diff --git a/CHANGELOG.md b/CHANGELOG.md
index 278af9d..8e4860e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,42 @@
# Changelog Hiber API
+### 0.176 (2023-12-19)
+
+##### ModemService
+
+- Fixed a bug in `Grouped` where the total count did not include devices in child organizations.
+- Better validation when explicit modems are given, but not found.
+ This could previously result in an empty result, or those items missing from the list.
+ Now, a proper error is given that you have provided a modem you do not have access to.
+ - This fix also applies to other usages for the ModemSelection object.
+
+##### SupportPermissions
+
+- Added `MANAGE_DEVICE_TRANSMISSION_INTERVAL` to replace `CUSTOMER_SUPPORT` for updating transmission interval.
+- Added `MANAGE_DEVICE_SLA` to replace `CUSTOMER_SUPPORT` for updating SLA configuration.
+- Added `DEVICE_VIEW_ALL_LIFECYCLES` to replace `CUSTOMER_SUPPORT` for seeing all possible lifecycles.
+- Added `MANAGE_DEVICE_NOTES` to replace `CUSTOMER_SUPPORT` for updating customer support device notes.
+
+##### TokenService
+
+- Add `user_details`, including name and email address, of the token owner, to `Token`.
+
+##### UserService
+
+- Added `support_permissions` to `User` and `UserSelection`.
+- Removed all options to set individual permissions on users
+ - Removed deprecated `UpdateUserPermissions`.
+ - Removed deprecated option `permissions` in
+ - `ApproveUserRequest`
+ - `InviteUserRequest`
+ - `CreateUserRequest`
+ - `CreateUsersRequest`
+ - Renamed `override_allow_no_permissions` to `override_allow_no_roles` in
+ - `ApproveUserRequest`
+ - `InviteUserRequest`
+ - `CreateUserRequest`
+ - `CreateUsersRequest`
+
### 0.175 (2023-12-12)
##### ValueService
diff --git a/docs/html/event.html b/docs/html/event.html
index 0af8cb1..dd55be4 100644
--- a/docs/html/event.html
+++ b/docs/html/event.html
@@ -2146,6 +2146,10 @@ Table of Contents
MToken
+
+ MToken.UserDetails
+
+
MTokenSelection
@@ -22486,6 +22490,13 @@ Token
|
+
+ | user_details |
+ Token.UserDetails |
+ |
+ |
+
+
| organization |
string |
@@ -22535,6 +22546,44 @@ Token
+ Token.UserDetails
+
+
+
+
+
+ | Field | Type | Label | Description |
+
+
+
+
+ | id |
+ string |
+ |
+ |
+
+
+
+ | email |
+ string |
+ |
+ |
+
+
+
+ | name |
+ string |
+ |
+ |
+
+
+
+
+
+
+
+
+
TokenSelection
diff --git a/docs/html/permission.html b/docs/html/permission.html
index 6364c74..bc4099a 100644
--- a/docs/html/permission.html
+++ b/docs/html/permission.html
@@ -431,7 +431,31 @@ SupportPermission
| INTEGRATION_SHELL_SSIP |
4 |
- |
+ Manage Shell SSIP integration. |
+
+
+
+ | MANAGE_DEVICE_TRANSMISSION_INTERVAL |
+ 5 |
+ Manage device transmission interval (actual interval). |
+
+
+
+ | MANAGE_DEVICE_SLA |
+ 6 |
+ Manage device SLA values (minimum messages per day). |
+
+
+
+ | DEVICE_VIEW_ALL_LIFECYCLES |
+ 7 |
+ View all lifecycles. Without this permission, you can only see INSTALLED and PAUSED. |
+
+
+
+ | MANAGE_DEVICE_NOTES |
+ 8 |
+ Assign device notes. |
diff --git a/docs/html/role.html b/docs/html/role.html
index 4baffc7..1748c00 100644
--- a/docs/html/role.html
+++ b/docs/html/role.html
@@ -2901,7 +2901,31 @@ SupportPermission
