A blazing fast dynamic route level groups/permissions api gateway.

• REST Docs
• Install
  • Minimum New Setup
• Security
• Configuration
• SDK
• Changelog
• License

REST Docs

1. Download the latest release or run git clone https://github.com/phara0h/travelling.git

2. Inside the root Travelling folder run: npm install

3. Set the TRAVELLING_DATABASE_URL environment variable which needs to be pointing to a new PostgreSQL database to start. Do this by creating a .env file inside the root Travelling folder. For example:

   TRAVELLING_DATABASE_URL=postgres:https://postgres@localhost/travelling

4. Set the salts and secrets for the following:

   ## Cookie Session Settings
   TRAVELLING_COOKIE_SESSION_SECRET=Yzy)8EbJOUJf+~e^%#7-lo1)RJUs.UVPBu4d3qqd0ZDQ!A~ti%Sq<kPy)nfVSn0;TRBeD0_QeMxKzp]Yn{hQe4j#ZtQ{L$0O>+hBJl^-%TKX<S>u|~xz;hFS(DO32tw#
   
   ## Cookie Token Settings
   TRAVELLING_COOKIE_TOKEN_SECRET=qVsI_O|Y0VPz>xvW-Uu!&5lejE3M4w-l0KvCI!v4q|9|F0W+v9g-hb!*yX8*3O%Ty@4$~:@1!VX*?Sl&c}KW&a4..gceGHg)KoiVpc9-8bCnrmG&&}iI;7VY+-+&U(?:
   TRAVELLING_COOKIE_TOKEN_SALT=?)WJ.$!570)5[@bDNip!q.t1J#/B.fJ{cyC--Zd/IJwJ/~L+(&#XOz|FuIoc{k;@8wf#gOrn||Ng1+2bDxOuQ6$_6QK{aWUfc-PZ{L62(0JRKizR~Y*/K8YT]?gLHB+S
   
   ## Postgres Crypto Settings
   TRAVELLING_PG_CRYPTO_IMPLEMENTATION_SECRET=:Y@K$;nE8r~D]dR-#%<PyI]/]^v&#lIz7T(OHrI@sAA_Y/+C%bYVfoY5(r#3IN6tC_fn9vpy%CKXh?K0k:<M/[PXs*r2CO~:]!2qBmB,9}RW)8i$$P#uFt_>u,v_M9K}
   TRAVELLING_PG_CRYPTO_IMPLEMENTATION_SALT=Wdwrmww~NxDAFn2/@~1SfV6&Iq7/PR;]k2Me*gK*(|I!sxcr/V,_0Bbys25dIF!sm,}XG)%U!(9|3gS4Hy1Hjo}D.WsF{!6|+x,t{O6T^S):kuglmBokNNqQeHL^bWk%

   These are example secrets and salts DO NOT USE THESE VALUES generate your own. You can use the included script via ./scripts/generateRandom.sh to generate a 128 character random string to use for salts and secrets. See Security for more details on keeping Travelling secure.

See Configuration for all other configurable options.

It is recommended to follow this security tips to help keep Travelling as secure as possible.

• Use HTTPS
• Use a key and cert signed by a known third party ssl vender. (Make sure chrome supports them)
• Don't use Cors unless you really have to.
• Request logs are helpful for tracking down malicious requests
• Run Travelling behind DDOS protection. For example Cloudflare.
• Rotate cookie session/token secrets and salts often. (Once a month is a good recommendation)
• Set username passwords and username's to OWSAP current recommendations.
• Keep OAuth2 Code Tokens short lived for maximum security.
• Use strong secret's and salts for Postgres encryption. KEEP THESE SAFE.
• Email authentication helps prevent invalid users and makes it harder for bots to generate accounts.

Configuration is done through environment variables. All variables have a default values except for what is stated in Minimum New Setup

