5.2.2. Ресурсы Universal sets of permissions

class nextgisweb.resource.scope.ResourceScope[source]

Base set of resource permissions

read = <Permission 'read' in scope 'resource'>

Read: ability to read class, name and key of the resource. Most of the other permissions depend on Read, for example Update, so you can’t change a resource if you can’t read it.

create = <Permission 'create' in scope 'resource'>

Create: a little bit fuzzy rule that is not used currently. The idea was to check Create permission while creating a new resource, but currenty only manage_children permission is checked for child resource. Possibly will have to return to this one as it is impossible to restrict creation of resources with certain types without this rule.

update = <Permission 'update' in scope 'resource'>

Update: change name and key of the resource analogous to read. Doesn’t affect changes to any other attributes.

delete = <Permission 'delete' in scope 'resource'>

Delete: permission to remove this resource. Besides that to really remove a resource one will also need manage_children permission for parent resource.

manage_children = <Permission 'manage_children' in scope 'resource'>

Manage children resources

change_permissions = <Permission 'change_permissions' in scope 'resource'>

Manage permissions

class nextgisweb.resource.scope.MetadataScope[source]

Set of permissions for resource metadata. Typical example of resource metadata - is its description in free form. This description doesn’t affect anything it’s change doesn’t change data structure or anything else. As every resource has description this set of permissions is included for all resources at Resource class level.

read = <Permission 'read' in scope 'metadata'>


write = <Permission 'write' in scope 'metadata'>


class nextgisweb.resource.scope.DataStructureScope[source]

Set of permissions for data structure, for example fields structure of vector layer, its change might lead to change in data itself.

read = <Permission 'read' in scope 'datastruct'>


write = <Permission 'write' in scope 'datastruct'>


class nextgisweb.resource.scope.DataScope[source]

Set of permissions for data access

read = <Permission 'read' in scope 'data'>


write = <Permission 'write' in scope 'data'>


class nextgisweb.resource.scope.ConnectionScope[source]

Set of permissions for external connection parameters. In some cases we need to store access parameters to external resources. These parameters may be sensitive, logins and passwords to access remote DB for example.

class nextgisweb.resource.scope.ServiceScope[source]

Set of permissions for services such as WMS or WFS. This is needed to separate permissions for service parameters and its actual usage. Though if service is using other resources inside, we need to their permissions separately.

connect = <Permission 'connect' in scope 'service'>


configure = <Permission 'configure' in scope 'service'>

Configuration HTTP API

GET /api/resource/{id}

Получить JSON представление ресурса. Для вызова этого метода необходимо как минимум право чтения ресурса.

PUT /api/resource/{id}

Изменить ресурс в соответствии с переданным JSON. Так же необходимо право чтения ресурса.

DELETE /api/resource/{id}

Удалить ресурс.

GET /api/resource/

Выбрать ресурсы и получить JSON.

  • parent (integer) – Идентификатор ресурса-родителя.
POST /api/resource/

Создать ресурс в соответствии с JSON.

  • parent (integer) – Идентификатор ресурса-родителя, так же может быть передан в JSON.
  • cls (string) – Идентификатор класса создаваемого ресурса.