ACLs (Access Control Lists)¶
Access Control Lists (ACLs) can be used to grant permissions to another user to manage your resources. For example it is possible to permit another user to start or stop your servers or to allow another user to connect their servers to your private network (VLAN).
Permissions can be granted on servers, drives, network resources, and firewall policies. All of these resources support
LIST
and EDIT
permissions, which respectively allow the grantee to see the resources when listing them and to
edit resources. When a user is granted a LIST
permission, this resource appears in the grantee’s resource list. For
example granting LIST
on a drive will make it appear in the list with grantees drives, when they make a GET request
to /drives. Own resources can be differentiated from granted resources, by the owner
field.
Some resources have additional permissions. Drives have ATTACH
permission which allows another user to use the
drive on their server. IPs, VLANs, and Firewall policies have ATTACH
which will allow another user to assign these
network resource to NICs on their server. Servers have START
and STOP
, OPEN_VNC
permissions which allow
another user to start or stop the server, or to open the server console through VNC. Note that ACLs may contain
permissions that are not directly applicable on some resources, for example it is possible to to have STOP
permission in an ACL on tag which refers only to drives. Drives and servers support CLONE
permission, which allows
cloning them to the grantee account. Note that in order to clone someone else’s server, you need CLONE
permission
on both the owner’s server, and on the attached non-cdrom drives. For cdrom drives, the user will need a ATTACH
permission. The table below summarizes the permissions applicable to each resource:
Resource | Permissions |
---|---|
Server | LIST EDIT CLONE START STOP OPEN_VNC |
Drive | LIST EDIT CLONE ATTACH |
IP, VLAN, Firewall Policy | LIST EDIT ATTACH |
ACLs are granted on tags, and apply for all the tagged resources. One ACL can be attached to multiple tags, and will apply to the set of all resources tagged by these tags. It is also possible to have multiple ACLs on a tag, in which case the permissions on the tagged resources are the combination of all ACLs rules.
Each ACL can have one or more grantee users. Each ACL object has a list of rules, which specify what permission are given by the ACL.
Permissions are not transferable to third parties, i.e. if you grant permission to someone, they can’t grant it to a third user. Only owners can grant permissions.
Allowed HTTP methods¶
Method | Description |
---|---|
GET | get / list object/s |
POST | create new object/s |
PUT | update / modify object/s |
DELETE | delete object/s |
Note
See RFC 2616#section-9 for more details on HTTP methods semantics
Listing¶
-
GET
/acls/
¶
Gets the list of ACLs defined by the authenticated user.
statuscode 200: | no error |
---|
Example request:
GET /api/2.0/acls/?limit=0 HTTP/1.1
Content-Type: application/json
Authorization: Basic SWYgeW91IGZvdW5kIHRoaXMsIGhhdmUgYSBjb29raWUsIHlvdSBkZXNlcnZlIGl0IDop
Example response:
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
{
"meta": {
"limit": 0,
