Membership Tutorial

MES system has a concept of bureau. Every user who uses the MES system must belong to a group in the bureau. The membership in the group grants the user permission to use all of the features of the MES system. To belong to a group is to have membership to the group. To know more about memberships, please refer to user Permissions Tutorial.

In order to make this process easier MES provides two types of resources: /membership-bureau/ and /membership-location/, which adds a user to a group.

Only admin users with specific permissions can grant membership to a bureau or to a location.

Let us see what are the rights that an admin must have:

GET https://users.authentise.com/permission/?
    filter[namespace]=erp
    &filter[holder]=https://users.authentise.com/users/00000000-0000-0000-0000-0000000-ADMIN/

{
    "resources" : [{
        "holder"    : "https://users.authentise.com/users/00000000-0000-0000-0000-0000000-ADMIN/",
        "namespace" : "erp",
        "object"    : "https://erp.authentise.com/bureau/00000000-0000-0000-0000-000000bureau/",
        "right"     : "bureau.membership.all",
        "uri"       : "https://users.authentise.com/permissions/5190dc45-eece-4ecf-af8e-f45dcd57e694/"
     }, {
        "holder"    : "https://users.authentise.com/users/00000000-0000-0000-0000-0000000-ADMIN/",
        "namespace" : "erp",
        "object"    : "https://erp.authentise.com/location/00000000-0000-0000-0000-000000location/",
        "right"     : "location.membership.all",
        "uri"       : "https://users.authentise.com/permissions/a9873028-eece-4ecf-af8e-847364738473/"
     }]
}

We see that the admin has two rights: bureau.membership.all on the bureau and location.membership.all on the location.

Membership on Bureau

We just saw that the admin has the bureau.membership.all right on the bureau. Now he will be able to give membership to a user to belong to the bureau group.

In order to add a user to a bureau’s group you would perform the action below. In this example the user has the URI https://users.authentise.com/users/00000000-0000-0000-0000-0000000-USER/:

POST https://erp.authentise.com/membership-bureau/
Content-Type: application/json

{
    "bureau"    : https://erp.authentise.com/bureau/00000000-0000-0000-0000-000000bureau/
    "user"      : https://users.authentise.com/users/00000000-0000-0000-0000-00000-USER/
}
Location: https://erp.authentise.com/membership-bureau/MEMBERSHIP-FOR-THE-USER-0000/

Now the user belongs to the bureau. Now he can use the features of the services that MES provides for the bureau.

Membership on Location

We also saw that the admin has location.membership.all right on the location. Now he will be able to grant membership to any user to belong to the location group.

In order to add a user to a location’s group you would perform the action below. In this example the user has the URI https://users.authentise.com/users/00000000-0000-0000-0000-0000000-USER/

POST https://erp.authentise.com/membership-location/
Content-Type: application/json

{
    "location"    : https://erp.authentise.com/location/00000000-0000-0000-0000-000000location/
    "user"      : https://users.authentise.com/users/00000000-0000-0000-0000-00000-USER/
}
Location: https://erp.authentise.com/membership-location/MEMBERSHIP-FOR-THE-USER-0000/

Now the user belongs to the location. Now he can use the features of the services that MES provides for the location.

To see how to give permissions to a user please refer to: Permission Tutorial (Legacy). And for creating resources in MES Tutorial and Reference.