| INTEGRATION_SHELL_SSIP |
4 |
- |
+ Manage Shell SSIP integration. |
+
+
+
+ | MANAGE_DEVICE_TRANSMISSION_INTERVAL |
+ 5 |
+ Manage device transmission interval (actual interval). |
+
+
+
+ | MANAGE_DEVICE_SLA |
+ 6 |
+ Manage device SLA values (minimum messages per day). |
+
+
+
+ | DEVICE_VIEW_ALL_LIFECYCLES |
+ 7 |
+ View all lifecycles. Without this permission, you can only see INSTALLED and PAUSED. |
+
+
+
+ | MANAGE_DEVICE_NOTES |
+ 8 |
+ Assign device notes. |
diff --git a/docs/html/token.html b/docs/html/token.html
index 26c4b20..7f31331 100644
--- a/docs/html/token.html
+++ b/docs/html/token.html
@@ -206,6 +206,10 @@ Table of Contents
MToken
+
+ MToken.UserDetails
+
+
MTokenSelection
@@ -756,6 +760,13 @@ Token
|
+
+ | user_details |
+ Token.UserDetails |
+ |
+ |
+
+
| organization |
string |
@@ -805,6 +816,44 @@ Token
+ Token.UserDetails
+
+
+
+
+
+ | Field | Type | Label | Description |
+
+
+
+
+ | id |
+ string |
+ |
+ |
+
+
+
+ | email |
+ string |
+ |
+ |
+
+
+
+ | name |
+ string |
+ |
+ |
+
+
+
+
+
+
+
+
+
TokenSelection
@@ -3547,7 +3596,31 @@ SupportPermission
| INTEGRATION_SHELL_SSIP |
4 |
- |
+ Manage Shell SSIP integration. |
+
+
+
+ | MANAGE_DEVICE_TRANSMISSION_INTERVAL |
+ 5 |
+ Manage device transmission interval (actual interval). |
+
+
+
+ | MANAGE_DEVICE_SLA |
+ 6 |
+ Manage device SLA values (minimum messages per day). |
+
+
+
+ | DEVICE_VIEW_ALL_LIFECYCLES |
+ 7 |
+ View all lifecycles. Without this permission, you can only see INSTALLED and PAUSED. |
+
+
+
+ | MANAGE_DEVICE_NOTES |
+ 8 |
+ Assign device notes. |
diff --git a/docs/html/user.html b/docs/html/user.html
index 7c68404..ff491e8 100644
--- a/docs/html/user.html
+++ b/docs/html/user.html
@@ -258,14 +258,6 @@ Table of Contents
MTestUserValidationRequest.Response
-
- MUpdateUserPermissionsRequest
-
-
-
- MUpdateUserPermissionsRequest.Response
-
-
MUpdateUserRoles
@@ -575,13 +567,6 @@ ApproveUserRequest
|
-
- | permissions |
- hiber.Filter.OrganizationPermissions |
- |
- Deprecated. Permissions the new user should get. DEPRECATED in favor of roles. |
-
-
| roles |
hiber.Filter.Roles |
@@ -590,10 +575,10 @@ ApproveUserRequest
- | override_allow_no_permissions |
+ override_allow_no_roles |
bool |
|
- By default, the server returns an error when you don't specify any permissions or roles.
+ | By default, the server returns an error when you don't specify any roles.
Set this to true to allow it. |
@@ -601,27 +586,6 @@ ApproveUserRequest
-
-
- Fields with deprecated option
-
-
-
- | Name |
- Option |
-
-
-
-
-
- | permissions |
- true |
-
-
-
-
-
-
@@ -670,13 +634,6 @@ CreateUserRequest
Optional. If no password is given, the account can only be accessed using a password reset. |
-
- | permissions |
- hiber.Filter.OrganizationPermissions |
- |
- Deprecated. Permissions the new user should get. DEPRECATED in favor of roles. |
-
-
| roles |
hiber.Filter.Roles |
@@ -703,42 +660,21 @@ CreateUserRequest
bool |
|
When the user cannot be created, (i.e. they already exist because they are in a different organization)
-we can send an invite instead, effectively calling InviteUserRequest with the email and permissions.