• Basic
  • TRAVELLING_PORT
  • TRAVELLING_IP
  • TRAVELLING_KEY
  • TRAVELLING_CERT
  • TRAVELLING_HTTPS
  • TRAVELLING_SERVICE_NAME
• Misc
  • TRAVELLING_MISC_CLOUDFLAREIP
• Cors
  • TRAVELLING_CORS_ENABLE
  • TRAVELLING_CORS_HEADER_ORIGIN
  • TRAVELLING_CORS_HEADER_METHODS
  • TRAVELLING_CORS_HEADER_CREDENTIALS
  • TRAVELLING_CORS_HEADER_MAX_AGE
• Logging
  • TRAVELLING_LOG_ENABLE
  • TRAVELLING_LOG_LOGGER
  • TRAVELLING_LOG_COLORS
  • TRAVELLING_LOG_LEVEL
  • TRAVELLING_LOG_REQUESTS
  • TRAVELLING_LOG_UNAUTHORIZED_ACCESS
• Fastify Logger
  • TRAVELLING_LOG_FASTIFY_LOGGER
  • TRAVELLING_LOG_FASTIFY_LOGGER_REQUEST
  • TRAVELLING_LOG_FASTIFY_LOGGER_REQ_ID_HEADER
  • TRAVELLING_LOG_FASTIFY_LOGGER_REQ_ID_LOG_LABEL
• Portal
  • TRAVELLING_PORTAL_ENABLE
  • TRAVELLING_PORTAL_PATH
  • TRAVELLING_PORTAL_HOST
  • TRAVELLING_PORTAL_FILE_PATH
  • TRAVELLING_PORTAL_LOGO
  • TRAVELLING_PORTAL_STYLES
  • TRAVELLING_PORTAL_ICON
• Proxy
  • TRAVELLING_PROXY_TIMEOUT
  • TRAVELLING_PROXY_SEND_TRAVELLING_HEADERS
• Redis
  • TRAVELLING_REDIS_ENABLE
  • TRAVELLING_REDIS_URL
  • TRAVELLING_REDIS_EVENTS_URL
• Cookie
  • TRAVELLING_COOKIE_SESSION_SECRET
  • TRAVELLING_COOKIE_SESSION_EXPIRATION
  • TRAVELLING_COOKIE_TOKEN_SECRET
  • TRAVELLING_COOKIE_TOKEN_SALT
  • TRAVELLING_COOKIE_TOKEN_EXPIRATION
  • TRAVELLING_COOKIE_TOKEN_CHECKABLE
  • TRAVELLING_COOKIE_DOMAIN
  • TRAVELLING_COOKIE_SECURITY_IP_HIJACK_PROTECTION
• USER
  • TRAVELLING_USER_ISOLATE_BY_DOMAIN
  • TRAVELLING_USER_USERNAME_MINCHAR
  • TRAVELLING_USER_USERNAME_ENABLE
  • TRAVELLING_USER_LOCKED_MESSAGE
• Authentication
  • TRAVELLING_PASSWORD_CONSECUTIVE
  • TRAVELLING_PASSWORD_MINCHAR
  • TRAVELLING_PASSWORD_MAXCHAR
  • TRAVELLING_PASSWORD_SPECIAL
  • TRAVELLING_PASSWORD_NUMBER
  • TRAVELLING_PASSWORD_LOWERCASE
  • TRAVELLING_PASSWORD_UPPERCASE
  • TRAVELLING_LOGIN_MAX_LOGIN_ATTEMPTS
• OAUTH2
  • TRAVELLING_TOKEN_ACCESS_EXPIRATION
  • TRAVELLING_TOKEN_CODE_EXPIRATION
  • TRAVELLING_TOKEN_CODE_AUTHORIZE_FLOW
• Postgres
  • TRAVELLING_DATABASE_URL
  • TRAVELLING_DATABASE_USER
  • TRAVELLING_DATABASE_PASSWORD
  • TRAVELLING_DATABASE_PORT
  • TRAVELLING_DATABASE_NAME
  • TRAVELLING_DATABASE_HOST
  • TRAVELLING_PG_CRYPTO_IMPLEMENTATION
  • TRAVELLING_PG_CRYPTO_IMPLEMENTATION_SECRET
  • TRAVELLING_PG_CRYPTO_IMPLEMENTATION_SALT
  • TRAVELLING_PG_CRYPTO_ENCRYPT_USER_DATA
• Email
  • TRAVELLING_EMAIL_VALIDATION_EXTERNAL_ENABLE
  • TRAVELLING_EMAIL_VALIDATION_EXTERNAL_ENDPOINT
  • TRAVELLING_EMAIL_VALIDATION_EXTERNAL_EMAIL_IN_ENDPOINT
  • TRAVELLING_EMAIL_VALIDATION_EXTERNAL_EMAIL_IN_BODY
  • TRAVELLING_EMAIL_VALIDATION_EXTERNAL_METHOD
  • TRAVELLING_EMAIL_FROM
  • TRAVELLING_EMAIL_RECOVERY_EXPIRATION
  • TRAVELLING_EMAIL_ACTIVATION_EXPIRATION
  • TRAVELLING_EMAIL_TEST_ENABLE
  • TRAVELLING_EMAIL_SMTP_ENABLE
  • TRAVELLING_EMAIL_SMTP_HOST
  • TRAVELLING_EMAIL_SMTP_PORT
  • TRAVELLING_EMAIL_SMTP_SECURE
  • TRAVELLING_EMAIL_SMTP_AUTH_USER
  • TRAVELLING_EMAIL_SMTP_SECURE
  • TRAVELLING_EMAIL_SMTP_TLS_REJECT_UNAUTHORIZED
  • TRAVELLING_EMAIL_AWS_ENABLE
  • TRAVELLING_EMAIL_AWS_CONFIG
  • Templates
    • TRAVELLING_EMAIL_RESET_PASSWORD_TEMPLATE_BODY
    • TRAVELLING_EMAIL_RESET_PASSWORD_TEMPLATE_SUBJECT
    • TRAVELLING_EMAIL_ACTIVATION_TEMPLATE_BODY
    • TRAVELLING_EMAIL_ACTIVATION_TEMPLATE_SUBJECT
• Registration
  • TRAVELLING_REGISTRATION_REQUIRE_EMAIL_ACTIVATION
  • TRAVELLING_REGISTRATION_REQUIRE_MANUAL_ACTIVATION

Travelling's serving port.

Default: 443

Travelling's serving IP.

Default: 0.0.0.0

The path to the SSL key that is used for https

Default: travelling/localhost.key

The path to the SSL cert that is used for https

Default: travelling/localhost.csr

Enables https serving.

Default: travelling/localhost.csr

Changes the service's urls and other functionality around it's name.

Default: travelling

If cloudflare sits infront of Travelling set this to true, so users have their real IP assigned to them.

Default: false

Recommended to keep this disabled due to security reasons. Only enable this if you really need it and know the risks.

Allows external services to make api calls to Travelling.

Default: false

_Full host path or wildstar _ host pathed subdomains to allow. This is returned back with all requests.*

Default: Rewrites the origin to whatever external host is making the call. This allows all external calls allowed and is not recommended.
> Example: *.domain.com

access-control-allow-methods header that is returned back with all requests.