"offset": 0,
"total_count": 3
},
"objects": [
{
"grantees": [
{
"email": "user2@example.com",
"resource_uri": {
"resource_uri": "/api/2.0/user/3516e556-eb0e-4f0c-bf95-8b642194b8fd/",
"uuid": "3516e556-eb0e-4f0c-bf95-8b642194b8fd"
},
"uuid": "3516e556-eb0e-4f0c-bf95-8b642194b8fd"
}
],
"meta": {},
"name": "shared_acl",
"owner": {
"resource_uri": "/api/2.0/user/c2fc9982-cf2e-434a-bf63-e22a27b39f00/",
"uuid": "c2fc9982-cf2e-434a-bf63-e22a27b39f00"
},
"resource_uri": "/api/2.0/acls/d29837e8-27ea-46e8-8b46-843d0df50a82/",
"rules": [
{
"permission": "ATTACH"
},
{
"permission": "OPEN_VNC"
},
{
"permission": "LIST"
},
{
"permission": "EDIT"
},
{
"permission": "DELETE"
},
{
"permission": "START"
},
{
"permission": "STOP"
},
{
"permission": "CLONE"
}
],
"tags": [],
"uuid": "d29837e8-27ea-46e8-8b46-843d0df50a82"
},
{
"grantees": [
{
"email": "user2@example.com",
"resource_uri": {
"resource_uri": "/api/2.0/user/3516e556-eb0e-4f0c-bf95-8b642194b8fd/",
"uuid": "3516e556-eb0e-4f0c-bf95-8b642194b8fd"
},
"uuid": "3516e556-eb0e-4f0c-bf95-8b642194b8fd"
}
],
"meta": {},
"name": "shared_acl",
"owner": {
"resource_uri": "/api/2.0/user/c2fc9982-cf2e-434a-bf63-e22a27b39f00/",
"uuid": "c2fc9982-cf2e-434a-bf63-e22a27b39f00"
},
"resource_uri": "/api/2.0/acls/58aa5d82-e890-44db-8cb8-fe3a2f159320/",
"rules": [
{
"permission": "ATTACH"
},
{
"permission": "OPEN_VNC"
},
{
"permission": "LIST"
},
{
"permission": "EDIT"
},
{
"permission": "DELETE"
},
{
"permission": "START"
},
{
"permission": "STOP"
},
{
"permission": "CLONE"
}
],
"tags": [],
"uuid": "58aa5d82-e890-44db-8cb8-fe3a2f159320"
},
{
"grantees": [],
"meta": {},
"name": "test_acl",
"owner": {
"resource_uri": "/api/2.0/user/3516e556-eb0e-4f0c-bf95-8b642194b8fd/",
"uuid": "3516e556-eb0e-4f0c-bf95-8b642194b8fd"
},
"resource_uri": "/api/2.0/acls/adf048e8-5445-47cf-a09c-fc3cfb2c823f/",
"rules": [],
"tags": [],
"uuid": "adf048e8-5445-47cf-a09c-fc3cfb2c823f"
}
]
}
List Single ACL¶
-
GET
/acls/
(uuid: acl_uuid)/
¶
Gets detailed information for an ACL identified by acl_uuid.
statuscode 200: | no error |
---|
Example request:
GET /api/2.0/acls/adf048e8-5445-47cf-a09c-fc3cfb2c823f/ HTTP/1.1
Content-Type: application/json
Authorization: Basic SWYgeW91IGZvdW5kIHRoaXMsIGhhdmUgYSBjb29raWUsIHlvdSBkZXNlcnZlIGl0IDop
Example response:
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
{
"grantees": [
{
"email": "user@example.com",
"resource_uri": {
"resource_uri": "/api/2.0/user/c2fc9982-cf2e-434a-bf63-e22a27b39f00/",
"uuid": "c2fc9982-cf2e-434a-bf63-e22a27b39f00"
},
"uuid": "c2fc9982-cf2e-434a-bf63-e22a27b39f00"
}
],
"meta": {},
"name": "test_acl",
"owner": {
"resource_uri": "/api/2.0/user/3516e556-eb0e-4f0c-bf95-8b642194b8fd/",
"uuid": "3516e556-eb0e-4f0c-bf95-8b642194b8fd"
},
"resource_uri": "/api/2.0/acls/adf048e8-5445-47cf-a09c-fc3cfb2c823f/",
"rules": [
{
"permission": "LIST"
},
{
"permission": "EDIT"
}
],
"tags": [
{
"resource_uri": "/api/2.0/tags/6d302107-fc0b-433a-99b1-9f2d3692eefc/",
"uuid": "6d302107-fc0b-433a-99b1-9f2d3692eefc"
},
{
"resource_uri": "/api/2.0/tags/5a9e6f2b-7927-4f30-88b5-0cc939208549/",
"uuid": "5a9e6f2b-7927-4f30-88b5-0cc939208549"
}
],
"uuid": "adf048e8-5445-47cf-a09c-fc3cfb2c823f"
}
Creating¶
-
POST
/acls/
¶
Creates a new ACL.