+we can send an invite instead, effectively calling InviteUserRequest with the email and roles.
Set this to true to allow this behaviour. |
- | override_allow_no_permissions |
+ override_allow_no_roles |
bool |
|
- By default, the server returns an error when you don't specify any permissions. Set this to true to allow it. |
+ By default, the server returns an error when you don't specify any roles. Set this to true to allow it. |
-
-
- Fields with deprecated option
-
-
-
- | Name |
- Option |
-
-
-
-
-
- | permissions |
- true |
-
-
-
-
-
-
@@ -766,15 +702,6 @@ CreateUsersRequest
Users to create. Allows for individual impersonation and mail settings. |
-
- | permissions |
- hiber.Filter.OrganizationPermissions |
- |
- Deprecated. Permissions the new users should get.
-Can be replaced for specific settings in the CreateUserRequest.
-DEPRECATED in favor of roles. |
-
-
| roles |
hiber.Filter.Roles |
@@ -800,27 +727,6 @@ CreateUsersRequest
-
-
- Fields with deprecated option
-
-
-
- | Name |
- Option |
-
-
-
-
-
- | permissions |
- true |
-
-
-
-
-
-
@@ -903,13 +809,6 @@ InviteUserRequest
Invite the user again, even if there is an open invite. This can be done a limited amount of times. |
-
- | permissions |
- hiber.Filter.OrganizationPermissions |
- |
- Deprecated. Permissions the new user should get. DEPRECATED in favor of roles. |
-
-
| roles |
hiber.Filter.Roles |
@@ -918,10 +817,10 @@ InviteUserRequest
- | override_allow_no_permissions |
+ override_allow_no_roles |
bool |
|
- By default, the server returns an error when you don't specify any permissions or roles.
+ | By default, the server returns an error when you don't specify any roles.
Set this to true to allow it. |
@@ -929,27 +828,6 @@ InviteUserRequest
-
-
- Fields with deprecated option
-
-
-
- | Name |
- Option |
-
-
-
-
-
- | permissions |
- true |
-
-
-
-
-
-
@@ -1323,79 +1201,6 @@ TestUserValidationRequest
- UpdateUserPermissionsRequest
-
DEPRECATED in favor of roles.
-
-
-
-
- | Field | Type | Label | Description |
-
-
-
-
- | organization |
- string |
- |
- Pick the organization to use (/impersonate). If unset, your default organization is used. |
-
-
-
- | user_ids |
- string |
- repeated |
- |
-
-
-
- | new_permissions |
- hiber.Filter.OrganizationPermissions |
- |
- Deprecated. The previous permissions are replaced! |
-
-
-
- | override_allow_no_permissions |
- bool |
- |
- By default, the server returns an error when you don't specify any permissions. Set this to true to allow it. |
-
-
-
-
-
-
-
-
- Fields with deprecated option
-
-
-
- | Name |
- Option |
-
-
-
-
-
- | new_permissions |
- true |
-
-
-
-
-
-
-
-
-
- UpdateUserPermissionsRequest.Response
-
-
-
-
-
-
UpdateUserRoles
@@ -1442,10 +1247,10 @@ UpdateUserRoles.Request
- | override_allow_no_permissions |
+ override_allow_no_roles |
bool |
|
- By default, the server returns an error when you don't specify any permissions.
+ | By default, the server returns an error when you don't specify any roles.
Set this to true to allow it. |
@@ -1580,18 +1385,27 @@ User
|
+
+ | roles |
+ string |
+ repeated |
+ Roles for the current organization. |
+
+
| permissions |
hiber.Filter.OrganizationPermissions |
|
- |
+ Permissions for the current organization. |
- | roles |
- string |
- repeated |
- |
+ support_permissions |
+ hiber.Filter.SupportPermissions |
+ |
+ Permissions for customer support.