Default: Rewrites it's self to the access-control-request-method header request or sets to * if there is no request.
> Example: GET,DELETE

access-control-allow-credentials header that is returned back with all routes under /travelling/api/v1/auth/

Default: true

access-control-max-age header that is returned back with all CORS options request.

Default: 3600

For maximum performance it is recommended to disable TRAVELLING_LOG_FASTIFY_LOGGER_REQUEST and TRAVELLING_LOG_FASTIFY_LOGGER

Enables TRAVELLING_LOG_LOGGER.

Default: true

An absolute file path to a custom node.js logger. This must not be set for the settings TRAVELLING_LOG_LEVEL & TRAVELLING_LOG_COLORS to function. It also needs to support the same interface as Node's built in console logger.

Default: travelling/include/utils/logger.js

Enables console colors to be used with TRAVELLING_LOG_LOGGER.

Default: true

Sets the log level for TRAVELLING_LOG_LOGGER. The options are trace,debug,info,warn,error,fatal.

Default: info

Enables logging of every request of all requests with TRAVELLING_LOG_LOGGER.

Default: true

Enables logging of every unauthorized access requests made with TRAVELLING_LOG_LOGGER.

Default: true

Enables logging for fastify's built-in pino logger. This can be set to a true/false value or a absolute path of a javascript file to set pino's settings / implement a custom logger from the pino interface.

Default: false
> Example: js file setting pino settings.

module.exports = {
  level: 'info'
};

Enables logging of every request and response in pino's format. Recommended not to have this and TRAVELLING_LOG_LOGGER enabled at once

Default: true

The name of the header that gets set by pino's correlation id system.

Default: travelling-req-id

The name of the property that gets set by pino's correlation id system.

Default: travellingReqID

Enables the portal which has the client for login/logout/register/forgotPassword/oauth2Code functionality. This should always be enabled.

Default: true

The route that travelling will serve the client at.

Default: /travelling/portal/

This is used once on the first startup of Travelling during group initialization. This sets the remote host of a custom client to be served under the TRAVELLING_PORTAL_HOST path.

Default: travelling/localhost.key

The absolute filepath to the root directory of the client files. Recommended not to be changed unless unless there is a need for a fully custom rewrite of Travelling's client pages.

Default: travelling/client/dist

The absolute filepath to the logo to be displayed on the client side.

Default: travelling/client/assets/logo.svg

The absolute filepath to the css file to be displayed on the client side.

Default: travelling/client/assets/styles.css

The absolute filepath to the faveicon to be displayed on the client side.

Default: travelling/client/assets/favicon.ico

How long in seconds the proxy should wait on a request to finish. 0 is Infinity

Default: 0

Allows Travelling to send permission/user/group based headers along with the proxy route

Default: false

Enables redis to be used when multiple instances of travelling are running and being load balanced against.

Default: false Uses in memory store which could be problematic depending on how many groups and routes there are.

The URL to a redis instance to be used by travelling as a data store.

Default: redis:https://127.0.0.1:6379/

The URL to a redis instance to be used by travelling as a pub/sub event system.

Default: redis:https://127.0.0.1:6379/

Travelling uses a dual cookie system. One is a persistent token cookie for longterm login and the other is a short lived session cookie made to put less load on the system and speed things up making it not need to decrypt the token cookie every request.

The session secret used to generate the session cookie with. This needs to stay a secret and should be changed ever so often for security reasons

Default: This needs to be set!

How long the session cookie will last for in seconds. Recommended to set it to the average number of seconds a user tends to use your service for.

Default: 300

The token secret used to generate the persistent token cookie with. This needs to stay a secret and should be changed ever so often for security reasons

Default: null This needs to be set!

The token salt used to generate the persistent token cookie with. This needs to stay a secret and should be changed ever so often for security reasons

Default: null This needs to be set!

How long the persistent token cookie will last for in days.

Default: 30

Adds JavaScript accessible cookie, called trav:ls, contianing the expiration of the trav:tok cookie.

Default: true

How long the persistent token cookie will last for in days.

Default: null

Enables cookie linked to remote ip's. Disabling this removes one more layer of protection against CRSF attacks, but might be needed depending on your Cors settings.

Default: true

This allows users that have same username/email to register and be isolated by the domain property. This is useful if you have multiple websites and you want to keep your users isolated from each other.

Default: false

The minimum amount of characters a username has to have.

Default: 4

Require users to have usernames

Default: true

Require users to have usernames

Default: Failed login attempts exceeded the limit. Contact your admin to get your account unlocked.

Disables user's passwords from having any consecutive characters.

Default: false

The minimum amount of characters a user's password has to have

Default: 8

The maximum amount of characters a user's password is allowed to have. Leaving this unset makes it unlimited

Default:

The minimum amount of special characters a user's password has to have.

Default: 30

The minimum amount of numbers characters a user's password has to have.

Default: 1

The minimum amount of lowercase characters a user's password has to have.

Default: 1

The minimum amount of uppercase characters a user's password has to have.

Default: 1

The maximum amount of failed login attempts until a user is locked.

Default: 10

How long a OAUTH2 Access token will last for in minutes.

Default: 1440

How long a OAUTH2 Code token will last for in minutes.

Default: 5

Enforces the user to click a authorize button to allow a client to login for the user.

Default: true

The Postgres connection url for Travelling to connect to.

Default: null

The Postgres user.

Default: null

The Postgres password.

Default: null

The Postgres port.

Default: null

The Postgres databases name.

Default: null

The Postgres host.

Default: null

The absolute path to the encryption interface that is used for Travelling's database encryption fields. If a custom implementation is wanted please check out travelling/include/utils/cryptointerface.js for methods needed to be functional.