statuscode 201: | object created |
---|
Example request:
POST /api/2.0/acls/ HTTP/1.1
Content-Type: application/json
Authorization: Basic SWYgeW91IGZvdW5kIHRoaXMsIGhhdmUgYSBjb29raWUsIHlvdSBkZXNlcnZlIGl0IDop
{
"objects": [
{
"grantees": [],
"name": "test_acl",
"rules": [],
"tags": []
}
]
}
Example response:
HTTP/1.1 201 CREATED
Content-Type: application/json; charset=utf-8
{
"objects": [
{
"grantees": [],
"meta": {},
"name": "test_acl",
"owner": {
"resource_uri": "/api/2.0/user/3516e556-eb0e-4f0c-bf95-8b642194b8fd/",
"uuid": "3516e556-eb0e-4f0c-bf95-8b642194b8fd"
},
"resource_uri": "/api/2.0/acls/adf048e8-5445-47cf-a09c-fc3cfb2c823f/",
"rules": [],
"tags": [],
"uuid": "adf048e8-5445-47cf-a09c-fc3cfb2c823f"
}
]
}
It is possible to define the grantees, tags and rules at creation time. Just specify their UUIDs the grantees list:
Example request:
POST /api/2.0/acls/ HTTP/1.1
Content-Type: application/json
Authorization: Basic SWYgeW91IGZvdW5kIHRoaXMsIGhhdmUgYSBjb29raWUsIHlvdSBkZXNlcnZlIGl0IDop
{
"objects": [
{
"grantees": [
{
"email": "user@example.com",
"uuid": "c2fc9982-cf2e-434a-bf63-e22a27b39f00"
}
],
"name": "test_with_grantees",
"rules": [
{
"permission": "LIST"
},
{
"permission": "EDIT"
}
],
"tags": [
{
"uuid": "6d302107-fc0b-433a-99b1-9f2d3692eefc"
},
{
"uuid": "5a9e6f2b-7927-4f30-88b5-0cc939208549"
}
]
}
]
}
Example response:
HTTP/1.1 201 CREATED
Content-Type: application/json; charset=utf-8
{
"objects": [
{
"grantees": [
{
"email": "user@example.com",
"resource_uri": {
"resource_uri": "/api/2.0/user/c2fc9982-cf2e-434a-bf63-e22a27b39f00/",
"uuid": "c2fc9982-cf2e-434a-bf63-e22a27b39f00"
},
"uuid": "c2fc9982-cf2e-434a-bf63-e22a27b39f00"
}
],
"meta": {},
"name": "test_with_grantees",
"owner": {
"resource_uri": "/api/2.0/user/3516e556-eb0e-4f0c-bf95-8b642194b8fd/",
"uuid": "3516e556-eb0e-4f0c-bf95-8b642194b8fd"
},
"resource_uri": "/api/2.0/acls/49134280-55ed-4f4e-815c-85c6dd3ab322/",
"rules": [
{
"permission": "LIST"
},
{
"permission": "EDIT"
}
],
"tags": [
{
"resource_uri": "/api/2.0/tags/6d302107-fc0b-433a-99b1-9f2d3692eefc/",
"uuid": "6d302107-fc0b-433a-99b1-9f2d3692eefc"
},
{
"resource_uri": "/api/2.0/tags/5a9e6f2b-7927-4f30-88b5-0cc939208549/",
"uuid": "5a9e6f2b-7927-4f30-88b5-0cc939208549"
}
],
"uuid": "49134280-55ed-4f4e-815c-85c6dd3ab322"
}
]
}
Editing¶
-
PUT
/acls/{uuid}/
¶
Edits an ACL.
statuscode 200: | no error |
---|
Example request:
PUT /api/2.0/acls/adf048e8-5445-47cf-a09c-fc3cfb2c823f/ HTTP/1.1
Content-Type: application/json
Authorization: Basic SWYgeW91IGZvdW5kIHRoaXMsIGhhdmUgYSBjb29raWUsIHlvdSBkZXNlcnZlIGl0IDop
{
"grantees": [
{
"email": "user@example.com",
"uuid": "c2fc9982-cf2e-434a-bf63-e22a27b39f00"
}
],
"meta": {},
"name": "test_acl",
"owner": {
"resource_uri": "/api/2.0/user/3516e556-eb0e-4f0c-bf95-8b642194b8fd/",
"uuid": "3516e556-eb0e-4f0c-bf95-8b642194b8fd"
},
"resource_uri": "/api/2.0/acls/adf048e8-5445-47cf-a09c-fc3cfb2c823f/",
"rules": [
{
"permission": "LIST"
},
{
"permission": "EDIT"
}
],
"tags": [
{
"uuid": "6d302107-fc0b-433a-99b1-9f2d3692eefc"
},
{
"uuid": "5a9e6f2b-7927-4f30-88b5-0cc939208549"
}
],
"uuid": "adf048e8-5445-47cf-a09c-fc3cfb2c823f"
}
Example response:
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
{
"grantees": [
{
"email": "user@example.com",
"resource_uri": {
"resource_uri": "/api/2.0/user/c2fc9982-cf2e-434a-bf63-e22a27b39f00/",
"uuid": "c2fc9982-cf2e-434a-bf63-e22a27b39f00"
},
"uuid": "c2fc9982-cf2e-434a-bf63-e22a27b39f00"
}
],
"meta": {},
"name": "test_acl",
"owner": {
"resource_uri": "/api/2.0/user/3516e556-eb0e-4f0c-bf95-8b642194b8fd/",
"uuid": "3516e556-eb0e-4f0c-bf95-8b642194b8fd"
},
"resource_uri": "/api/2.0/acls/adf048e8-5445-47cf-a09c-fc3cfb2c823f/",
"rules": [
{
"permission": "LIST"
},
{
"permission": "EDIT"
}
],
"tags": [
{
"resource_uri": "/api/2.0/tags/6d302107-fc0b-433a-99b1-9f2d3692eefc/",
"uuid": "6d302107-fc0b-433a-99b1-9f2d3692eefc"
},
{
"resource_uri": "/api/2.0/tags/5a9e6f2b-7927-4f30-88b5-0cc939208549/",
"uuid": "5a9e6f2b-7927-4f30-88b5-0cc939208549"
}
],
"uuid": "adf048e8-5445-47cf-a09c-fc3cfb2c823f"
}
Deleting¶
-
DELETE
/acls/{uuid}/
¶
Deletes a single ACL.
