admin
Child pages
  • SaveConfiguration
Skip to end of metadata
Go to start of metadata

Description

The SaveConfiguration API allows the Account Owner to set his/her account's global configuration options.

An account owner can define global level settings for his/her account such as:

  • Who can create new schemas (gate ACL at a global level for who can create new schemas)
  • Who can create new scripts (gate ACL at a global level for who can create new scripts)
  • Who can send email messages (gate ACL at a global level for who can send email messages)
  • Enable/Disable schema-less (no-schema) documents
  • Configure authentication tokens parameters (allow binding to referrer or not, default token expiry and lifetime, and maximum token expiry and lifetime)
  • Configure the P3P policy

An account owner can also define store level settings such as:

  • Who can save documents in the store 
  • Who can delete documents in the store
  • Who can get or download files from the store
  • Who can query data from the store

Specific Request Parameters

(Refer to Common Request Parameters)

Name

Description

Required

Default

Possible Values

apsdb.createSchemaACL

Users or groups who are allowed to create schemas on the owner’s account. Each new value will replace the existing one. An empty value will delete the existing value.

No

 

ACL predefined identifiers ("nobody”, “anonymous", "authenticated-users", "creator") or users or groups

apsdb.createScriptACL

Users or groups allowed to create/update scripts on the owner’s account. Each new value will replace the existing one. An empty value will delete the existing value.

No

 

ACL predefined identifiers ("nobody”, “anonymous", "authenticated-users", "creator") or users or groups

apsdb.sendEmailACL

Users or groups allowed to send email messages. Each new value will replace the existing one. An empty value will delete the existing value.

No

 

ACL predefined identifiers ("nobody”, “anonymous", "authenticated-users", "creator") or users or groups

apsdb.disableSchemalessDocs

A boolean specifying whether "schema-less" mode is disabled. Disabling "schema-less" mode implies that all users, except the owner, will not be allowed to create a document unless they specify a schema for it.

No

true

true or false

apsdb.[storeName].saveDocumentACL

Sets the users or groups who have access to the SaveDocument service. The ACL are applied per store sent in the [storeName] attribute. Each new value will replace the existing one.

No

 

ACL predefined identifiers ("nobody”, “anonymous", "authenticated-users", "creator") or users or groups

apsdb.[storeName].deleteDocumentACL

Sets the users or groups who have access to the DeleteDocument service.The ACL are applied per store sent in the [storeName] attribute.Each new value will replace the existing one.

No

 

ACL predefined identifiers ("nobody”, “anonymous", "authenticated-users", "creator") or users or groups

apsdb.[storeName].getFileACL

Sets the users or groups who have access to the GetFile service.The ACL are applied per store sent in the [storeName] attribute.Each new value will replace the existing one.

No

 

ACL predefined identifiers ("nobody”, “anonymous", "authenticated-users", "creator") or users or groups

apsdb.[storeName].queryACL

Sets the users or groups who have access to the Query service.The ACL are applied per store sent in the [storeName] attribute.Each new value will replace the existing one.

No

 

ACL predefined identifiers ("nobody”, “anonymous", "authenticated-users", "creator") or users or groups

apsdb.optionalBindReferrer

A boolean specifying whether binding a token to a referrer is optional or not. If the parameter is set to true, binding to a referrer is optional and it can be decided upon generation of the token. If it is set to false then the token will always be bound to a referrer even when specified otherwise upon token generation.

No

false

true or false

apsdb.defaultTokenExpires

The relative time in seconds after which the token expires and becomes unusable.

No

1800 seconds (30 minutes)

Relative time in seconds. It should always be less than or equal to apsdb.maximumTokenExpires.

apsdb.maximumTokenExpires

The maximum relative time in seconds that apsdb.defaultTokenExpires can be.

No

86400 seconds (24 hours)

Relative time in seconds. It should always be less or equal to apsdb.maximumTokenLifeTime and less or equal to 86400 seconds (24 hours).

apsdb.defaultTokenLifeTime

The relative time in seconds after which the token cannot be renewed. After the specified amount of time, a signature will be needed to be able to regenerate a new token.

No

7200 seconds (2 hours)

Relative time in seconds. It should always be less or equal to apsdb.maximumTokenLifeTime.

apsdb.maximumTokenLifeTime

The maximum relative time in seconds that apsdb.defaultTokenLifeTime can be.

No

604800 seconds (1 week)

Relative time in seconds. It should always be less or equal to 604800 seconds (one week).

apsdb.P3P

Sets the value of the P3P Compact Policy that will be returned in every response header.

No

 


CP='NID DSP ALL COR'
CP='IDC DSP COR IVAi IVDi OUR TST'
(for more details click here )

Notes:

The Platform for Privacy Preferences (P3P) header is used by sites to state how they collect and handle user data. Browsers that support P3P can provide an easy interface for users to understand the privacy policy of a given website, and can block content and behavior from being accessed by sites that do not protect the user's privacy. Newer versions of Internet Explorer, for example, will not allow access to secure sites that do not provide a valid P3P policy unless the user browsing the site adds it to his list of trusted sites. Internet explorer will also display an icon warning its users that they are accessing pages that do not publicize their privacy policy or do not respect any privacy concerns.

If set, the P3P compact policy will be sent in the header of every response. Note, however, that the apsdb.httpRespond() API call does not automatically set this header in the response. It is up to the developer to get (and set) the current P3P header value from the results of listConfiguration.

For ease of use, owners can set this header value in the Developer Workbench.

Specific Response Elements

(Refer to Common Response Elements)

Specific Logical Errors

(Refer to Common Logical Error Codes)

Error

Message

Status Code

CREATE_SCHEMA_ACL_REQUIRED

The create schema ACL was not sent in the request.

400

STORE_NOT_FOUND

The store sent in the request is not found.

404

INVALID_PARAMETER_VALUE

An invalid parameter value is sent in the request.

400

 

Examples

Sample Request

Request URL: http://sandbox.apstrata.com/apsdb/rest/[authenticationkey]/SaveConfiguration?apsws.time=[timestamp]&apsws.authSig=[signature]


POST parameters:

apsdb.createSchemaACL = [user_or_group]
apsdb.createScriptACL = [user_or_group]
apsdb.[storeName].saveDocumentACL = [user_or_group]
apsdb.[storeName].deleteDocumentACL = [user_or_group]
apsdb.[storeName].queryACL = [user_or_group]


Sample XML Response

Success XML:

<response xmlns="http://www.apstrata.com/services/schemas/apstrata_database_response.xsd">
    <metadata>
        <requestId>xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx</requestId>
        <status>success</status>       
    </metadata>
</response>


Failure XML:

<response xmlns="http://www.apstrata.com/services/schemas/apstrata_database_response.xsd">
    <metadata>
        <requestId>xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx</requestId>
        <status>failure</status>
        <errorCode>[errorCode]</errorCode>
        <errorDetail>[failMsg]</errorDetail>
    </metadata>
</response>


Sample JSON Response

{"response": {
    "metadata": {
        "requestId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
        "status": "success"
    }
}}

 

 

  • No labels