+Used for features typically reserved for customer support, or that behave differently
+when used by a customer support operator. |
@@ -1764,14 +1578,21 @@ UserSelection
roles |
hiber.Filter.Roles |
|
- |
+ Select users by roles for the current organization. |
| permissions |
hiber.Filter.OrganizationPermissions |
|
- |
+ Select users by permissions for the current organization. |
+
+
+
+ | support_permissions |
+ hiber.Filter.SupportPermissions |
+ |
+ Select users by permissions for customer support. |
@@ -1924,13 +1745,6 @@ UserService
|
-
- | UpdateUserPermissions |
- UpdateUserPermissionsRequest |
- UpdateUserPermissionsRequest.Response |
- |
-
-
| GetUserValidation |
GetUserValidationRequest |
@@ -1963,27 +1777,6 @@ UserService
-
-
- Methods with deprecated option
-
-
-
- | Method Name |
- Option |
-
-
-
-
-
- | UpdateUserPermissions |
- true |
-
-
-
-
-
-
diff --git a/docs/md/event.md b/docs/md/event.md
index be0e325..b04b3b1 100644
--- a/docs/md/event.md
+++ b/docs/md/event.md
@@ -363,6 +363,7 @@
- [hiber.token.ListTokensRequest](#hibertokenlisttokensrequest)
- [hiber.token.ListTokensRequest.Response](#hibertokenlisttokensrequestresponse)
- [hiber.token.Token](#hibertokentoken)
+ - [hiber.token.Token.UserDetails](#hibertokentokenuserdetails)
- [hiber.token.TokenSelection](#hibertokentokenselection)
- [hiber.token.UpdateTokenOrganizationPermissionsRequest](#hibertokenupdatetokenorganizationpermissionsrequest)
- [hiber.token.UpdateTokenOrganizationPermissionsRequest.Response](#hibertokenupdatetokenorganizationpermissionsrequestresponse)
@@ -4372,6 +4373,7 @@ so not all messages listed here are referenced.)
| id | [ int64](#int64) | none |
| name | [ string](#string) | none |
| user_id | [ string](#string) | none |
+| user_details | [ hiber.token.Token.UserDetails](#hibertokentokenuserdetails) | none |
| organization | [ string](#string) | none |
| expires_at | [ hiber.Timestamp](#hibertimestamp) | none |
| user_permissions | [repeated hiber.UserPermission](#hiberuserpermission) | none |
@@ -4379,6 +4381,16 @@ so not all messages listed here are referenced.)
| roles | [repeated string](#string) | none |
| type | [ hiber.token.Token.Type](#hibertokentokentype) | none |
+### hiber.token.Token.UserDetails
+
+
+
+| Field | Type | Description |
+| ----- | ---- | ----------- |
+| id | [ string](#string) | none |
+| email | [ string](#string) | none |
+| name | [ string](#string) | none |
+
### hiber.token.TokenSelection
diff --git a/docs/md/permission.md b/docs/md/permission.md
index c0b812a..daac2cb 100644
--- a/docs/md/permission.md
+++ b/docs/md/permission.md
@@ -74,7 +74,11 @@ when used by a customer support operator.
| MANAGE_ORGANIZATION_FEATURE | Manage organization feature flags. | 1 |
| MANAGE_DEVICE_TYPE | Change the device type for devices. | 2 |
| CUSTOM_TAGS | Create and assign custom tags. | 3 |
-| INTEGRATION_SHELL_SSIP | none | 4 |
+| INTEGRATION_SHELL_SSIP | Manage Shell SSIP integration. | 4 |
+| MANAGE_DEVICE_TRANSMISSION_INTERVAL | Manage device transmission interval (actual interval). | 5 |
+| MANAGE_DEVICE_SLA | Manage device SLA values (minimum messages per day). | 6 |
+| DEVICE_VIEW_ALL_LIFECYCLES | View all lifecycles. Without this permission, you can only see INSTALLED and PAUSED. | 7 |
+| MANAGE_DEVICE_NOTES | Assign device notes. | 8 |
### UserPermission
UserPermissions are generally used to limit what a token can do to its user.
