.. _user/services/structure/resources/user: *********** Cybus::User *********** This resource creates a *user* and optionally assigns initial permissions. See also :ref:`user management`. The permissions for this user can be specified by assigning this user to some `roles`_ (preferred) or by directly listing a set of `permissions`_. The identifier of the resource is also automatically taken as the *username* for the new user. The *username* must be at least 3 characters long. .. note: the definition of the minimum length can be found in .. auth-server/src/models/user/index.js and auth-server/src/swagger/swagger.yaml Properties ========== ============== ============ ============ Property Type Required ============== ============ ============ `password`_ ``string`` **Required** `permissions`_ ``object[]`` Optional `roles`_ ``string[]`` Optional ============== ============ ============ password -------- - is **required** - type: ``string``; must be minimum length: 5 characters .. note: the definition of the minimum length can be found in .. auth-server/src/models/user/index.js and auth-server/src/swagger/swagger.yaml permissions ----------- The list of permissions for this user. It is suggested to not use this property directly, but rather defining :ref:`user/services/structure/resources/role` resources with the list of the actual permissions, and adding those role(s) to the `roles`_ property here. - is optional - type: ``object[]``; all items must be of the type: ``object`` with following properties: ============= ====== ============ Property Type Required ============= ====== ============ `context`_ string **Required** `operation`_ string **Required** `resource`_ string **Required** ============= ====== ============ context ^^^^^^^ The context in which the user permissions for the resource should be interpreted. - is **required** - type: ``enum``; the value of this property **must** be equal to one of the below: - ``mqtt`` when describing permissions for MQTT topics - ``http`` when describing permissions for REST API paths operation ^^^^^^^^^ The allowed access operation to the resource. - is **required** - type: ``enum``; the value of this property **must** be equal to one of the below: - ``read`` - ``write`` - ``readWrite`` resource ^^^^^^^^ Resource path. Can be REST-ful API path or MQTT topic. - is **required** - type: ``string`` roles ----- The list of :ref:`user/services/structure/resources/role` identifiers for this user, which describe the actual permissions. This is the suggested way of specifying actual permissions. - is optional - type: ``string[]`` - All items must be of the type: ``string`` .. _password: #password .. _permissions: #permissions .. _roles: #roles Example ======= .. code-block:: yaml :linenos: myUser: type: Cybus::User properties: password: 'somePassword1' permissions: - resource: userspace/werner/# operation: readWrite context: mqtt