Cybus::User

The Cybus::User resource allows you to create users and, optionally, assign initial permissions.

You can assign user permissions by assigning users to or by directly listing a set of . For better maintainability, using roles is strongly recommended when defining complex permission structures.

The is automatically used as the username for new users.

Username Requirements

Follow these requirements when setting up usernames:

• Minimum length: Three characters

• Allowed characters: Usernames may contain:

  • ASCII letters (both lowercase and uppercase)

  • Numbers

  • Underscore (_)

  • Period (.)

• Pattern: Must follow the regular expression pattern: [a-zA-Z0-9][a-zA-Z0-9_.]*

• Restrictions: Hyphens (-) are not permitted in usernames as they serve as special separators between service IDs and usernames in Connectware's Docker container resource management.

The actual username in the system will be prefixed with the individual (e.g., ServiceID.myUser).

Properties

password

• Is required

• Type: string

• Minimum length: 5 characters

permissions

• Is optional

• Type: object[]; all items must be of the type: object with the following properties:

context

This is the context in which the user permissions for the resource should be interpreted.

• Is required

• Type: enum; the value of this property must be equal to one of the following:

  • mqtt: When describing permissions for MQTT topics.

  • http: When describing permissions for REST API paths.

operation

The allowed access operation to the resource.

• Is required

• Type: enum; the value of this property must be equal to one of the following:

  • read

  • write

  • readWrite

resource

This is the resource path. It can be a RESTful API path or an MQTT topic.

• Is required

• Type: string

roles

• Is optional

• Type: string[]

• All items must be of type: string.

• When referencing roles, you must use the !ref operator to create proper references.

Cybus::User Examples

User with Direct Permissions

myUser:
 type: Cybus::User
  properties:
    password: 'somePassword1'
    permissions:
      - resource: userspace/werner/#
        operation: readWrite
        context: mqtt

User with Role Assignments (Recommended)

# First define a role
operatorRole:
    type: Cybus::Role
    properties:
        permissions:
            - resource: userspace/data/#
              operation: read
              context: mqtt
            - resource: userspace/controls/#
              operation: readWrite
              context: mqtt

# Then assign the role to a user with !ref
productionUser:
    type: Cybus::User
    properties:
        password: 'securePassword123'
        roles:
            - !ref operatorRole