Default: travelling/include/utils/cryptointerface.js

The secret used inside TRAVELLING_PG_CRYPTO_IMPLEMENTATION. This needs to stay a secret and should be changed ever so often for security reasons.

Default: null This needs to be set!

The salt used inside TRAVELLING_PG_CRYPTO_IMPLEMENTATION. This needs to stay a secret and should be changed ever so often for security reasons.

Default: null This needs to be set!

Enables the user_data field inside the user object to be encrypted. If sensitive data is stored in within that field it is recommended to enable this.

Default: false

Enable external email endpoint for email validation

Default: false

Full url for endpoint for email validation

Default: null

Appends the users email to the end of the supplied endpoint. EX: https://test.com/email/[email protected]

Default: true

Sends the users email as text as a body to the supplied endpoint

Default: false

Supplied endpoint's HTTP Method to use

Default: GET

The email that will be used as the from address. Recommended to set it to a no-reply email address

Default: null

The number of seconds for the email recovery link to last for. Recommended to keep this somewhat short-lived for security reasons.

Default: 900

The number of seconds for the email activation link to last for.

Default: 86400

Enables the use of a test email service that will display the login credentials inside the log at start. This is used by our integration test. However, it is helpful to enable this if custom Templates are written. Only one type of email support should be used Test, SMTP or AWS.

Default: false

Enables the use of a SMTP email service. Only one type of email support should be used Test, SMTP or AWS.

Default: false

The host of the SMTP service.

Default: 127.0.0.1

The port of the SMTP service.

Default: 465

Enables TLS for SMTP.

Default: true

Username for SMTP service.

Default: null

Password for SMTP service.

Default: null

Enables rejection of TLS certs that are self served or invalid. Recommended to keep it enabled for security reasons.

Default: true

Enables the use of the AWS SES email service. Only one type of email support should be used Test, SMTP or AWS.

Default: false

The absolute path to the AWS json credentials config to use for accessing the SES service. See AWS's configuration documentation on the format of this file.

Default: null // This needs to be set to use AWS SES email service.

Templates all use html/handlebars. Check out the example default templates inside the travelling/templates/ folder for examples.

Reset Template Variables:

Activation Template Variables:

The absolute path to the email reset password template body. This is used as the body inside all reset password emails.

Default: travelling/templates/email-reset-password-body.html

The absolute path to the email reset password template subject. This is used as the subject line inside all reset password emails.

Default: templates/email-reset-password-subject.html

The absolute path to the email activation template body. This is used as the body inside all activation emails.

Default: templates/email-activation-body.html

The absolute path to the email activation template subject.This is used as the subject line inside all activation emails.

Default: templates/email-activation-subject.html

Enables the requirement of each newly registered user to activate their account through the email link.

Default: false

Enables the requirement of each newly registered user to have a active user with permissions to unlock their account for them.

Default: false

SDK

Travelling

Audit

AuditUser

Config

Groups

GroupsType

Group

GroupUsers

GroupUser

GroupType

GroupTypeUsers

Both requests are disabled. Dont use.

GroupTypeUser

GroupRequest

GroupRequestUser

Users

UsersDomain

User

UserDomain

UserCurrent

Auth

Auth endpoints

AuthToken

AuthDomain

AuthDomainToken

SDK(host, opts)

SDK - importing the SDK for use

Kind: global class

• Travelling
  • .healthCheck(authorization_bearer)
  • .metrics(authorization_bearer)

healthCheck - server's health check

Path: health

Kind: static method of Travelling

metrics - servers metrics

Path: metrics

Kind: static method of Travelling

Kind: global class

• Audit
  • .byActionAndSubaction(action, subaction, limit, skip, sort, sortdir, filter, resolve, authorization_bearer)
  • .bySubaction(subaction, limit, skip, sort, sortdir, filter, resolve, authorization_bearer)
  • .byAction(action, limit, skip, sort, sortdir, filter, resolve, authorization_bearer)

byActionAndSubaction - Gets audits by action and subaction type.

*Note: you can only use range operators (<,B >,B >=,B <=) on the following columns: created_on.

Path: api/v1/audit/action/:action/subaction/:subaction

Kind: static method of Audit

bySubaction - Gets audits by subaction type.

*Note: you can only use range operators (<,B >,B >=,B <=) on the following columns: created_on.

Path: api/v1/audit/subaction/:subaction

Kind: static method of Audit

byAction - Gets audits by action type.

*Note: you can only use range operators (<,B >,B >=,B <=) on the following columns: created_on.

Path: api/v1/audit/action/:action

Kind: static method of Audit

Kind: global class

• AuditUser
  • .countByuserId(id, filter, limit, skip, sort, sortdir, selfexclusion, authorization_bearer)
  • .byuserId(id, filter, limit, skip, sort, sortdir, resolve, selfexclusion, authorization_bearer)
  • .countOfuserId(id, filter, limit, skip, sort, sortdir, selfexclusion, authorization_bearer)
  • .ofuserId(id, filter, limit, skip, sort, sortdir, resolve, selfexclusion, authorization_bearer)

countByuserId - Gets audits by by_user id.

*Note: you can only use range operators (<,B >,B >=,B <=) on the following columns: created_on.

Path: api/v1/audit/count/user/byuser/:id

Kind: static method of AuditUser

byuserId - Gets audits by by_user id.

*Note: you can only use range operators (<,B >,B >=,B <=) on the following columns: created_on.

Path: api/v1/audit/user/byuser/:id

Kind: static method of AuditUser

countOfuserId - Gets audits by of_user id.

