Versions Compared

Version Old Version 7 New Version 8
Changes made by

Wissam El-Khoury

Wissam El-Khoury

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Introduction

...

Code Block
languagebash
titleURAC Installation
linenumberstrue
# go to soajs directory
cd /opt/soajs/node_modules

# install urac
npm install soajs.urac

# go to urac directory
cd /opt/soajs/node_modules/soajs.urac
# export necessary environment variables
export SOAJS_PROFILE=/opt/soajs/node_modules/soajs.utilities/data/getStarted/profile.js
export SOAJS_ENV=test
export SOAJS_SRVIP=127.0.0.1

# run urac
node .

URAC is now running on http://127.0.0.1:4001 and will be used to login with different users. Therefore, its maintenance port is 5001.

Next, a heartbeat request is sent to check the health of the URAC service.

Code Block
languagebash
titleURAC heartbeat
linenumberstrue
curl -X GET "http://127.0.0.1:5001/heartbeat"

...

Code Block
languagebash
linenumberstrue
# go to correct directory
cd /opt/soajs/node_modules/soajs.examples/example03/

# export necessary environment variables
export SOAJS_PROFILE=/opt/soajs/node_modules/soajs.utilities/data/getStarted/profile.js
export SOAJS_ENV=test
export SOAJS_SRVIP=127.0.0.1

# start service
node .

The service is now running and listens on port 4012. Therefore, its maintenance port is 5012.

Next, a heartbeat request is sent to check the health of the service.

Code Block
languagebash
linenumberstrue
curl -X GET "http://127.0.0.1:5012/heartbeat"

...

Code Block
languagejs
titleResponse
linenumberstrue
{"result": true,"data": {"tenantName": "Client One","fullName": "John Smith"},"soajsauth": "Basic c29hanM6czAxOXI0OGxIa2RLV0Q0RXlHN2l0SWpidHZWbVo5R1g3R3A="}

Clearly, the response generated proves that the second application has access to the API, and the response came back with a positive result to the tenant's query.

...

UsertenantOverrides PackageOverrides TenantbuildNametestGetCustom Tenant Information
User1Tenant1NONONONONA
User2Tenant1YESNOYESYESChanges the tenant name
User3Tenant1NOYESYESNOChanges the tenant name

The above table shows three users. Each user has the ability to override the permissions their tenant, and its attributed package.
The examples that follow aim to present how a user can override the ACL permissions of the tenant it belongs to AND/OR the package that the tenant is using.

In addition to that, the examples will show that the user also has the ability to change these configurations, which, in this case, is "tenant name".

User1 Tests

URAC Login

Before using the service APIs, a user must be authenticated to the service. Each of the three users has a password. The first step would be to login to URAC

...

The corresponding response prove the above statement. User2 overrode the package ACL and obtained full access to the service's APIs

Code Block
languagejs
titleResponse
linenumberstrue
{"result":true,"data":{"firstName":"John","lastName":"Smith"},"soajsauth":"Basic c29hanM6QzAyWWNjQXdaSDBYSnhTMkJ5ejAzZG5RZ1BOdXFFd0d4UmM="}

...