To be able to upload, download and manage datasets in a seismic store subproject a user must be added/authorized in the subproject as admin or viewer. Only users with the role of subproject.admin are authorized to onboard users in a subproject. A user with read/write access in a subproject resource is authorized to read/write any datasets inside the subproject. Authorizations and user data access in seismic store are scoped at the subproject level. For example, a user can have read/write access to a subproject_01, read-only access to a subproject_02, and no access to a subproject_03. List of available roles in seismic store:
| Role | Authorization | Associated Entitlement Group Name |
|---|---|---|
| subproject.admin | read/write access and users management in the subproject | seistore.service.{tenant-name}.{subproject-name}.admin |
| subproject.viewer | read only access in the subproject | seistore.service.{tenant-name}.{subproject-name}.viewer |
- Required Role: subproject.admin
- Description: add a registered user in a seismic store subproject resource with the role of admin
- Notes: the user must be a member of the data partition users group (registered user)
# seistore users API call
curl -s -X PUT \"https://HOST/seistore-svc/api/v3/user\" \\
-H \"accept: application/json\" \\
-H \"Content-Type: application/json\" \\
-H \"Authorization: Bearer STOKEN\" \\
-d \" { \\\"email\\\": \\\"SUBPROJECT_USER_ADMIN\\\", \\\"path\\\": \\\"sd://TENANT_NAME/SUBPROJECT_NAME\\\", \\\"group\\\": \\\"admin\\\" } \"
# this api returns an empty response- Required Role: subproject.admin
- Description: add a registered user in a seismic store subproject resource with the role of the viewer
- Notes: the user must be a member of the data partition users group (registered user)
# seistore users API call
curl -s -X PUT \"https://HOST/seistore-svc/api/v3/user\" \\
-H \"accept: application/json\" \\
-H \"Content-Type: application/json\" \\
-H \"Authorization: Bearer STOKEN\" \\
-d \" { \\\"email\\\": \\\"SUBPROJECT_USER_VIEWER\\\", \\\"path\\\": \\\"sd://TENANT_NAME/SUBPROJECT_NAME\\\", \\\"group\\\": \\\"viewer\\\" } \"
# this api returns an empty response- Required Role: subproject.admin
- Description: delete a user in a seismic store subproject resource
# seistore users API call
curl -s -X DELETE \"https://HOST/seistore-svc/api/v3/user\" \\
-H \"accept: application/json\" \\
-H \"Authorization: Bearer STOKEN\" \\
-d \" { \\\"email\\\": \\\"SUBPROJECT_USER_VIEWER\\\", \\\"path\\\": \\\"sd://TENANT_NAME/SUBPROJECT_NAME\\\" } \"
# this api returns an empty response- Required Role: subproject.admin
- Description: list users in a seismic store subproject resource
# seistore users API call
curl -s -X GET \"https://HOST/seistore-svc/api/v3/user?sdpath=sd://TENANT_NAME/SUBPROJECT_NAME\" \\
-H \"accept: application/json\" \\
-H \"Authorization: Bearer STOKEN\" \\
-d \" { \\\"email\\\": \\\"SUBPROJECT_USER_VIEWER\\\", \\\"path\\\": \\\"sd://TENANT_NAME/SUBPROJECT_NAME\\\" } \"
# API response
[
[
\"testUserSeistoreAdmin@company.com\",
\"admin\"
]
]