Contact Uscybus.io

Cybus::User

The Cybus::User resource allows you to create users and, optionally, assign initial permissions.

You can assign user permissions by assigning users to roles or by directly listing a set of permissions. For better maintainability, using roles is strongly recommended when defining complex permission structures.

The resource identifier is automatically used as the username for new users.

Username Requirements

Follow these requirements when setting up usernames:

  • Minimum length: Three characters

  • Allowed characters: Usernames may contain:

    • ASCII letters (both lowercase and uppercase)

    • Numbers

    • Underscore (_)

    • Period (.)

  • Pattern: Must follow the regular expression pattern: [a-zA-Z0-9][a-zA-Z0-9_.]*

  • Restrictions: Hyphens (-) are not permitted in usernames as they serve as special separators between service IDs and usernames in Connectware's Docker container resource management.

The actual username in the system will be prefixed with the individual service ID (e.g., ServiceID.myUser).

Properties

Property
Type
Required

string

Required

object[]

Optional

string[]

Optional

password

  • Is required

  • Type: string

  • Minimum length: 5 characters

permissions

This is the list of permissions for this user. We recommend not using this property directly. Instead, define Cybus::Role resources with the list of actual permissions, and add those roles to the roles property.

  • Is optional

  • Type: object[]; all items must be of the type: object with the following properties:

Property
Type
Required

string

Required

string

Required

string

Required

context

This is the context in which the user permissions for the resource should be interpreted.

  • Is required

  • Type: enum; the value of this property must be equal to one of the following:

    • mqtt: When describing permissions for MQTT topics.

    • http: When describing permissions for REST API paths.

operation

The allowed access operation to the resource.

  • Is required

  • Type: enum; the value of this property must be equal to one of the following:

    • read

    • write

    • readWrite

resource

This is the resource path. It can be a RESTful API path or an MQTT topic.

  • Is required

  • Type: string

roles

This is the list of Cybus::Role identifiers for this user that describe the actual permissions. This is the recommended way of specifying permissions.

  • Is optional

  • Type: string[]

  • All items must be of type: string.

  • When referencing roles, you must use the !ref operator to create proper references.

Cybus::User Examples

User with Direct Permissions

myUser:
 type: Cybus::User
  properties:
    password: 'somePassword1'
    permissions:
      - resource: userspace/werner/#
        operation: readWrite
        context: mqtt

User with Role Assignments (Recommended)

# First define a role
operatorRole:
    type: Cybus::Role
    properties:
        permissions:
            - resource: userspace/data/#
              operation: read
              context: mqtt
            - resource: userspace/controls/#
              operation: readWrite
              context: mqtt

# Then assign the role to a user with !ref
productionUser:
    type: Cybus::User
    properties:
        password: 'securePassword123'
        roles:
            - !ref operatorRole
PreviousCybus::ServerNextCybus::Volume

Last updated

Was this helpful?