statuscode 204: | No content, object deletion started. |
---|
Example request:
DELETE /api/2.0/acls/adf048e8-5445-47cf-a09c-fc3cfb2c823f/ HTTP/1.1
Content-Type: application/json
Authorization: Basic SWYgeW91IGZvdW5kIHRoaXMsIGhhdmUgYSBjb29raWUsIHlvdSBkZXNlcnZlIGl0IDop
Example response:
HTTP/1.1 204 NO CONTENT
Content-Type: text/html; charset=utf-8
Full Example of Sharing a Resource¶
First let’s create a tag which will be shared with another user:
Request:
POST /api/2.0/tags/ HTTP/1.1
Content-Type: application/json
Authorization: Basic SWYgeW91IGZvdW5kIHRoaXMsIGhhdmUgYSBjb29raWUsIHlvdSBkZXNlcnZlIGl0IDop
{
"objects": [
{
"name": "test_TagOne"
}
]
}
Response:
HTTP/1.1 201 CREATED
Content-Type: application/json; charset=utf-8
{
"objects": [
{
"meta": {},
"name": "test_TagOne",
"owner": {
"resource_uri": "/api/2.0/user/3516e556-eb0e-4f0c-bf95-8b642194b8fd/",
"uuid": "3516e556-eb0e-4f0c-bf95-8b642194b8fd"
},
"resource_uri": "/api/2.0/tags/6d302107-fc0b-433a-99b1-9f2d3692eefc/",
"resources": [],
"uuid": "6d302107-fc0b-433a-99b1-9f2d3692eefc"
}
]
}
Let’s create a drive tagged with the new tag:
Request:
POST /api/2.0/drives/ HTTP/1.1
Content-Type: application/json
Authorization: Basic SWYgeW91IGZvdW5kIHRoaXMsIGhhdmUgYSBjb29raWUsIHlvdSBkZXNlcnZlIGl0IDop
{
"objects": [
{
"media": "disk",
"name": "test_drive_acl",
"size": 2147483648,
"tags": [
"6d302107-fc0b-433a-99b1-9f2d3692eefc"
]
}
]
}
Response:
HTTP/1.1 201 CREATED
Content-Type: application/json; charset=utf-8
{
"objects": [
{
"affinities": [],
"allow_multimount": false,
"grantees": [],
"jobs": [],
"licenses": [],
"media": "disk",
"meta": {},
"mounted_on": [],
"name": "test_drive_acl",
"owner": {
"resource_uri": "/api/2.0/user/3516e556-eb0e-4f0c-bf95-8b642194b8fd/",
"uuid": "3516e556-eb0e-4f0c-bf95-8b642194b8fd"
},
"permissions": [],
"resource_uri": "/api/2.0/drives/ac5ca635-d119-4dda-b27a-fa5a69fc17da/",
"runtime": {
"is_snapshotable": true,
"snapshots_allocated_size": 0,
"storage_type": "dssd"
},
"size": 2147483648,
"snapshots": [],
"status": "creating",
"storage_type": "dssd",
"tags": [
{
"resource_uri": "/api/2.0/tags/6d302107-fc0b-433a-99b1-9f2d3692eefc/",
"uuid": "6d302107-fc0b-433a-99b1-9f2d3692eefc"
}
],
"uuid": "ac5ca635-d119-4dda-b27a-fa5a69fc17da"
}
]
}
It is also possible to tag an existing drive. Since there is no ACL on the tag, the grantees
attribute
of the drive is empty.
