Dream User API, v1

Format is JSON when sending and receiving data. All string fields can contain Unicode in UTF-8 format.

Note

It is possible that the API will change without version number increase if the change does not break backwards compatibility.

Note

Unique identifier fields currently return only autoincremented numbers (0-9), but it is good to be future compatible and think these as strings if the implementation is switched to use UUID.

Organisation

id
string - Unique identifier
name
string - Human readable identifier used in URLs
title
string - Freeform title for the organisation

The organisation is the top level object type. It organizes the users into logical groups. Object types role and group are tied to the organisation.

/organisation/

GET
Returns all objects

/organisation/<id>/

GET
Returns one object by id.

Permission

name
string - Unique identifier for the permission

Permissions are global across all services. When new services are registered to the system they need to define the permissions they provide.

The identifier has three parts separated by dots. Spaces are not allowed. First two dots are used by the UserDB to split the string to three parts. The first part is used by the UserDB to identify which service this permission object belongs to. Last two parts are specified by the service. Last part can contain additional dots.

service
Service name
object
Object type, or model name, or database table or anything similar
action
The action user is taking

User gains permissions from role objects.

Note

User Teppo belongs to organisation kasavuori and has role teacher in that organisation. The role teacher, in kasavuori, has given permission dscms.article.create_article. Now Teppo has permission to add new articles in the CMS service to kasavuori website.

Role

id
string - Unique identifier
name
string - Human readable identifier used in URLs
title
string
organisation
object - Contains all fields specified in the organisation object
permissions
list of objects - Contains all fields specified in the permission object

/role/

GET
Returns all objects

/role/<id>/

GET
Returns one object by id.

/role/organisation/<id>/

GET
Returns all objects by organisation id.

Group

id
string - Unique identifier
name
string - Human readable identifier used in URLs
title
string
organisation
object - Contains all fields specified in the organisation` object

/group/

GET
Returns all objects

/group/<id>/

GET
Returns one object by id.

/group/organisation/<id>/

GET
Returns all objects by organisation id.

User

id
string - Unique identifier
name
string - Human readable identifier used in URLs
username
string - Username user uses to log in to the system
first_name
string - First name of the user
last_name
string - Last name of the user
email
string - Needs to be in proper email format
phone_number
string - Phone number format is specified by Zeecore
locale
string - User locale in the form fi_fi
picture_url
string - Needs to be proper URL
theme_color
string - In hex value, format RRGGBB
roles
list of objects - Contains all fields specified in the role object
permissions
list of objects - Contains all fields specified in the permission object
organisations
list of objects - Contains all fields specified in the organisation object
groups
list of objects - Contains all fields specified in the group object

Note

There are additional fields returned, but they are subject to change without notice.

/user/

GET
Returns all objects

/user/<id>/

GET
Returns one object by id.
PUT
Updates fields in the object. Allowed fields are: first_name, last_name, password, email, phone_number, theme_color, picture_url, groups, roles, and organisations. Fields groups, roles, and organisations should be list of unique identifiers.

/user/organisation/<id>/

GET
Returns all objects by organisation id.

/user/role/<id>/

GET
Returns all objects by role id.

/user/group/<id>/

GET
Returns all objects by group id.