Grant queue access rights
This request allows you to set up queue access permissions.
Request format
Before making a request, get permission to access the API.
To set up queue access permissions, use an HTTP PATCH
request. Request parameters are provided in the request body in JSON format.
PATCH /v2/queues/<queue_ID_or_key>/permissions
Host: https://api.tracker.yandex.net
Authorization: OAuth <OAuth_token>
X-Org-ID: <organization ID>
{
"create": {
"groups": [<group_1_ID>, <group_2_ID>]
},
"write": {
"users": {
"remove": ["<user_1_username>", "<user_2_ID>"]
},
"groups": {
"add":[<group_1_ID>]
},
"roles": {
"add":["author", "assignee"]
}
},
"read": {
"groups": {
"add":[<group_3_ID>]
},
"roles": {
"add":["follower"]
}
},
"grant": {
"users": {
"remove": ["<user_4_account_ID>", "<user_2_ID>"]
},
},
}
Headers
-
Host
Address of the node that provides the API:
https://api.tracker.yandex.net
-
Authorization
OAuth token in
OAuth <OAuth_token>
format, e.g.:OAuth 0c4181a7c2cf4521964a72ff********
-
X-Org-ID or X-Cloud-Org-ID
Organization ID. You can find it out on the Tracker organizations page
.- If a Yandex 360 for Business organization is the only one linked to Tracker, the
X-Org-ID
header is used. - If a Yandex Cloud Organization organization is the only one linked to Tracker, the
X-Cloud-Org-ID
header is used. - If both Yandex 360 for Business and Yandex Cloud Organization organizations are linked to Tracker at the same time, the
X-Org-ID
header and the Yandex 360 for Business organization ID are used.
- If a Yandex 360 for Business organization is the only one linked to Tracker, the
Resource
Parameter | Description | Data type |
---|---|---|
<queue_ID_or_key> | Queue ID or key. The queue key is case-sensitive. | String |
Request body parameters
The request body contains information required for access management.
Acceptable request body object fields
Specify at least one of the following fields in your request:
Parameter | Description | Data type |
---|---|---|
create | Permissions to create issues in a queue | Object |
write | Permissions to edit issues in a queue | Object |
read | Permissions to read issues in a queue | Object |
grant | Permissions to update queue settings | Object |
Acceptable object fields that permissions apply to
Each of the request body fields contains a list of users, groups, and roles that the respective permission action applies to. Specify at least one of the following fields in the list:
Parameter | Description | Data type |
---|---|---|
users | User list | Object or array of elements |
groups | Group list | Object or array of elements |
roles | Role list | Object or array of elements |
Acceptable object field values that permissions apply to
In each field, you can specify either an array of IDs or an object:
- If an array of IDs is set, permissions for the specified resources will be created or overridden as requested.
- If an object is set, permissions will be added or revoked based on the specified key:
Key | Description | Data type |
---|---|---|
add | Add a permission | Array of elements |
remove | Revoke a permission | Array of elements |
Acceptable IDs
Resource type | ID | Description | Data type |
---|---|---|---|
users | uid | Unique ID of the user Tracker account. | Number |
passportUid | Unique ID of the user account in the Yandex 360 for Business organization and Yandex ID. | Number | |
login | User's login. | String | |
cloudUid | User unique ID in Yandex Cloud Organization. | String | |
trackerUid | Unique ID of the user Tracker account. | Number | |
groups | id | Group ID | Number |
roles | role_id | Role ID | String |
Note
Role IDs include:
author
: Authorassignee
: Assigneefollower
: Followeraccess
: With the right of access
You can get group IDs using the https://api.tracker.yandex.net/v2/groups
request.
Example 1: Grant permissions to create and edit issues in a queue with the
TESTQUEUE
key to the user nameduser1
.
- The HTTP
PATCH
method is used.- The permissions are granted to
user1
in theTESTQUEUE
.- As a result of the request, the user's current queue permissions will be overridden.
PATCH /v2/queues/TESTQUEUE/permissions HTTP/1.1 Host: https://api.tracker.yandex.net Authorization: OAuth <OAuth token> X-Org-ID: <organization ID> { "create": { "users": ["user1"] }, "write": { "users": ["user1"] } }
Example 2: Grant permission to set up a queue with the
TESTQUEUE
key touser1
and revoke the same permission from the user whose unique ID is12********
.
- The HTTP
PATCH
method is used.- The
TESTQUEUE
setup permission is granted touser1
.- The
TESTQUEUE
setup permission is revoked from the user with the12********
ID.PATCH /v2/queues/TESTQUEUE/permissions HTTP/1.1 Host: https://api.tracker.yandex.net Authorization: OAuth <OAuth_token> X-Org-ID: <organization ID> { "grant": { "users": { "add":["user1"], "remove":['12********'] } } }
Response format
{
"self": "https://https://api.tracker.yandex.net/v2/queues/TESTQUEUE/permissions",
"version": 11,
"create": {
"self": "https://https://api.tracker.yandex.net/v2/queues/TESTQUEUE/permissions/create",
"users": [
{ "self": "https://https://api.tracker.yandex.net/v2/users/98********", "id": "98********", "display": "User 1", "cloudUid": "ajej6h7nffmtaf*****", "passportUid": 98******** }
],
"roles": [
{ "self": "https://https://api.tracker.yandex.net/v2/roles/author", "id": "author", "display": "Author" },
{ "self": "https://https://api.tracker.yandex.net/v2/roles/queue-lead", "id": "queue-lead", "display": "Queue owner" },
{ "self": "https://https://api.tracker.yandex.net/v2/roles/assignee", "id": "assignee", "display": "Assignee" }
]
},
"write": {
"self": "https://https://api.tracker.yandex.net/v2/queues/TESTQUEUE/permissions/write",
"users": [
{ "self": "https://https://api.tracker.yandex.net/v2/users/98********", "id": "98********", "display": "User 1", "cloudUid": "ajej6h7nffmtaf*****", "passportUid": 98******** }
],
"roles": [
{ "self": "https://https://api.tracker.yandex.net/v2/roles/author", "id": "author", "display": "Author" },
{ "self": "https://https://api.tracker.yandex.net/v2/roles/queue-lead", "id": "queue-lead", "display": "Queue owner" },
{ "self": "https://https://api.tracker.yandex.net/v2/roles/assignee", "id": "assignee", "display": "Assignee" }
]
},
"grant": {
"self": "https://https://api.tracker.yandex.net/v2/queues/TESTQUEUE/permissions/grant",
"users": [
{ "self": "https://https://api.tracker.yandex.net/v2/users/98********", "id": "98********", "display": "User 1", "cloudUid": "ajej6h7nffmtaf*****", "passportUid": 98******** }
],
"roles": [
{ "self": "https://https://api.tracker.yandex.net/v2/roles/author", "id": "author", "display": "Author" },
{ "self": "https://https://api.tracker.yandex.net/v2/roles/queue-lead", "id": "queue-lead", "display": "Queue owner" },
{ "self": "https://https://api.tracker.yandex.net/v2/roles/assignee", "id": "assignee", "display": "Assignee" }
]
}
}
Response parameters
Parameter | Description | Data type |
---|---|---|
self | Link to the object with granted queue access permissions | String |
version | Version number | Number |
create | Permissions to create issues in a queue | Object |
write | Permissions to edit issues in a queue | Object |
read | Permissions to read issues in a queue | Object |
grant | Permissions to update queue settings | Object |
If the request is processed incorrectly, the API returns a response with an error code:
- 404
- The requested object was not found. You may have specified an invalid object ID or key.