Permissions
The permission system allows for restriction of various actions within Qubicle. Permissions are assigned by creating roles and then assigning those roles to recipients and queues.
| Permission | Description |
|---|---|
| call_monitor | Enables Eavesdrop / Whisper / Barge actions |
| queue_edit | Enables editing of queue settings |
| queue_add | Enables adding new queues |
| queue_remove | Enables deleting queues |
| queue_edit_membership | Enables editing of queue membership |
| queue_edit_managers | Enables editing of queue managers |
| logout_recipients | Enables logging out of other recipients |
| view_recipient_status | Enables viewing of other recipients’ status |
System Default Roles
Admin
| Permission | Default Value |
|---|---|
| call_monitor | enabled |
| queue_edit | enabled |
| queue_add | enabled |
| queue_remove | enabled |
| queue_edit_membership | enabled |
| queue_edit_managers | enabled |
| logout_recipients | enabled |
| view_recipient_status | enabled |
Manager
| Permission | Default Value |
|---|---|
| call_monitor | enabled |
| queue_edit | enabled |
| queue_add | disabled |
| queue_remove | disabled |
| queue_edit_membership | enabled |
| queue_edit_managers | enabled |
| logout_recipients | enabled |
| view_recipient_status | enabled |
Agent
| Permission | Default Value |
|---|---|
| call_monitor | disabled |
| queue_edit | disabled |
| queue_add | disabled |
| queue_remove | disabled |
| queue_edit_membership | disabled |
| queue_edit_managers | disabled |
| logout_recipients | disabled |
| view_recipient_status | disabled |
Permissions for queues
All permissions can be assigned either globally for a recipient, or on a per-queue basis. The ultimate permissions that a recipient will be granted for a specific queue are a merge of the globally assigned permissions and the queue specific permissions.
Listing all roles
GET /v2/accounts/{ACCOUNT_ID}/qubicle_roles
curl -v -H "X-Auth-Token: {AUTH_TOKEN}" -H "Content-Type: application/json" http://{SERVER}:8000/v2/accounts/{ACCOUNT_ID}/qubicle_roles{
"data":[
{"id": {ROLE_ID}, "name": {ROLE_NAME}},
{"id": {ROLE_ID2}, "name": {ROLE_NAME2}},
{"id": {ROLE_ID3}, "name": {ROLE_NAME3}}
],
"status":"success",
"request_id":"{REQUEST_ID}",
"auth_token":"{AUTH_TOKEN}"
}Creating a role
The following example shows how to create a role called “Monitor” and assign only the “call_monitor” permission.
PUT /v2/accounts/{ACCOUNT_ID}/qubicle_roles
curl -v -X PUT -H "X-Auth-Token: {AUTH_TOKEN}" -H "Content-Type: application/json" http://{SERVER}:8000/v2/accounts/{ACCOUNT_ID}/qubicle_roles/ -d '{"data":{"name": "Monitor", "permissions": ["call_monitor"]}'{
"data":{
"name":"Monitor"
"permissions":[
"call_monitor"
]
},
"status":"success",
"request_id":"{REQUEST_ID}",
"auth_token":"{AUTH_TOKEN}"
}Updating a role
The following example shows how to update the “Monitor” role and assign the “queue_edit” permission in addition to “call_monitor”.
POST /v2/accounts/{ACCOUNT_ID}/qubicle_roles
curl -v -X POST -H "X-Auth-Token: {AUTH_TOKEN}" -H "Content-Type: application/json" http://{SERVER}:8000/v2/accounts/{ACCOUNT_ID}/qubicle_roles/{ROLE_ID} -d '{"data":{"name": "Monitor", "permissions": ["call_monitor", "queue_edit"]}'{
"data":{
"name":"Monitor"
"permissions":[
"call_monitor",
"queue_edit"
]
},
"status":"success",
"request_id":"{REQUEST_ID}",
"auth_token":"{AUTH_TOKEN}"
}Deleting a role
The following example shows how to delete a role.
DELETE /v2/accounts/{ACCOUNT_ID}/qubicle_roles
curl -v -X DELETE -H "X-Auth-Token: {AUTH_TOKEN}" -H "Content-Type: application/json" http://{SERVER}:8000/v2/accounts/{ACCOUNT_ID}/qubicle_roles/{ROLE_ID}{
"data":{
},
"status":"success",
"request_id":"{REQUEST_ID}",
"auth_token":"{AUTH_TOKEN}"
}Global role management
Assigning a role globally
The following example shows how to assign the “Monitor” role to a recipient globally (for all queues) using the roles API to find the ID and then setting the permission role using the recipients API.
GET /v2/accounts/{ACCOUNT_ID}/qubicle_roles
curl -v -X GET -H "X-Auth-Token: {AUTH_TOKEN}" -H "Content-Type: application/json" http://{SERVER}:8000/v2/accounts/{ACCOUNT_ID}/qubicle_roles/{
"data":[
{"id": {ROLE_ID}, "name": "Monitor"}
],
"status":"success",
"request_id":"{REQUEST_ID}",
"auth_token":"{AUTH_TOKEN}"
}Now we can take the {ROLE_ID} and assign it to a recipient.
