'''Service Provider Person''' > '''Reseller Employee''' > '''Customer Employee''' > '''Reseller Person''' and '''Customer Person'''
The further down you go, the less rights you have a person has (this is currently independent from any existing roles, as these have not been finalized yet).
=== Service Provider Person (SPP) ===
==== Service Provider Person (SPP) Rights ====
A Service Provider Person can just about do anything. The following rights are unique for a Service Provider Person (SPP):
* SPP.000000: '''Create a reseller''': Can create a reseller.* SPP.010001: '''Retrieve all resellers''': Can retrieve all resellers.* SPP.020002: '''Retrieve a reseller''': Can retrieve a reseller.* SPP.030003: '''Update a reseller:''' Can update a reseller.* SPP.040004: '''Partly Update a reseller''': Can partly update a reseller.* SPP.050005: '''Delete reseller''': Can delete a reseller (if no customers, people or services are linked to the reseller).* SPP.060006: '''Create a person''': Can create a person (and make them a super user, an employee of one or more reseller(s) and an employee of one or more reseller(s)).* SPP.070007: '''Retrieve all people''': Can retrieve all people.* SPP.080008: '''Retrieve a person''': Can retrieve a person.* SPP.090009: '''Update a person:''' Can update a person (including making them a super user, an employee of one or more reseller(s) and an employee of one or more reseller(s)).* SPP.100010: '''Partly Update a person''': Can partly update a person.* SPP.110011: '''Delete person''': Can delete a person (if no services are linked to the person).
=== Reseller Employee (RE) ===
==== Reseller Employee (RE) Rights ====
Sees the reseller they belong to, themselves, their own customers, people and their services. The following rights exist for a Reseller Employee (RE) and a Service Provider Person (SPP):
* RE.000000: '''Retrieve some resellers''': Can retrieve the reseller(s) they are an employee of.* RE.010001: '''Retrieve a reseller''': Can retrieve one of the reseller(s) they are an employee of.* RE.020002: '''Update a reseller:''' Can update one of the reseller(s) they are an employee of.* RE.030003: '''Partly Update a reseller''': Can partly update one of the reseller(s) they are an employee of.
* RE.040004: '''Create a customer''': Can create a customer.* RE.050005: '''Retrieve all customers''': Can retrieve all their customers.* RE.060006: '''Retrieve a customer''': Can retrieve one of their customers.* RE.070007: '''Update a customer:''' Can update one of their customers.* RE.080008: '''Partly Update a customer''': Can partly update one of their customers.* RE.090009: '''Delete customer''': Can delete one of their customers (if no people or services are linked to the customer).
* RE.100010: '''Create a person''': Can create a person (including making them an employee of their reseller(s) and of their customer(s)).* RE.110011: '''Retrieve all people''': Can retrieve all their people (of their reseller(s) and their customer(s)).* RE.120012: '''Retrieve a person''': Can retrieve one of their people (of their reseller(s) and their customer(s)).* RE.130013: '''Update a person:''' Can update a person (including making them an employee of their reseller(s) and of their customer(s)).* RE.140014: '''Partly Update a person''': Can partly update a person.* RE.150015: '''Delete person''': Can delete a person (if no services are linked to the person).
=== Customer Employee (CE) ===
==== Customer Employee (CE) Rights ====
Sees the customer they belong to, themselves, their own people and their services. The following rights exist for a Customer Employee (CE), a Reseller Employee (RE) and a Service Provider Person (SPP):
* CE.000000: '''Retrieve some customers''': Can retrieve the customer(s) they are an employee of.* CE.010001: '''Retrieve a customer''': Can retrieve one of the customer(s) they are an employee of.* CE.020002: '''Update a customer:''' Can update one of the customer(s) they are an employee of.* CE.030003: '''Partly Update a customer''': Can partly update one of the customer(s) they are an employee of.
* CE.040004: '''Create a person''': Can create a person (including making them an employee of their customer(s)).* CE.050005: '''Retrieve all people''': Can retrieve all their people (of their customer(s)).* CE.060006: '''Retrieve a person''': Can retrieve one of their people (of their customer(s)).* CE.070007: '''Update a person:''' Can update a person (including making them an employee of their customer(s)).* CE.080008: '''Partly Update a person''': Can partly update a person.* CE.090009: '''Delete person''': Can delete a person (if no services are linked to the person).
=== Reseller Person (P) and Customer Person (P) ===
| Bad Request
| The request was invalid. A descriptive error message will be sent within the response body.
|-
| 401
| Unauthorized
| The client has failed or not yet tried to authenticate.
|-
| 403
| Forbidden
| The client is not allowed to access the requested resource.
|-
|-
| 401409| UnauthorizedResource Conflict| The client has failed or not yet tried to authenticate. |-| 403| Forbidden| The client is not allowed to access State of the requested resourcedoesn't permit request.
|-
{
"error": {
"module": "core", "code": 123422, "message": "Validation failedThe request was well-formed but was unable to be followed due to semantic errors."
"details" : [
{
"module": "core", "code" : 54321006, "field" : "firstNameisCompany", "message" : "First name cannot is invalid, true or false will be longer than 35 charactersaccepted"
},
{
"module": "core",
"code" : 5123,
"field" : "password",
* the service must recognize <code>ETag</code>, <code>Last-Modified</code> and <code>Cache-Control: none</code> provided by the client and act accordingly.
* every answer to a GET request must include proper <code>Cache-Control</code> headers
* every PUT and PATCH request to update an object must include the <code>ETag</code> provided by the <code>GET</code> request to fetch the object initially. The API must respond with an <code>428 (Precondition Required)</code> if the ETag is missing.
''Implementation notes'':
=== Input validations ===
The service validates all input it receives from a client and returns a <code>422</code> (Unprocessable Entity) HTTP [[#Error_codes_and_responses|status code together with a descriptive error object]] in case of an input violation (but well-formed JSON). In case a client passes invalid JSON (a JSON parser is unable to parse the JSON string), the service returns a <code >400</code> (Bad Request) HTTP [[#Error_codes_and_responses|status code together with a descriptive error object]]containing the JSON parser error message.
= Notes =