Site API

Use the Site API to get and set site configurations and site ACLs.

See Instabase API authorization and response conventions for authorization, success response, and error response convention details.

For the Site API, api_root defines where to route API requests for your Instabase instance:

import json, requests

api_root = "https://www.instabase.com/api/v1/site"

Get Site config

Use this API to return the list of site configuration and their current state.

This API can be invoked only by a site admin.

Request

headers = {"Authorization": "Bearer {0}".format(token)}
args = {
    "config_name": "RESTRICT_OAUTH_TOKEN_USAGE",
    "set_config": False
}
data = json.dumps(args)
resp = requests.post(api_root + "/config", headers=headers, data=data).json()

Valid configurations are:

  • RESTRICT_OAUTH_TOKEN_USAGE - Either 'True' or 'False'

  • RESTRICTED_UPLOAD_FILE_EXTENSIONS - A stringified JSON list of restricted file types. For example: '["exe", "app"]' prevents upload of files with .exe and .app extensions.

  • ALLOW_USER_UDF_EXECUTION - Either 'True' or 'False'

  • DISALLOW_PUBLIC_SUBSPACES - Either 'True' or 'False'

  • DISALLOW_USER_OWNED_REPOS - Either 'True' or 'False'

  • RESTRICT_REPO_MOUNTING - Either 'True' or 'False'

Response

{
	"status": "OK",
	"config_name": "RESTRICT_OAUTH_TOKEN_USAGE",
	"config_value": "true"
}

Set Site Config

Use this API to update the value of a site configuration. To unset a site config, set config_value to be ''.

Warning: Enable these configs only if you understand their effect on the platform. See Site Management guide.

This API can be invoked only by a site admin.

Request

headers = {"Authorization": "Bearer {0}".format(token)}
args = {
    "config_name": "RESTRICT_OAUTH_TOKEN_USAGE",
    "set_config": True,
    "config_value": "true"
}
data = json.dumps(args)
resp = requests.post(api_root + "/config", headers=headers, data=data).json()

Response

{
	"status": "OK"
}

Get Site ACLs

Use this API to get all the site ACLs granted to users or groups.

This API can be invoked only by a site admin.

Request

headers = {"Authorization": "Bearer {0}".format(token)}
resp = requests.get(api_root + "/acl", headers=headers).json()

Response

{
	"status": "OK",
	"perms": {
    	"site:execute_udf": [],
		"site:use_oauth_token": [],
		"site:manage_users": [
			{
				"type": "user",
				"name": "bob"
			}, {
				"type": "user",
				"name": "stuart"
			}
		],
		"site:manage_orgs": [
			{
				"type": "user",
				"name": "fred"
			}
		]
	}
}

Set Site ACLs

Use this API to grant or revoke site ACLs for users and groups.

This API can be invoked only by a site admin.

Request

headers = {"Authorization": "Bearer {0}".format(token)}

args = {
    "user_acls": [
		{
			"username": "bob",
			"action": "site:execute_udf",
			"is_allowed": True
		},
		{
			"username": "bob",
			"action": "site:use_oauth_token",
			"is_allowed": True
		},
		{
			"username": "stuart",
			"action": "site:execute_udf",
			"is_allowed": True
		},
		{
			"username": "fred",
			"action": "site:execute_udf",
			"is_allowed": False
		}
	],
	"group_acls": [
		{
			"group_name": "eng",
			"action": "site:manage_users",
			"is_allowed": True
		},
		{
			"group_name": "sales",
			"action": "site:manage_users",
			"is_allowed": False
		}
	]
}
data = json.dumps(args)
resp = requests.post(api_root + "/acl", headers=headers, data=data).json()

Valid actions are:

  • site:manage_users

  • site:manage_groups

  • site:manage_orgs

  • site:use_oauth_tokens

  • site:execute_udf

  • site:access_beta_apps

Response

If one or more users was not successfully added, more details are provided in error_details with a JSON dictionary that denotes which users failed to be added and why.

If successful:

{
  "status": "OK",
  "error_details": {
	  "user": {
		  "stuart": "User not found",
		  "fred": "Access denied"
	  },
	  "group": {
		  "sales": "Group not found"
	  }
  }
}

Get database tables setup status

Use this API to get the database tables setup status.

This API is invoked each time the admin page reloads.

Request

headers = {"Authorization": "Bearer {0}".format(token)}
args = {}
data = json.dumps(args)
resp = requests.get(api_root + "/db/setup_tables", headers=headers, data=data).json()

Response

If any required tables are missing in the database:

{
    "status": "OK",
    "is_setup": false
}

If successful:

{
    "status": "OK",
    "is_setup": true
}

Setup database tables

Use this API to setup database tables.

This API can be invoked only by a site admin.

Request

headers = {"Authorization": "Bearer {0}".format(token)}
args = {}
data = json.dumps(args)
resp = requests.post(api_root + "/db/setup_tables", headers=headers, data=data).json()

Response

If successful:

{
    "status": "OK",
}