我的书签
添加书签
移除书签> Role object
The following objects are directly related to the role API.
Role
The role object has the following properties:
| Property | Type | Description |
|---|---|---|
| roleid | string | ID of the role. Property behavior: - read-only - required for update operations |
| name | string | Name of the role. Property behavior: - required for create operations |
| type | integer | User type. Possible values: 1 - (default) User; 2 - Admin; 3 - Super admin. Property behavior: - required for create operations |
| readonly | integer | Whether the role is readonly. Possible values: 0 - (default) No; 1 - Yes. Property behavior: - read-only |
Role rules
The role rules object has the following properties:
| Property | Type | Description |
|---|---|---|
| ui | array | Array of the UI element objects. |
| ui.default_access | integer | Whether access to new UI elements is enabled. Possible values: 0 - Disabled; 1 - (default) Enabled. |
| services.read.mode | integer | Read-only access to services. Possible values: 0 - Read-only access to the services, specified by the services.read.list or matched by the services.read.tag properties;1 - (default) Read-only access to all services. |
| services.read.list | array | Array of Service objects. The specified services, including child services, will be granted a read-only access to the user role. Read-only access will not override read-write access to the services. Property behavior: - supported if services.read.mode is set to “0” |
| services.read.tag | object | Array of Service tag object. The tag matched services, including child services, will be granted a read-only access to the user role. Read-only access will not override read-write access to the services. Property behavior: - supported if services.read.mode is set to “0” |
| services.write.mode | integer | Read-write access to services. Possible values: 0 - (default) Read-write access to the services, specified by the services.write.list or matched by the services.write.tag properties;1 - Read-write access to all services. |
| services.write.list | array | Array of Service objects. The specified services, including child services, will be granted a read-write access to the user role. Read-write access will override read-only access to the services. Property behavior: - supported if services.write.mode is set to “0” |
| services.write.tag | object | Array of Service tag object. The tag matched services, including child services, will be granted a read-write access to the user role. Read-write access will override read-only access to the services. Property behavior: - supported if services.write.mode is set to “0” |
| modules | array | Array of the module objects. |
| modules.default_access | integer | Whether access to new modules is enabled. Possible values: 0 - Disabled; 1 - (default) Enabled. |
| api.access | integer | Whether access to API is enabled. Possible values: 0 - Disabled; 1 - (default) Enabled. |
| api.mode | integer | Mode for treating API methods listed in the api property.Possible values: 0 - (default) Deny list; 1 - Allow list. |
| api | array | Array of API methods. |
| actions | array | Array of the action objects. |
| actions.default_access | integer | Whether access to new actions is enabled. Possible values: 0 - Disabled; 1 - (default) Enabled. |
UI element
The UI element object has the following properties:
| Property | Type | Description |
|---|---|---|
| name | string | Name of the UI element. Possible values if type of Role object is set to “User”, “Admin”, or “Super admin”:monitoring.dashboard - Dashboards;monitoring.problems - Monitoring → Problems;monitoring.hosts - Monitoring → Hosts;monitoring.latest_data - Monitoring → Latest data;monitoring.maps - Monitoring → Maps;services.services - Services → Services;services.sla_report - Services → SLA report;inventory.overview - Inventory → Overview;inventory.hosts - Inventory → Hosts;reports.availability_report - Reports → Availability report;reports.top_triggers - Reports → Triggers top 100.Possible values if type of Role object is set to “Admin” or “Super admin”:monitoring.discovery - Monitoring → Discovery;services.sla - Services → SLA;reports.scheduled_reports - Reports → Scheduled reports;reports.notifications - Reports → Notifications;configuration.template_groups - Data collection → Template groups;configuration.host_groups - Data collection → Host groups;configuration.templates - Data collection → Templates;configuration.hosts - Data collection → Hosts;configuration.maintenance - Data collection → Maintenance;configuration.discovery - Data collection → Discovery;configuration.trigger_actions - Alerts → Actions → Trigger actions;configuration.service_actions - Alerts → Actions → Service actions;configuration.discovery_actions - Alerts → Actions → Discovery actions;configuration.autoregistration_actions - Alerts → Actions → Autoregistration actions;configuration.internal_actions - Alerts → Actions → Internal actions.Possible values if type of Role object is set to “Super admin”:reports.system_info - Reports → System information;reports.audit - Reports → Audit log;reports.action_log - Reports → Action log;configuration.event_correlation - Data collection → Event correlation;administration.media_types - Alerts → Media types;administration.scripts - Alerts → Scripts;administration.user_groups - Users → User groups;administration.user_roles - Users → User roles;administration.users - Users → Users;administration.api_tokens - Users → API tokens;administration.authentication - Users → Authentication;administration.general - Administration → General;administration.audit_log - Administration → Audit log;administration.housekeeping - Administration → Housekeeping;administration.proxies - Administration → Proxies;administration.macros - Administration → Macros;administration.queue - Administration → Queue.Property behavior: - required |
| status | integer | Whether access to the UI element is enabled. Possible values: 0 - Disabled; 1 - (default) Enabled. |
Service
| Property | Type | Description |
|---|---|---|
| serviceid | string | ID of the Service. Property behavior: - required |
Service tag
| Property | Type | Description |
|---|---|---|
| tag | string | Tag name. If empty string is specified, the service tag will not be used for service matching. Property behavior: - required |
| value | string | Tag value. If no value or empty string is specified, only the tag name will be used for service matching. |
Module
The module object has the following properties:
| Property | Type | Description |
|---|---|---|
| moduleid | string | ID of the module. Property behavior: - required |
| status | integer | Whether access to the module is enabled. Possible values: 0 - Disabled; 1 - (default) Enabled. |
Action
The action object has the following properties:
| Property | Type | Description |
|---|---|---|
| name | string | Name of the action. Possible values if type of Role object is set to “User”, “Admin”, or “Super admin:edit_dashboards - Create and edit dashboards;edit_maps - Create and edit maps;add_problem_comments - Add problem comments;change_severity - Change problem severity;acknowledge_problems - Acknowledge problems;suppress_problems - Suppress problems;close_problems - Close problems;execute_scripts - Execute scripts;manage_api_tokens - Manage API tokens.Possible values if type of Role object is set to “Admin” or “Super admin”:edit_maintenance - Create and edit maintenances;manage_scheduled_reports - Manage scheduled reports,manage_sla - Manage SLA.Possible values if type of Role object is set to “User” or “Admin”:invoke_execute_now - allows to execute item checks for users that have only read permissions on host.Property behavior: - required |
| status | integer | Whether access to perform the action is enabled. Possible values: 0 - Disabled; 1 - (default) Enabled. |