diff --git a/docs/md/role.md b/docs/md/role.md
index f3ffbdb..1217264 100644
--- a/docs/md/role.md
+++ b/docs/md/role.md
@@ -164,7 +164,11 @@ when used by a customer support operator.
| MANAGE_ORGANIZATION_FEATURE | Manage organization feature flags. | 1 |
| MANAGE_DEVICE_TYPE | Change the device type for devices. | 2 |
| CUSTOM_TAGS | Create and assign custom tags. | 3 |
-| INTEGRATION_SHELL_SSIP | none | 4 |
+| INTEGRATION_SHELL_SSIP | Manage Shell SSIP integration. | 4 |
+| MANAGE_DEVICE_TRANSMISSION_INTERVAL | Manage device transmission interval (actual interval). | 5 |
+| MANAGE_DEVICE_SLA | Manage device SLA values (minimum messages per day). | 6 |
+| DEVICE_VIEW_ALL_LIFECYCLES | View all lifecycles. Without this permission, you can only see INSTALLED and PAUSED. | 7 |
+| MANAGE_DEVICE_NOTES | Assign device notes. | 8 |
#### hiber.UserPermission
UserPermissions are generally used to limit what a token can do to its user.
diff --git a/docs/md/token.md b/docs/md/token.md
index 0bb0627..fd6f042 100644
--- a/docs/md/token.md
+++ b/docs/md/token.md
@@ -17,6 +17,7 @@
- [ListTokensRequest](#listtokensrequest)
- [ListTokensRequest.Response](#listtokensrequestresponse)
- [Token](#token)
+ - [Token.UserDetails](#tokenuserdetails)
- [TokenSelection](#tokenselection)
- [UpdateTokenOrganizationPermissionsRequest](#updatetokenorganizationpermissionsrequest)
- [UpdateTokenOrganizationPermissionsRequest.Response](#updatetokenorganizationpermissionsrequestresponse)
@@ -202,6 +203,7 @@
| id | [ int64](#int64) | none |
| name | [ string](#string) | none |
| user_id | [ string](#string) | none |
+| user_details | [ Token.UserDetails](#tokenuserdetails) | none |
| organization | [ string](#string) | none |
| expires_at | [ hiber.Timestamp](#hibertimestamp) | none |
| user_permissions | [repeated hiber.UserPermission](#hiberuserpermission) | none |
@@ -209,6 +211,16 @@
| roles | [repeated string](#string) | none |
| type | [ Token.Type](#tokentype) | none |
+### Token.UserDetails
+
+
+
+| Field | Type | Description |
+| ----- | ---- | ----------- |
+| id | [ string](#string) | none |
+| email | [ string](#string) | none |
+| name | [ string](#string) | none |
+
### TokenSelection
@@ -367,7 +379,11 @@ when used by a customer support operator.
| MANAGE_ORGANIZATION_FEATURE | Manage organization feature flags. | 1 |
| MANAGE_DEVICE_TYPE | Change the device type for devices. | 2 |
| CUSTOM_TAGS | Create and assign custom tags. | 3 |
-| INTEGRATION_SHELL_SSIP | none | 4 |
+| INTEGRATION_SHELL_SSIP | Manage Shell SSIP integration. | 4 |
+| MANAGE_DEVICE_TRANSMISSION_INTERVAL | Manage device transmission interval (actual interval). | 5 |
+| MANAGE_DEVICE_SLA | Manage device SLA values (minimum messages per day). | 6 |
+| DEVICE_VIEW_ALL_LIFECYCLES | View all lifecycles. Without this permission, you can only see INSTALLED and PAUSED. | 7 |
+| MANAGE_DEVICE_NOTES | Assign device notes. | 8 |
#### hiber.UserPermission
UserPermissions are generally used to limit what a token can do to its user.
