Granting queue access rights
This request allows you to set up queue access permissions.
PATCH
https://api.tracker.yandex.net/v3/queues/<queue_ID>/permissions
Query format
Before making a request, get permission to access the API.
To set up queue access permissions, use an HTTP PATCH
request. In the request body, specify the parameters in JSON format.
PATCH /v3/queues/<queue_ID>/permissions
Host: api.tracker.yandex.net
Authorization: OAuth <OAuth_token>
X-Org-ID or X-Cloud-Org-ID: <organization_ID>
{
"create": {
"groups": [<group_1_ID>, <group_2_ID>]
},
"write": {
"users": {
"remove": ["<user_1_username>", "<user_2_ID>"]
},
"groups": {
"add":[<group_1_ID>]
},
"roles": {
"add":["author", "assignee"]
}
},
"read": {
"groups": {
"add":[<group_3_ID>]
},
"roles": {
"add":["follower"]
}
},
"grant": {
"users": {
"remove": ["<user_4_account_ID>", "<user_2_ID>"]
},
},
}
Headers
-
Host
: Address of the node that provides the API. -
Authorization
: Authorization token about these formats:-
OAuth <OAuth_token>
: For authorization using the OAuth 2.0 protocol. Learn more -
Bearer <IAM_token>
: For authorization using an IAM token, if a Yandex Cloud Organization organization is linked to Tracker. Learn more
-
-
X-Org-ID
orX-Cloud-Org-ID
: Organization ID.-
Use the
X-Org-ID
header if a Tracker organization is linked to Yandex 360 for Business. -
Use the
X-Cloud-Org-ID
header if a Tracker organization is linked to Yandex Cloud Organization.
To get the organization ID, go to Administration → Organizations and copy the value from the ID field.
-
Resource
Parameter | Description | Data type |
---|---|---|
<queue_ID> | Queue ID or key. The queue key is case-sensitive. | String |
Request body parameters
The request body contains information required for access management.
Acceptable request body object fields
Specify at least one of the following fields in your request:
Parameter | Description | Data type |
---|---|---|
create | Permissions to create issues in a queue | Map item |
write | Permissions to edit issues in a queue | Map item |
read | Permissions to read issues in a queue | Map item |
grant | Permissions to update queue settings | Map item |
Acceptable object fields that permissions apply to
Each of the request body fields contains a list of users, groups, and roles that the respective permission action applies to. Specify at least one of the following fields in the list:
Parameter | Description | Data type |
---|---|---|
users | User list | Object or array of elements |
groups | Group list | Object or array of elements |
roles | Role list | Object or array of elements |
Acceptable object field values that permissions apply to
In each field, you can specify either an array of IDs or an object:
- If an array of IDs is set, permissions for the specified resources will be created or overridden as requested.
- If an object is set, permissions will be added or revoked based on the specified key:
Key | Description | Data type |
---|---|---|
add | Add a permission | Array of elements |
remove | Revoke a permission | Array of elements |
Acceptable IDs
Resource type |
ID |
Description |
Data type |
users |
login |
Username. |
String |
uid |
Unique ID of the user account in Tracker. |
Number |
|
passportUid |
Unique ID of the user account in the Yandex 360 for Business organization and Yandex ID. |
Number |
|
cloudUid |
Unique user ID in Yandex Cloud Organization. |
String |
|
trackerUid |
Unique ID of the user account in Tracker. |
Number |
|
groups |
id |
Group ID. You can get group IDs using the |
Number |
roles |
role_id |
Role ID:
|
String |
Example 1: Grant permissions to create and edit issues in a queue with the
TESTQUEUE
key to the user nameduser1
.
- The HTTP
PATCH
method is used.- The permissions are granted to
user1
in theTESTQUEUE
.- As a result of the request, the user's current queue permissions will be overridden.
PATCH /v3/queues/TESTQUEUE/permissions HTTP/1.1 Host: api.tracker.yandex.net Authorization: OAuth <OAuth token> X-Org-ID or X-Cloud-Org-ID: <organization_ID> { "create": { "users": ["user1"] }, "write": { "users": ["user1"] } }
Example 2: Grant permission to set up a queue with the
TESTQUEUE
key touser1
and revoke the same permission from the user whose unique ID is12********
.
- The HTTP
PATCH
method is used.- The
TESTQUEUE
setup permission is granted touser1
.- The
TESTQUEUE
setup permission is revoked from the user with the12********
ID.
PATCH /v3/queues/TESTQUEUE/permissions HTTP/1.1 Host: api.tracker.yandex.net Authorization: OAuth <OAuth_token> X-Org-ID or X-Cloud-Org-ID: <organization_ID> { "grant": { "users": { "add":["user1"], "remove":['12********'] } } }
Response format
{
"self": "https://api.tracker.yandex.net/v3/queues/TESTQUEUE/permissions",
"version": 11,
"create": {
"self": "https://api.tracker.yandex.net/v3/queues/TESTQUEUE/permissions/create",
"users": [
{ "self": "https://api.tracker.yandex.net/v3/users/98********", "id": "98********", "display": "User 1", "cloudUid": "ajej6h7nffmtaf*****", "passportUid": 98******** }
],
"roles": [
{ "self": "https://api.tracker.yandex.net/v3/roles/author", "id": "author", "display": "Author" },
{ "self": "https://api.tracker.yandex.net/v3/roles/queue-lead", "id": "queue-lead", "display": "Queue owner" },
{ "self": "https://api.tracker.yandex.net/v3/roles/assignee", "id": "assignee", "display": "Assignee" }
]
},
"write": {
"self": "https://api.tracker.yandex.net/v3/queues/TESTQUEUE/permissions/write",
"users": [
{ "self": "https://api.tracker.yandex.net/v3/users/98********", "id": "98********", "display": "User 1", "cloudUid": "ajej6h7nffmtaf*****", "passportUid": 98******** }
],
"roles": [
{ "self": "https://api.tracker.yandex.net/v3/roles/author", "id": "author", "display": "Author" },
{ "self": "https://api.tracker.yandex.net/v3/roles/queue-lead", "id": "queue-lead", "display": "Queue owner" },
{ "self": "https://api.tracker.yandex.net/v3/roles/assignee", "id": "assignee", "display": "Assignee" }
]
},
"grant": {
"self": "https://api.tracker.yandex.net/v3/queues/TESTQUEUE/permissions/grant",
"users": [
{ "self": "https://api.tracker.yandex.net/v3/users/98********", "id": "98********", "display": "User 1", "cloudUid": "ajej6h7nffmtaf*****", "passportUid": 98******** }
],
"roles": [
{ "self": "https://api.tracker.yandex.net/v3/roles/author", "id": "author", "display": "Author" },
{ "self": "https://api.tracker.yandex.net/v3/roles/queue-lead", "id": "queue-lead", "display": "Queue owner" },
{ "self": "https://api.tracker.yandex.net/v3/roles/assignee", "id": "assignee", "display": "Assignee" }
]
}
}
Response parameters
Parameter | Description | Data type |
---|---|---|
self | Link to the object with granted queue access permissions | String |
version | Version number | Number |
create | Permissions to create issues in a queue | Object |
write | Permissions to edit issues in a queue | Object |
read | Permissions to read issues in a queue | Object |
grant | Permissions to update queue settings | Object |
If the request is processed incorrectly, the API returns a response with an error code:
- 404
- The requested object was not found. You may have specified an invalid object ID or key.