POST /v2/accounts/{ACCOUNT_ID}/qubicle_recipients/{RECIPIENT_ID}/roles
curl -v -X POST -H "X-Auth-Token: {AUTH_TOKEN}" -H "Content-Type: application/json" http://{SERVER}:8000/v2/accounts/{ACCOUNT_ID}/qubicle_recipients/{RECIPIENT_ID}/roles -d '{"data":{"action":"assign","roles":["{ROLE_ID}"]}}'{
"data":{
"result":"ok"
},
"status":"success",
"request_id":"{REQUEST_ID}",
"auth_token":"{AUTH_TOKEN}"
}Removing a role globally
The following example shows how to remove the “Monitor” role from a recipient globally (for all queues) using the roles API to find the ID and then setting the permission role using the recipients API.
GET /v2/accounts/{ACCOUNT_ID}/qubicle_roles
curl -v -X GET -H "X-Auth-Token: {AUTH_TOKEN}" -H "Content-Type: application/json" http://{SERVER}:8000/v2/accounts/{ACCOUNT_ID}/qubicle_roles/{
"data":[
{"id": {ROLE_ID}, "name": "Monitor"}
],
"status":"success",
"request_id":"{REQUEST_ID}",
"auth_token":"{AUTH_TOKEN}"
}Now we can take the {ROLE_ID} and remove it.
POST /v2/accounts/{ACCOUNT_ID}/qubicle_recipients/{RECIPIENT_ID}/roles
curl -v -X POST -H "X-Auth-Token: {AUTH_TOKEN}" -H "Content-Type: application/json" http://{SERVER}:8000/v2/accounts/{ACCOUNT_ID}/qubicle_recipients/{RECIPIENT_ID}/roles -d '{"data":{"action":"remove","roles":["{ROLE_ID}"]}}'{
"data":{
"result":"ok"
},
"status":"success",
"request_id":"{REQUEST_ID}",
"auth_token":"{AUTH_TOKEN}"
}Per Queue role management
Assigning a role
The following example shows how to assign a role to a recipient for a given queue, this assumes you already know the {ROLE_ID} and {QUEUE_ID}.
NOTE If the recipient specified is NOT a member of the queue currently, they WILL BE ADDED as a member as a result of this action.
POST /v2/accounts/{ACCOUNT_ID}/qubicle_queues/{QUEUE_ID}/roles
curl -v -X POST -H "X-Auth-Token: {AUTH_TOKEN}" -H "Content-Type: application/json" http://{SERVER}:8000/v2/accounts/{ACCOUNT_ID}/qubicle_queues/{queue_ID}/roles -d '{"data":{"action":"assign", "recipient":"{RECIPIENT_ID}", "roles":["{ROLE_ID}"]}}'{
"data":{
{QUEUE_CONFIG_DATA}
},
"status":"success",
"request_id":"{REQUEST_ID}",
"auth_token":"{AUTH_TOKEN}"
}Removing a role
The following example shows how to remove a role from a recipient for a given queue, this assumes you already know the {ROLE_ID} and {QUEUE_ID}.
NOTE The recipient will NOT be removed from the queue membership as a result of this action.
POST /v2/accounts/{ACCOUNT_ID}/qubicle_queues/{QUEUE_ID}/roles
curl -v -X POST -H "X-Auth-Token: {AUTH_TOKEN}" -H "Content-Type: application/json" http://{SERVER}:8000/v2/accounts/{ACCOUNT_ID}/qubicle_queues/{queue_ID}/roles -d '{"data":{"action":"remove", "recipient":"{RECIPIENT_ID}", "roles":["{ROLE_ID}"]}}'{
"data":{
{QUEUE_CONFIG_DATA}
},
"status":"success",
"request_id":"{REQUEST_ID}",
"auth_token":"{AUTH_TOKEN}"
}Setting multiple roles
This example will show how to bulk set roles for recipients in a queue. This action can also be used to set the queue membership at the same time.
NOTE If the ‘set_membership’ flag is set to ‘true’ this action will modify the queue membership to ONLY contain the specified recipients. If it is ‘false’ then ONLY the EXISTING members of the queue will have their roles set.
POST /v2/accounts/{ACCOUNT_ID}/qubicle_queues/{QUEUE_ID}/roles
curl -v -X POST -H "X-Auth-Token: {AUTH_TOKEN}" -H "Content-Type: application/json" http://{SERVER}:8000/v2/accounts/{ACCOUNT_ID}/qubicle_queues/{queue_ID}/roles -d '{"data":{"action":"set", "set_membership": {OPTIONAL_BOOLEAN}, "recipients": [{{RECIP_ID_1}: [{ROLE_ID_1}]}, {{RECIP_ID_2}, [{ROLE_ID_2}, {ROLE_ID_3}]}]}}'{
"data":{
{QUEUE_CONFIG_DATA}
},
"status":"success",
"request_id":"{REQUEST_ID}",
"auth_token":"{AUTH_TOKEN}"
}