*Note: you can only use range operators (<,B >,B >=,B <=) on the following columns: created_on.

Path: api/v1/audit/count/user/ofuser/:id

Kind: static method of AuditUser

ofuserId - Gets audits by of_user id.

*Note: you can only use range operators (<,B >,B >=,B <=) on the following columns: created_on.

Path: api/v1/audit/user/ofuser/:id

Kind: static method of AuditUser

Kind: global class

getProperty - Gets a property from travellings config.

Path: api/v1/config/:property

Kind: static method of Config

Kind: global class

• Groups
  • .export(authorization_bearer)
  • .import(body, authorization_bearer)
  • .get(authorization_bearer)

export - Exports all groups in the proper format to be imported.

Path: api/v1/groups/export

Kind: static method of Groups

import - Imports all groups from the exported format.

Path: api/v1/groups/import

Kind: static method of Groups

Example
body

{
  "group": {
    "anonymous": {
      "allowed": [
        {"method": "GET", "route": "/account/portal/*"},
        {"method": "GET", "route": "/account/assets/*"},
        {"method": "GET", "route": "/favicon.ico"},
        {"method": "GET", "route": "/account/api/v1/auth/logout"},
        {"method": "PUT", "route": "/account/api/v1/auth/password/forgot"},
        {"method": "PUT", "route": "/account/api/v1/auth/password/reset"},
        {"method": "GET", "route": "/account/api/v1/auth/activate"},
        {"method": "POST", "route": "/account/api/v1/auth/token"},
        {"method": "GET", "route": "/account/api/v1/auth/login/otp"},
        {"method": "POST","route":"/account/api/v1/auth/oauth/authorize"},
        {"method": "GET","route":"/account/api/v1/auth/oauth/authorize"},
        {"method": "GET", "route": "/account/api/v1/user/me/permission/allowed/*"},
        {"method": "GET", "route": "/account/api/v1/user/me/route/allowed"},
        {"method": "GET", "route": "/account/api/v1/config/password"},
        {"method": "GET", "route": "/account/api/v1/config/portal/webclient"},
        {"method": "GET", "route": "/account/metrics"},
        {"method": "GET", "route": "/account/health"}
      ]
    }
  }
}

get - Get all the groups

Path: api/v1/groups

Kind: static method of Groups

Kind: global class

• GroupsType
  • .all(type, authorization_bearer)
  • .getTypesList(authorization_bearer)

all - Gets all groups of a particular type

Path: api/v1/groups/type/:type

Kind: static method of GroupsType

getTypesList - Gets all the types of groups currently made.

Path: api/v1/groups/types

Kind: static method of GroupsType

Kind: global class

• Group
  • .addPermission(id, permission, authorization_bearer)
  • .deletePermission(id, permission, authorization_bearer)
  • .addRoute(body, id, authorization_bearer)
  • .removeInheritance(id, inherited, grouptype, authorization_bearer)
  • .inheritFrom(id, inherited, grouptype, authorization_bearer)
  • .setDefault(id, authorization_bearer)
  • .delete(id, authorization_bearer)
  • .edit(body, id, authorization_bearer)
  • .get(id, authorization_bearer)
  • .createByName(id, authorization_bearer)
  • .create(body, authorization_bearer)

addPermission - Adds a permission to a group.

Path: api/v1/group/id/:id/insert/permission/:permission

Kind: static method of Group

deletePermission - Removes a permission/route from a group.

Path: api/v1/group/id/:id/permission/:permission

Kind: static method of Group

addRoute - Adds a route to a group.

{
    "route": "test/permissions/*", // optional
    "host": null, // optional, defaults to travelling host
    "method": "*", // optional, defaults to '*'
    "remove_from_path": 'test/', // optional 
    "name": "test-permissions-*"  // Required and needs to be unqiue, defaults to method + route seperated by '-' instead of `/`
}

Path: api/v1/group/id/:id/insert/route

Kind: static method of Group

Example
body

{
	"route": "test/permissions/*",
    "host": null, 
    "method": "*", 
    "name": "test-permissions-*"  
}

removeInheritance - Removes an inheritance from a group.

Path: api/v1/group/id/:id/remove/inheritance/:inherited/type/:grouptype

Kind: static method of Group

inheritFrom - Adds an inheritance to a group.

Path: api/v1/group/id/:id/inherit/from/:inherited/type/:grouptype

Kind: static method of Group

setDefault - Sets the group to be the default group for new users.

Path: api/v1/group/id/:id/set/default

Kind: static method of Group

delete - delete group by its id or name

Path: api/v1/group/id/:id

Kind: static method of Group

edit - Edits a group

Path: api/v1/group/id/:id

Kind: static method of Group

Example
body

{
    "allowed": [
        {
            "route": "/travelling/portal/*",
            "host": null,
            "remove_from_path": "/travelling/portal",
            "method": "*",
            "name": "*-travelling-portal-*"
        },
        {
            "route": "/travelling/api/v1/auth/*",
            "host": null,
            "method": "*",
            "name": "*-travelling-api-v1-auth-*"
        },
        {
            "route": "/travelling/api/v1/user/me/route/allowed",
            "host": null,
            "method": "GET",
            "name": "get-travelling-api-v1-user-me-route-allowed"
        },
        {
            "route": "/travelling/api/v1/user/me/permission/allowed/*",
            "host": null,
            "method": "GET",
            "name": "get-travelling-api-v1-user-me-permission-allowed-*"
        },
        {
            "route": "/travelling/assets/*",
            "host": null,
            "remove_from_path": "/travelling/assets/",
            "method": "*",
            "name": "*-travelling-assets-*"
        },
        {
            "route": "travelling/api/v1/config/password",
            "host": null,
            "method": "get"
        }
    ]
}

get - Get a group by it's id or name.