diff --git a/docs/md/user.md b/docs/md/user.md
index a4728b5..b0e50f1 100644
--- a/docs/md/user.md
+++ b/docs/md/user.md
@@ -30,8 +30,6 @@
- [ResetUserPasswordRequest.Response](#resetuserpasswordrequestresponse)
- [TestUserValidationRequest](#testuservalidationrequest)
- [TestUserValidationRequest.Response](#testuservalidationrequestresponse)
- - [UpdateUserPermissionsRequest](#updateuserpermissionsrequest)
- - [UpdateUserPermissionsRequest.Response](#updateuserpermissionsrequestresponse)
- [UpdateUserRoles](#updateuserroles)
- [UpdateUserRoles.Request](#updateuserrolesrequest)
- [UpdateUserRoles.Request.ModifyRoles](#updateuserrolesrequestmodifyroles)
@@ -167,12 +165,6 @@
-### UpdateUserPermissions
-> **rpc** UpdateUserPermissions([UpdateUserPermissionsRequest](#updateuserpermissionsrequest))
- [UpdateUserPermissionsRequest.Response](#updateuserpermissionsrequestresponse)
-
-
-
### GetUserValidation
> **rpc** GetUserValidation([GetUserValidationRequest](#getuservalidationrequest))
[UserValidation](#uservalidation)
@@ -208,9 +200,8 @@
| ----- | ---- | ----------- |
| organization | [ string](#string) | Pick the organization to use (/impersonate). If unset, your default organization is used. |
| user_ids | [repeated string](#string) | none |
-| permissions | [ hiber.Filter.OrganizationPermissions](#hiberfilterorganizationpermissions) | Permissions the new user should get. DEPRECATED in favor of roles. |
| roles | [ hiber.Filter.Roles](#hiberfilterroles) | Roles the new user should get. |
-| override_allow_no_permissions | [ bool](#bool) | By default, the server returns an error when you don't specify any permissions or roles. Set this to true to allow it. |
+| override_allow_no_roles | [ bool](#bool) | By default, the server returns an error when you don't specify any roles. Set this to true to allow it. |
### ApproveUserRequest.Response
@@ -227,12 +218,11 @@
| email | [ string](#string) | none |
| name | [ string](#string) | none |
| password | [ string](#string) | Optional. If no password is given, the account can only be accessed using a password reset. |
-| permissions | [ hiber.Filter.OrganizationPermissions](#hiberfilterorganizationpermissions) | Permissions the new user should get. DEPRECATED in favor of roles. |
| roles | [ hiber.Filter.Roles](#hiberfilterroles) | Roles the new user should get. |
| send_verification_mail | [ bool](#bool) | Send an automated email prompting the user to verify their email address. |
| send_password_reset_mail | [ bool](#bool) | Send an automated email prompting the user to set a password. Recommended when password is not set. |
-| allow_invite_instead | [ bool](#bool) | When the user cannot be created, (i.e. they already exist because they are in a different organization) we can send an invite instead, effectively calling InviteUserRequest with the email and permissions. Set this to true to allow this behaviour. |
-| override_allow_no_permissions | [ bool](#bool) | By default, the server returns an error when you don't specify any permissions. Set this to true to allow it. |
+| allow_invite_instead | [ bool](#bool) | When the user cannot be created, (i.e. they already exist because they are in a different organization) we can send an invite instead, effectively calling InviteUserRequest with the email and roles. Set this to true to allow this behaviour. |
+| override_allow_no_roles | [ bool](#bool) | By default, the server returns an error when you don't specify any roles. Set this to true to allow it. |
### CreateUsersRequest
@@ -242,7 +232,6 @@
| ----- | ---- | ----------- |
| organization | [ string](#string) | Pick the organization to use (/impersonate). If unset, your default organization is used. |
| users | [repeated CreateUserRequest](#createuserrequest) | Users to create. Allows for individual impersonation and mail settings. |
-| permissions | [ hiber.Filter.OrganizationPermissions](#hiberfilterorganizationpermissions) | Permissions the new users should get. Can be replaced for specific settings in the CreateUserRequest. DEPRECATED in favor of roles. |
| roles | [ hiber.Filter.Roles](#hiberfilterroles) | Roles the new users should get. Can be replaced for specific settings in the CreateUserRequest. |
| send_verification_mail | [ bool](#bool) | Send an automated email prompting the users to verify their email addresses. If true, applies to all users. |
| send_password_reset_mail | [ bool](#bool) | Send an automated email prompting the users to set their password. If true, applies to all users. |
@@ -272,9 +261,8 @@ Accept an invitation to an organization.
