Added admin mode, read only status for inactive accounts, and resuce verification
This commit is contained in:
+11
-11
@@ -147,8 +147,8 @@ Integration tokens use the same bearer-token header format, but they are created
|
||||
Workspace roles used by protected endpoints:
|
||||
|
||||
- `owner`
|
||||
- `manager`
|
||||
- `staff`
|
||||
- `assistant`
|
||||
- `caregiver`
|
||||
- `viewer`
|
||||
|
||||
Role requirements are called out per endpoint below. If the signed-in member lacks permission, the API returns:
|
||||
@@ -250,7 +250,7 @@ Role requirements are called out per endpoint below. If the signed-in member lac
|
||||
|
||||
- Dates use `YYYY-MM-DD`
|
||||
- `workspaceType` is `standard` or `rescue`
|
||||
- member `role` is `owner`, `manager`, `staff`, or `viewer`
|
||||
- member `role` is `owner`, `assistant`, `caregiver`, or `viewer`
|
||||
- bird `gender` is `unknown`, `male`, or `female`
|
||||
- bird `chartColor` must be a `#RRGGBB` hex color
|
||||
- `photoDataUrl` must be a base64 `data:image/...` URL
|
||||
@@ -613,7 +613,7 @@ Response `200`:
|
||||
|
||||
#### `PUT /api/workspace`
|
||||
|
||||
Requires auth with write access and role `owner` or `manager`. Updates the active workspace.
|
||||
Requires auth with write access and role `owner` or `assistant`. Updates the active workspace.
|
||||
|
||||
Request body:
|
||||
|
||||
@@ -648,7 +648,7 @@ Response `200`:
|
||||
|
||||
#### `POST /api/workspace/members`
|
||||
|
||||
Requires auth with write access and role `owner` or `manager`. Invites or upserts a workspace member.
|
||||
Requires auth with write access and role `owner` or `assistant`. Invites or upserts a workspace member.
|
||||
|
||||
Request body:
|
||||
|
||||
@@ -670,7 +670,7 @@ Response `201`:
|
||||
|
||||
#### `DELETE /api/workspace/members/:memberId`
|
||||
|
||||
Requires auth with write access and role `owner` or `manager`. Removes a non-owner member.
|
||||
Requires auth with write access and role `owner` or `assistant`. Removes a non-owner member.
|
||||
|
||||
Response `204` with no body.
|
||||
|
||||
@@ -694,7 +694,7 @@ Response `200`:
|
||||
|
||||
#### `POST /api/birds`
|
||||
|
||||
Requires auth with write access and role `owner`, `manager`, or `staff`. Creates a bird.
|
||||
Requires auth with write access and role `owner`, `assistant`, or `caregiver`. Creates a bird.
|
||||
|
||||
Request body:
|
||||
|
||||
@@ -732,7 +732,7 @@ Possible errors:
|
||||
|
||||
#### `PUT /api/birds/:birdId`
|
||||
|
||||
Requires auth with write access and role `owner`, `manager`, or `staff`. Updates a bird.
|
||||
Requires auth with write access and role `owner`, `assistant`, or `caregiver`. Updates a bird.
|
||||
|
||||
Request body matches `POST /api/birds`.
|
||||
|
||||
@@ -751,7 +751,7 @@ Possible errors:
|
||||
|
||||
#### `DELETE /api/birds/:birdId`
|
||||
|
||||
Requires auth with write access and role `owner`, `manager`, or `staff`. Deletes a bird.
|
||||
Requires auth with write access and role `owner`, `assistant`, or `caregiver`. Deletes a bird.
|
||||
|
||||
Response `204` with no body.
|
||||
|
||||
@@ -779,7 +779,7 @@ Response `200`:
|
||||
|
||||
#### `POST /api/birds/:birdId/weights`
|
||||
|
||||
Requires auth with write access and role `owner`, `manager`, or `staff`. Creates a weight entry.
|
||||
Requires auth with write access and role `owner`, `assistant`, or `caregiver`. Creates a weight entry.
|
||||
|
||||
Request body:
|
||||
|
||||
@@ -820,7 +820,7 @@ Response `200`:
|
||||
|
||||
#### `POST /api/birds/:birdId/vet-visits`
|
||||
|
||||
Requires auth with write access and role `owner`, `manager`, or `staff`. Creates a vet visit.
|
||||
Requires auth with write access and role `owner`, `assistant`, or `caregiver`. Creates a vet visit.
|
||||
|
||||
Request body:
|
||||
|
||||
|
||||
Reference in New Issue
Block a user