Path: api/v1/group/id/:id

Kind: static method of Group

createByName - Add a new blank group with the set name.

Path: api/v1/group/id/:id

Kind: static method of Group

create - Add a new group

Path: api/v1/group

Kind: static method of Group

Example
body

{
    "name": "group1",
    "type": "testgroup",
    "allowed": [
        {
            "route": "/test",
            "host": "https://127.0.0.1:1237/",
            "remove_from_path": "test",
            "method": "*",
            "name": "all-test"
        }
    ],
    "is_default": false
}

Kind: global class

• GroupUsers
  • .inherited(id)
  • .count(id, filter, limit, skip, authorization_bearer)
  • .get(id, filter, limit, skip, sort, sortdir, authorization_bearer)

inherited - Gets all the users that belong to the group and all of its inherited groups.

Path: api/v1/group/id/:id/users/inherited

Kind: static method of GroupUsers

count - Gets all the users that belong to the group.

*Note: you can only use range operators (<,B >,B >=,B <=) on the following columns: created_on, updated_on, dob.

Path: api/v1/group/id/:id/users/count

Kind: static method of GroupUsers

get - Gets all the users that belong to the group.

*Note: you can only use range operators (<,B >,B >=,B <=) on the following columns: created_on, updated_on, dob.

Path: api/v1/group/id/:id/users

Kind: static method of GroupUsers

Kind: global class

• GroupUser
  • .delete(group, type, id, authorization_bearer)
  • .removeGroupInheritance(group, type, id, inheritgroupid, inheritgrouptype, authorization_bearer)
  • .addGroupInheritance(group, type, id, inheritgroupid, inheritgrouptype, authorization_bearer)
  • .editPropertyValue(group, type, id, property, value, authorization_bearer)
  • .editProperty(body, group, type, id, property, authorization_bearer)
  • .edit(body, group, type, id, authorization_bearer)
  • .getProperty(group, type, id, property, authorization_bearer)
  • .get(group, type, id, authorization_bearer)

delete - Delete a user by it's id or username from group of a particular type.

Path: api/v1/group/id/:group/type/:type/user/:id

Kind: static method of GroupUser

removeGroupInheritance - Remove a user to a group of a particular type of group.

Path: api/v1/group/id/:group/type/:type/user/:id/inheritance/group/:inheritgroupid/type/:inheritgrouptype

Kind: static method of GroupUser

addGroupInheritance - Add a group for the current user from a group of a particular type.

Path: api/v1/group/id/:group/type/:type/user/:id/inheritance/group/:inheritgroupid/type/:inheritgrouptype

Kind: static method of GroupUser

editPropertyValue - Edit a current user's property data as a path param from a group of a particular type.

Path: api/v1/group/id/:group/type/:type/user/:id/property/:property/:value

Kind: static method of GroupUser

editProperty - Edit a user's property by it's id or username from a group of a particular type.

Path: api/v1/group/id/:group/type/:type/user/:id/property/:property

Kind: static method of GroupUser

Example
body

{
	"locked": false
}

edit - Edit a user by it's id or username from group of a particular type.

Path: api/v1/group/id/:group/type/:type/user/:id

Kind: static method of GroupUser

Example
body

{
	"locked": false
}

getProperty - Get a user's property by it's id or username from group of a particular type.

Path: api/v1/group/id/:group/type/:type/user/:id/property/:property

Kind: static method of GroupUser

get - Get a user by it's id or username from group of a particular type.

Path: api/v1/group/id/:group/type/:type/user/:id

Kind: static method of GroupUser

Kind: global class

• GroupType
  • .deletePermission(id, type, permission, authorization_bearer)
  • .addPermission(id, type, permission, authorization_bearer)
  • .addRoute(body, id, type, authorization_bearer)
  • .removeInheritance(id, type, inherited, grouptype, authorization_bearer)
  • .inheritFrom(id, type, inherited, grouptype, authorization_bearer)
  • .setDefault(id, type)
  • .delete(id, type, authorization_bearer)
  • .get(id, type, authorization_bearer)
  • .edit(body, id, type, authorization_bearer)
  • .createByName(id, type, authorization_bearer)
  • .create(body, type, authorization_bearer)

deletePermission - Removes a permission/route from a group of a particular type.

Path: api/v1/group/id/:id/type/:type/permission/:permission

Kind: static method of GroupType

addPermission - Adds a permission to a group of a particular type.

Path: api/v1/group/id/:id/type/:type/insert/permission/:permission

Kind: static method of GroupType

addRoute - Adds a route to a group of a particular type.

{
    "route": "test/permissions/*", // optional
    "host": null, // optional, defaults to travelling host
    "method": "*", // optional, defaults to '*'
    "remove_from_path": 'test/', // optional 
    "name": "test-permissions-*"  // Required and needs to be unqiue, defaults to method + route seperated by '-' instead of `/`
}

Path: api/v1/group/id/:id/type/:type/insert/route

Kind: static method of GroupType

Example
body

{
	"route": "test/permissions/*",
    "host": null, 
    "method": "*", 
    "name": "test-permissions-*"  
}

removeInheritance - Removes an inheritance from a group of a particular type.

Path: api/v1/group/id/:id/type/:type/remove/inheritance/:inherited/type/:grouptype

Kind: static method of GroupType

inheritFrom - Adds an inheritance to a group of a particular type.

