"behavior": {},
-				"fullName": "midPoint Administrator",
-				"givenName": "midPoint",
-				"familyName": "Administrator"
-			}
-		]
-	}
+  "@ns" : "http://prism.evolveum.com/xml/ns/public/types-3",
+  "object" : {
+    "@type" : "http://midpoint.evolveum.com/xml/ns/public/common/api-types-3#ObjectListType",
+    "object" : [ {
+      "@type" : "c:UserType",
+      "oid" : "6506b8f0-9e34-4197-bba1-bd1f75820f12",
+      "version" : "1",
+      "name" : "adam",
+      "metadata" : {},
+      "operationExecution" : {},
+      "iteration" : 0,
+      "iterationToken" : "",
+      "activation" : {}
+    }, {
+      "@type" : "c:UserType",
+      "oid" : "00000000-0000-0000-0000-000000000002",
+      "version" : "903",
+      "name" : "administrator",
+      "description" : "Description parameter modified via REST",
+      "metadata" : {},
+      "operationExecution" : [],
+      "indestructible" : true,
+      "assignment" : [],
+      "iteration" : 0,
+      "iterationToken" : "",
+      "archetypeRef" : {},
+      "roleMembershipRef" : [],
+      "activation" : {},
+      "credentials" : {},
+      "behavior" : {},
+      "fullName" : "midPoint Administrator",
+      "givenName" : "midPoint",
+      "familyName" : "Administrator"
+    } ]
+  }
 }
 ----
 
@@ -209,27 +208,17 @@ You could have multiple different types of output format:
 object: !<http://midpoint.evolveum.com/xml/ns/public/common/api-types-3/ObjectListType>
   object:
   - !<http://midpoint.evolveum.com/xml/ns/public/common/common-3/UserType>
-    oid: "a9885c61-c442-42d8-af34-8182a8653e3c"
-    version: ""
-    name: "Jack"
+    oid: "6506b8f0-9e34-4197-bba1-bd1f75820f12"
+    version: "1"
+    name: "adam"
     metadata:
     operationExecution:
-    assignment:
     iteration: 0
     iterationToken: ""
-    roleMembershipRef:
-    linkRef:
-      oid: "062ac29f-f296-4824-aeab-9a0feb9e8bd3"
-      relation: "org:default"
-      type: "c:ShadowType"
     activation:
-    emailAddress: "jacko@evolveum.com"
-    credentials:
-    givenName: "Jack"
-    familyName: "Sparrow"
   - !<http://midpoint.evolveum.com/xml/ns/public/common/common-3/UserType>
     oid: "00000000-0000-0000-0000-000000000002"
-    version: ""
+    version: "907"
     name: "administrator"
     description: "Description parameter modified via REST"
     metadata:
@@ -239,16 +228,14 @@ object: !<http://midpoint.evolveum.com/xml/ns/public/common/api-types-3/ObjectLi
     iteration: 0
     iterationToken: ""
     archetypeRef:
-      oid: "00000000-0000-0000-0000-000000000300"
-      relation: "org:default"
-      type: "c:ArchetypeType"
     roleMembershipRef:
     activation:
     credentials:
     behavior:
     fullName: "midPoint Administrator"
     givenName: "midPoint"
     familyName: "Administrator"
+
 ----
 
 === REST Endpoints
@@ -280,12 +267,13 @@ xref:/midpoint/reference/interfaces/midpoint-client-java/[MidPoint Client Librar
 [#_common_use_cases]
 == Common Use Cases
 
-// TODO add links
-
 1. xref:/midpoint/reference/interfaces/rest/operations/examples/search-objects-filter.adoc[List all users with their profile information.]
 2. xref:/midpoint/reference/interfaces/rest/operations/examples/get-user-unique-id.adoc[Get User with the REST API]
 3. xref:/midpoint/reference/interfaces/rest/operations/examples/create-user.adoc[Create User with the REST API]
-4. xref:/midpoint/reference/interfaces/rest/operations/examples/user-pwd-reset.adoc[Password Reset by Administrator]
+4. xref:/midpoint/reference/interfaces/rest/operations/examples/user-pwd-reset.adoc[Password reset by Administrator]
+5. xref:/midpoint/reference/interfaces/rest/operations/examples/access-request/[User access request]
+6. xref:/midpoint/reference/interfaces/rest/operations/examples/access-request-review/[Access request review]
+
 
 == See Also
 

diff --git a/docs/interfaces/rest/operations/examples/access-request-review.adoc b/docs/interfaces/rest/operations/examples/access-request-review.adoc
@@ -0,0 +1,83 @@
+= Access Request Review
+:page-nav-title: Access Request Review
+:page-display-order: 800
+:page-toc: top
+
+== Description
+
+[NOTE]
+====
+This use-case is only *partially* supported in the current state of the REST api. A "piece of the puzzle" is still missing.
+Please endorse the development of the link:https://support.evolveum.com/projects/midpoint/work_packages/6067/activity[missing functionality] with your midPoint subscription.
+====
+
+The example represents a use-case where an authorized user requested for access (e.g. role assignment request). Now as
+an approver we are capable of listing all open work items assigned to us and choose an approval action.
+The workflow is based on the default "approval" mechanism of midPoint where a specific user is assigned with the 'approver' relation to a role which assignment should be approved by him.
+
+.Authentication methods used to work with the REST api
+xref:/midpoint/reference/interfaces/rest/concepts/authentication/#_basic_authentication[Authentication methods]
+
+== Example
+
+include::../../raw/curl-env-note.adoc[]
+
+For some help regarding the REST examples please see this link:
+
+xref:/midpoint/reference/interfaces/rest/concepts/using-rest-examples.adoc[How to use MidPoint REST examples]
+
+We are following up to the example described in xref:../examples/access-request.adoc[this] documentation article.
+
+1. To be able to read the created work items the user needs to have a set of authorizations approving these actions. (See example)
+2. Execute the search request as the user which wants to review his cases.
+3. Select a specific case and *execute the action* which you would like to take with this case. #not yet implemented, please endorse link:https://support.evolveum.com/projects/midpoint/work_packages/6067/activity[this] improvement#
+
+[NOTE]
+====
+
+Additionally, to the *REST Search Objects* role seen bellow, in out example we also used the
+out-of-the-box "Approver" role which is a part of every midPoint distribution package. The first one supplies
+us with UI authorizations the second with the Model authorizations
+
+====
+
+.*Show* example authorization for *"Search for Open Cases For Specific Reviewer"* | link:https://raw.githubusercontent.com/Evolveum/midpoint-samples/master/samples/roles/role-authz-search-get-rest.xml[GitHub]
+[%collapsible]
+====
+[source, xml]
+----
+<role xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
+        xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
+        xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"
+        xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3"
+        xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
+        xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
+        xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
+        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+        oid="04f5680a-b400-45c1-8522-946f39b6389d"
+        version="1">
+
+    <name>REST Search Objects</name>
+    <description></description>
+    <activation/>
+    <authorization>
+        <name>rest-search</name>
+        <description></description>
+        <action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-rest-3#searchObjects</action>
+    </authorization>
+    <authorization>
+        <name>rest-search</name>
+        <description></description>
+        <action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-rest-3#getObject</action>
+    </authorization>
+</role>
+
+----
+====
+
+include::../examples/raw/search-case-open-review.adoc[]
+
+== See Also
+
+- xref:/midpoint/reference/interfaces/rest/concepts/media-types-rest/[Supported Media Types]
+- xref:/midpoint/reference/interfaces/rest/concepts/authentication/[Authentication]