Now let’s add the tag to an ACL. Notice that we may add several tags to the ACL:
Request:
POST /api/2.0/acls/ HTTP/1.1
Content-Type: application/json
Authorization: Basic SWYgeW91IGZvdW5kIHRoaXMsIGhhdmUgYSBjb29raWUsIHlvdSBkZXNlcnZlIGl0IDop
{
"objects": [
{
"grantees": [
{
"email": "user@example.com",
"uuid": "c2fc9982-cf2e-434a-bf63-e22a27b39f00"
}
],
"name": "test_with_grantees",
"rules": [
{
"permission": "LIST"
},
{
"permission": "EDIT"
}
],
"tags": [
{
"uuid": "6d302107-fc0b-433a-99b1-9f2d3692eefc"
},
{
"uuid": "5a9e6f2b-7927-4f30-88b5-0cc939208549"
}
]
}
]
}
Response:
HTTP/1.1 201 CREATED
Content-Type: application/json; charset=utf-8
{
"objects": [
{
"grantees": [
{
"email": "user@example.com",
"resource_uri": {
"resource_uri": "/api/2.0/user/c2fc9982-cf2e-434a-bf63-e22a27b39f00/",
"uuid": "c2fc9982-cf2e-434a-bf63-e22a27b39f00"
},
"uuid": "c2fc9982-cf2e-434a-bf63-e22a27b39f00"
}
],
"meta": {},
"name": "test_with_grantees",
"owner": {
"resource_uri": "/api/2.0/user/3516e556-eb0e-4f0c-bf95-8b642194b8fd/",
"uuid": "3516e556-eb0e-4f0c-bf95-8b642194b8fd"
},
"resource_uri": "/api/2.0/acls/49134280-55ed-4f4e-815c-85c6dd3ab322/",
"rules": [
{
"permission": "LIST"
},
{
"permission": "EDIT"
}
],
"tags": [
{
"resource_uri": "/api/2.0/tags/6d302107-fc0b-433a-99b1-9f2d3692eefc/",
"uuid": "6d302107-fc0b-433a-99b1-9f2d3692eefc"
},
{
"resource_uri": "/api/2.0/tags/5a9e6f2b-7927-4f30-88b5-0cc939208549/",
"uuid": "5a9e6f2b-7927-4f30-88b5-0cc939208549"
}
],
"uuid": "49134280-55ed-4f4e-815c-85c6dd3ab322"
}
]
}
If we get the drive definition we will see the grantee in the grantees
attribute:
GET /api/2.0/drives/ac5ca635-d119-4dda-b27a-fa5a69fc17da/ HTTP/1.1
Content-Type: application/json
Authorization: Basic SWYgeW91IGZvdW5kIHRoaXMsIGhhdmUgYSBjb29raWUsIHlvdSBkZXNlcnZlIGl0IDop
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
{
"affinities": [],
"allow_multimount": false,
"grantees": [
{
"permissions": [
"EDIT",
"LIST"
],
"user": {
"email": null,
"resource_uri": "/api/2.0/user/c2fc9982-cf2e-434a-bf63-e22a27b39f00/",
"uuid": "c2fc9982-cf2e-434a-bf63-e22a27b39f00"
}
}
],
"jobs": [],
"licenses": [],
"media": "disk",
"meta": {},
"mounted_on": [],
"name": "test_drive_acl",
"owner": {
"resource_uri": "/api/2.0/user/3516e556-eb0e-4f0c-bf95-8b642194b8fd/",
"uuid": "3516e556-eb0e-4f0c-bf95-8b642194b8fd"
},
"permissions": [],
"resource_uri": "/api/2.0/drives/ac5ca635-d119-4dda-b27a-fa5a69fc17da/",
"runtime": {
"is_snapshotable": true,
"snapshots_allocated_size": 0,
"storage_type": "dssd"
},
"size": 2147483648,
"snapshots": [],
"status": "unmounted",
"storage_type": "dssd",
"tags": [
{
"resource_uri": "/api/2.0/tags/6d302107-fc0b-433a-99b1-9f2d3692eefc/",
"uuid": "6d302107-fc0b-433a-99b1-9f2d3692eefc"
}
],
"uuid": "ac5ca635-d119-4dda-b27a-fa5a69fc17da"
}
Since there is an ACL on the the tag all resources created with this tag will be shared. For example if we create a
server with the same tag, we see that it also shows grantees
:
POST /api/2.0/servers/ HTTP/1.1
Content-Type: application/json
Authorization: Basic SWYgeW91IGZvdW5kIHRoaXMsIGhhdmUgYSBjb29raWUsIHlvdSBkZXNlcnZlIGl0IDop
{
"objects": [
{
"cpu": 1000,
"mem": 536870912,
"name": "test_server",
"tags": [
"6d302107-fc0b-433a-99b1-9f2d3692eefc"
],
"vnc_password": "pass"
}
]
}
HTTP/1.1 201 CREATED
Content-Type: application/json; charset=utf-8
{
"objects": [
{
"context": true,
"cpu": 1000,
"cpu_model": null,
"cpu_type": "amd",
"cpus_instead_of_cores": false,
"drives": [],
"enable_numa": false,
"grantees": [