Path: api/v1/group/id/:id/type/:type/inherit/from/:inherited/type/:grouptype

Kind: static method of GroupType

setDefault - Sets the group of a particular type to be the default group for new users.

Path: api/v1/group/id/:id/type/:type/set/default

Kind: static method of GroupType

delete - delete group of a particular type by its name or id

Path: api/v1/group/id/:id/type/:type

Kind: static method of GroupType

get - Get a group by it's id or name of a particular type.

Path: api/v1/group/id/:id/type/:type

Kind: static method of GroupType

edit - Edits a group of a particular type

Path: api/v1/group/id/:id/type/:type

Kind: static method of GroupType

Example
body

{"inherited":["a717b880-b17b-4995-9610-cf451a06d015","7ec8c351-7b8a-4ea8-95cc-0d990b225768"]}

createByName - Add a new blank group with the set name and type

Path: api/v1/group/id/:id/type/:type

Kind: static method of GroupType

create - Add a new group of a particular type

Path: api/v1/group/type/:type

Kind: static method of GroupType

Example
body

{
    "name": "group1",
    "type": "accounts",
    "allowed": [
        {
            "route": "/test",
            "host": "https://127.0.0.1:1237/",
            "remove_from_path": "test",
            "method": "*",
            "name": "all-test"
        }
    ],
    "is_default": false
}

Both requests are disabled. Dont use.

Kind: global class

• GroupTypeUsers
  • .inherited(id, type)
  • .count(id, type, filter, limit, skip, authorization_bearer)
  • .get(id, type, filter, limit, skip, sort, sortdir, authorization_bearer)

inherited - Gets all the users that belong to the group of a particular type by its name or id and all of its inherited groups.

Path: api/v1/group/id/:id/type/:type/users/inherited

Kind: static method of GroupTypeUsers

count - Gets all the users that belong to the group of a particular type by its name or id.

*Note: you can only use range operators (<,B >,B >=,B <=) on the following columns: created_on, updated_on, dob.

Path: api/v1/group/id/:id/type/:type/users/count

Kind: static method of GroupTypeUsers

get - Gets all the users that belong to the group of a particular type by its name or id.

*Note: you can only use range operators (<,B >,B >=,B <=) on the following columns: created_on, updated_on, dob.

Path: api/v1/group/id/:id/type/:type/users

Kind: static method of GroupTypeUsers

Kind: global class

• GroupTypeUser
  • .delete(type, id, authorization_bearer)
  • .removeGroupInheritance(type, id, inheritgroupid, inheritgrouptype, authorization_bearer)
  • .addGroupInheritance(type, id, inheritgroupid, inheritgrouptype, authorization_bearer)
  • .editPropertyValue(type, id, property, value, authorization_bearer)
  • .editProperty(body, type, id, property, authorization_bearer)
  • .edit(body, type, id, authorization_bearer)
  • .getProperty(type, id, property, authorization_bearer)
  • .get(type, id, authorization_bearer)

delete - Delete a user by it's id or username from group of a particular type.

Path: api/v1/group/type/:type/user/:id

Kind: static method of GroupTypeUser

removeGroupInheritance - Remove a user to a group of a particular type of group.

Path: api/v1/group/type/:type/user/:id/inheritance/group/:inheritgroupid/type/:inheritgrouptype

Kind: static method of GroupTypeUser

addGroupInheritance - Add a user to a group of a particular type of group.

Path: api/v1/group/type/:type/user/:id/inheritance/group/:inheritgroupid/type/:inheritgrouptype

Kind: static method of GroupTypeUser

editPropertyValue - Edit a current user's property data as a path param from a group of a particular type.

Path: api/v1/group/type/:type/user/:id/property/:property/:value

Kind: static method of GroupTypeUser

editProperty - Edit a user's property by it's id or username from a group of a particular type.

Path: api/v1/group/type/:type/user/:id/property/:property

Kind: static method of GroupTypeUser

Example
body

{
	"locked": false
}

edit - Edit a user by it's id or username from group of a particular type.

Path: api/v1/group/type/:type/user/:id

Kind: static method of GroupTypeUser

Example
body

{
	"locked": false
}

getProperty - Get a user's property by it's id or username from group of a particular type.

Path: api/v1/group/type/:type/user/:id/property/:property

Kind: static method of GroupTypeUser

get - Get a user by it's id or username from group of a particular type.

Path: api/v1/group/type/:type/user/:id

Kind: static method of GroupTypeUser

Kind: global class

Kind: global class

• GroupRequestUser
  • .delete(body, type, id, authorization_bearer)
  • .addGroupInheritance(type, id, inheritgroupid, inheritgrouptype, authorization_bearer)
  • .editProperty(body, type, id, property, authorization_bearer)
  • .edit(body, type, id, authorization_bearer)

delete - Delete a user by it's id or username from the user's group_request of a particular type.

Path: api/v1/group/request/type/:type/user/:id

Kind: static method of GroupRequestUser

Example
body

{
	"locked": false
}

addGroupInheritance - Add a user to a group from the user's group_request of a particular type.

Path: api/v1/group/request/type/:type/user/:id/inheritance/group/:inheritgroupid/type/:inheritgrouptype

Kind: static method of GroupRequestUser

editProperty - Edit a user's property by it's id or username from the user's group_request of a particular type.

Path: api/v1/group/request/type/:type/user/:id/property/:property

Kind: static method of GroupRequestUser

Example
body

"[email protected]"

edit - Edit a user by it's id or username from the user's group_request of a particular type.