| organization | [ string](#string) | Pick the organization to use (/impersonate). If unset, your default organization is used. |
| email | [ string](#string) | The email address of the user you want to invite. |
| retry | [ bool](#bool) | Invite the user again, even if there is an open invite. This can be done a limited amount of times. |
-| permissions | [ hiber.Filter.OrganizationPermissions](#hiberfilterorganizationpermissions) | Permissions the new user should get. DEPRECATED in favor of roles. |
| roles | [ hiber.Filter.Roles](#hiberfilterroles) | Roles the new user should get. |
-| override_allow_no_permissions | [ bool](#bool) | By default, the server returns an error when you don't specify any permissions or roles. Set this to true to allow it. |
+| override_allow_no_roles | [ bool](#bool) | By default, the server returns an error when you don't specify any roles. Set this to true to allow it. |
### InviteUserRequest.Response
@@ -386,22 +374,6 @@ List all invited users (email addresses).
-### UpdateUserPermissionsRequest
-
-DEPRECATED in favor of roles.
-
-| Field | Type | Description |
-| ----- | ---- | ----------- |
-| organization | [ string](#string) | Pick the organization to use (/impersonate). If unset, your default organization is used. |
-| user_ids | [repeated string](#string) | none |
-| new_permissions | [ hiber.Filter.OrganizationPermissions](#hiberfilterorganizationpermissions) | The previous permissions are replaced! |
-| override_allow_no_permissions | [ bool](#bool) | By default, the server returns an error when you don't specify any permissions. Set this to true to allow it. |
-
-### UpdateUserPermissionsRequest.Response
-
-
-
-
### UpdateUserRoles
@@ -417,7 +389,7 @@ DEPRECATED in favor of roles.
| user_ids | [repeated string](#string) | none |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) **update**.modify | [ UpdateUserRoles.Request.ModifyRoles](#updateuserrolesrequestmodifyroles) | none |
| [**oneof**](https://developers.google.com/protocol-buffers/docs/proto3#oneof) **update**.replace | [ UpdateUserRoles.Request.ReplaceRoles](#updateuserrolesrequestreplaceroles) | none |
-| override_allow_no_permissions | [ bool](#bool) | By default, the server returns an error when you don't specify any permissions. Set this to true to allow it. |
+| override_allow_no_roles | [ bool](#bool) | By default, the server returns an error when you don't specify any roles. Set this to true to allow it. |
### UpdateUserRoles.Request.ModifyRoles
@@ -459,8 +431,9 @@ Completely replace the roles the users have.
| id | [ string](#string) | none |
| email | [ string](#string) | none |
| name | [ string](#string) | none |
-| permissions | [ hiber.Filter.OrganizationPermissions](#hiberfilterorganizationpermissions) | none |
-| roles | [repeated string](#string) | none |
+| roles | [repeated string](#string) | Roles for the current organization. |
+| permissions | [ hiber.Filter.OrganizationPermissions](#hiberfilterorganizationpermissions) | Permissions for the current organization. |
+| support_permissions | [ hiber.Filter.SupportPermissions](#hiberfiltersupportpermissions) | Permissions for customer support. Used for features typically reserved for customer support, or that behave differently when used by a customer support operator. |
### UserActivitySummaryRequest
@@ -503,8 +476,9 @@ Completely replace the roles the users have.