{
"permissions": [
"EDIT",
"LIST"
],
"user": {
"email": "user@example.com",
"resource_uri": "/api/2.0/user/c2fc9982-cf2e-434a-bf63-e22a27b39f00/",
"uuid": "c2fc9982-cf2e-434a-bf63-e22a27b39f00"
}
}
],
"hv_relaxed": false,
"hv_tsc": false,
"hypervisor": "kvm",
"jobs": [],
"mem": 536870912,
"meta": {},
"name": "test_server",
"nics": [],
"owner": {
"resource_uri": "/api/2.0/user/3516e556-eb0e-4f0c-bf95-8b642194b8fd/",
"uuid": "3516e556-eb0e-4f0c-bf95-8b642194b8fd"
},
"permissions": [],
"pubkeys": [],
"requirements": [],
"resource_uri": "/api/2.0/servers/e97f8858-4c59-476f-b7e6-08ec2ec85582/",
"runtime": null,
"smp": 1,
"status": "stopped",
"tags": [
{
"resource_uri": "/api/2.0/tags/6d302107-fc0b-433a-99b1-9f2d3692eefc/",
"uuid": "6d302107-fc0b-433a-99b1-9f2d3692eefc"
}
],
"uuid": "e97f8858-4c59-476f-b7e6-08ec2ec85582",
"vnc_password": "pass"
}
]
}
Permissions on Resources Attached to a Server¶
When updating another user’s server, the attached resources, such as drives, IPs, VLANs, or firewall policies, should
be available for the server owner. This means that either the attached resource should be owned by the server owner,
or the owner should be given ATTACH
permission on the attached resource. For example if user A shares a
server with EDIT
permission to user B, and user B wants to attach their drive on the server, user B will have to
grant ATTACH
permission on the drive, so that the owner of the server is able to start it. Trying to attach a
drive, on which there is no permission for the owner of the server will result in an error.
Schema¶
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
{
"allowed_detail_http_methods": [
"get",
"put",
"delete"
],
"allowed_list_http_methods": [
"get",
"put",
"post",
"delete"
],
"default_format": "application/json",
"default_limit": 20,
"fields": {
"grantees": {
"blank": false,
"default": "No default provided.",
"help_text": "Many related resources. Can be either a list of URIs or list of individually nested resource data.",
"nullable": true,
"readonly": false,
"type": "related",
"unique": false
},
"meta": {
"blank": false,
"default": "No default provided.",
"help_text": "A dictionary of data. Ex: {'price': 26.73, 'name': 'Daniel'}",
"nullable": false,
"readonly": false,
"type": "dict",
"unique": false
},
"name": {
"blank": false,
"default": "",
"help_text": "Unicode string data. Ex: \"Hello World\"",
"nullable": false,
"readonly": false,
"type": "string",
"unique": false
},
"owner": {
"blank": false,
"default": "No default provided.",
"help_text": "A single related resource. Can be either a URI or set of nested resource data.",
"nullable": false,
"readonly": true,
"type": "related",
"unique": false
},
"resource_uri": {
"blank": false,
"default": "No default provided.",
"help_text": "Unicode string data. Ex: \"Hello World\"",
"nullable": false,
"readonly": true,
"type": "string",
"unique": false
},
"rules": {
"blank": false,
"default": "No default provided.",
"help_text": "ACL rules",
"nullable": true,
"readonly": false,
"type": "related",
"unique": false
},
"tags": {
"blank": false,
"default": "No default provided.",
"help_text": "Many related resources. Can be either a list of URIs or list of individually nested resource data.",
"nullable": true,
"readonly": false,
"type": "related",
"unique": false
},
"uuid": {
"blank": false,
"default": "No default provided.",
"help_text": "Unicode string data. Ex: \"Hello World\"",
"nullable": false,
"readonly": true,
"type": "string",
"unique": false
}
}
}