Path: api/v1/group/request/type/:type/user/:id

Kind: static method of GroupRequestUser

Example
body

{
	"locked": false
}

Kind: global class

• Users
  • .byGroupRequest(group_request, authorization_bearer)
  • .count(limit, skip, filter, ids, authorization_bearer)
  • .get(sort, limit, skip, filter, sortdir, ids, params, authorization_bearer)

byGroupRequest - Gets all the users that have the specified group request

Path: api/v1/users/group/request/:group_request

Kind: static method of Users

count - Gets all the users

*Note: you can only use range operators (<,B >,B >=,B <=) on the following columns: created_on, updated_on, dob.

Path: api/v1/users/count

Kind: static method of Users

get - Gets all the users

*Note: you can only use range operators (<, >, >=, <=) on the following columns: created_on, updated_on, dob.

Path: api/v1/users

Kind: static method of Users

Kind: global class

• UsersDomain
  • .count(domain, limit, skip, filter, ids, authorization_bearer)
  • .get(domain, sort, limit, skip, filter, sortdir, ids, params, authorization_bearer)

count - Gets all the users

*Note: you can only use range operators (<,B >,B >=,B <=) on the following columns: created_on, updated_on, dob.

Path: api/v1/users/domain/:domain/count

Kind: static method of UsersDomain

get - Gets all the users

*Note: you can only use range operators (<,B >,B >=,B <=) on the following columns: created_on, updated_on, dob.

Path: api/v1/users/domain/:domain

Kind: static method of UsersDomain

Kind: global class

• User
  • .delete(id, authorization_bearer)
  • .removeGroupInheritance(id, inheritgroupid, inheritgrouptype, authorization_bearer)
  • .addGroupInheritance(id, inheritgroupid, inheritgrouptype, authorization_bearer)
  • .editUserDataPropertyValue(id, property, value, authorization_bearer)
  • .editPropertyValue(id, property, value, authorization_bearer)
  • .editUserDataProperty(body, id, property, authorization_bearer)
  • .editProperty(body, id, property, authorization_bearer)
  • .edit(body, id, authorization_bearer)
  • .getProperty(id, property, authorization_bearer)
  • .get(id, authorization_bearer)

delete - Delete a user by it's Id.

Path: api/v1/user/id/:id

Kind: static method of User

removeGroupInheritance - Remove a user from a group.

Path: api/v1/user/id/:id/inheritance/group/:inheritgroupid/type/:inheritgrouptype

Kind: static method of User

addGroupInheritance - Add a user to a group.

Path: api/v1/user/id/:id/inheritance/group/:inheritgroupid/type/:inheritgrouptype

Kind: static method of User

editUserDataPropertyValue - Edit a current user's property data as a path param.

Path: api/v1/user/id/:id/property/userdata/:property/:value

Kind: static method of User

editPropertyValue - Edit a current user's property data as a path param.

Path: api/v1/user/id/:id/property/:property/:value

Kind: static method of User

editUserDataProperty - Edit a user's property by id.

Path: api/v1/user/id/:id/property/userdata/:property

Kind: static method of User

Example
body

asdfasdf

editProperty - Edit a user's property by id.

Path: api/v1/user/id/:id/property/:property

Kind: static method of User

Example
body

user6

edit - Edit a user's by id.

Path: api/v1/user/id/:id

Kind: static method of User

Example
body

{
	"username" : "user6",
	"password" : "Awickednewawesomepasword4242!@"
}

getProperty - Get a user's property by it's id.

Path: api/v1/user/id/:id/property/:property

Kind: static method of User

get - Get a user by it's id.

Path: api/v1/user/id/:id

Kind: static method of User

Kind: global class

• UserDomain
  • .delete(domain, id, authorization_bearer)
  • .removeGroupInheritance(domain, id, inheritgroupid, inheritgrouptype, authorization_bearer)
  • .addGroupInheritance(domain, id, inheritgroupid, inheritgrouptype, authorization_bearer)
  • .editUserDataPropertyValue(domain, id, property, value, authorization_bearer)
  • .editPropertyValue(domain, id, property, value, authorization_bearer)
  • .editUserDataProperty(body, domain, id, property, authorization_bearer)
  • .editProperty(body, domain, id, property, authorization_bearer)
  • .edit(body, domain, id, authorization_bearer)
  • .getProperty(domain, id, property, authorization_bearer)
  • .get(domain, id, authorization_bearer)

delete - Delete a user by it's Id.

Path: api/v1/user/domain/:domain/id/:id

Kind: static method of UserDomain

removeGroupInheritance - Remove a user from a group.

Path: api/v1/user/domain/:domain/id/:id/inheritance/group/:inheritgroupid/type/:inheritgrouptype

Kind: static method of UserDomain

addGroupInheritance - Add a user to a group.

Path: api/v1/user/domain/:domain/id/:id/inheritance/group/:inheritgroupid/type/:inheritgrouptype

Kind: static method of UserDomain

editUserDataPropertyValue - Edit a current user's property data as a path param.

Path: api/v1/user/domain/:domain/id/:id/property/userdata/:property/:value

Kind: static method of UserDomain

editPropertyValue - Edit a current user's property data as a path param.

Path: api/v1/user/domain/:domain/id/:id/property/:property/:value

Kind: static method of UserDomain

editUserDataProperty - Edit a user's property by id.

Path: api/v1/user/domain/:domain/id/:id/property/userdata/:property

Kind: static method of UserDomain

Example
body

asdfasdf asdf

editProperty - Edit a user's property by id.

Path: api/v1/user/domain/:domain/id/:id/property/:property

Kind: static method of UserDomain