| by_email | [ string](#string) | none |
| by_name | [ string](#string) | none |
| search | [ string](#string) | none |
-| roles | [ hiber.Filter.Roles](#hiberfilterroles) | none |
-| permissions | [ hiber.Filter.OrganizationPermissions](#hiberfilterorganizationpermissions) | none |
+| roles | [ hiber.Filter.Roles](#hiberfilterroles) | Select users by roles for the current organization. |
+| permissions | [ hiber.Filter.OrganizationPermissions](#hiberfilterorganizationpermissions) | Select users by permissions for the current organization. |
+| support_permissions | [ hiber.Filter.SupportPermissions](#hiberfiltersupportpermissions) | Select users by permissions for customer support. |
### UserValidation
diff --git a/permission.proto b/permission.proto
index 38ddb65..9420de3 100644
--- a/permission.proto
+++ b/permission.proto
@@ -127,5 +127,18 @@ enum SupportPermission {
/* Create and assign custom tags. */
CUSTOM_TAGS = 3;
+ /* Manage Shell SSIP integration. */
INTEGRATION_SHELL_SSIP = 4;
+
+ /* Manage device transmission interval (actual interval). */
+ MANAGE_DEVICE_TRANSMISSION_INTERVAL = 5;
+
+ /* Manage device SLA values (minimum messages per day). */
+ MANAGE_DEVICE_SLA = 6;
+
+ /* View all lifecycles. Without this permission, you can only see INSTALLED and PAUSED. */
+ DEVICE_VIEW_ALL_LIFECYCLES = 7;
+
+ /* Assign device notes. */
+ MANAGE_DEVICE_NOTES = 8;
}
diff --git a/token.proto b/token.proto
index 12790b6..ccd0e5d 100644
--- a/token.proto
+++ b/token.proto
@@ -33,6 +33,7 @@ message Token {
int64 id = 1;
string name = 2;
string user_id = 3;
+ UserDetails user_details = 11;
string organization = 4;
reserved 5;
Timestamp expires_at = 6;
@@ -40,6 +41,12 @@ message Token {
repeated OrganizationPermission organization_permissions = 8;
repeated string roles = 9;
Type type = 10;
+
+ message UserDetails {
+ string id = 1;
+ string email = 2;
+ string name = 3;
+ }
}
message TokenSelection {
@@ -87,7 +94,7 @@ message CreateTokenRequest {
*/
optional string for_user_id = 10;
- reserved 3,7;
+ reserved 3, 7;
}
message DeleteTokenRequest {
diff --git a/user.proto b/user.proto
index d11f910..af19824 100644
--- a/user.proto
+++ b/user.proto
@@ -23,9 +23,6 @@ service UserService {
rpc ResetPassword (ResetUserPasswordRequest) returns (ResetUserPasswordRequest.Response);
rpc UpdateUserRoles (UpdateUserRoles.Request) returns (UpdateUserRoles.Response);
- rpc UpdateUserPermissions (UpdateUserPermissionsRequest) returns (UpdateUserPermissionsRequest.Response) {
- option deprecated = true;
- };
rpc GetUserValidation (GetUserValidationRequest) returns (UserValidation);
rpc UpdateUserValidation (UpdateUserValidationRequest) returns (UserValidation);
@@ -38,8 +35,18 @@ message User {
string id = 1;
string email = 2;
string name = 3;
- Filter.OrganizationPermissions permissions = 4;
+
+ /* Roles for the current organization. */
repeated string roles = 5;
+
+ /* Permissions for the current organization. */
+ Filter.OrganizationPermissions permissions = 4;
+
+ /* Permissions for customer support.
+ * Used for features typically reserved for customer support, or that behave differently
+ * when used by a customer support operator.
+ */
+ Filter.SupportPermissions support_permissions = 6;
}
message UserSelection {
@@ -47,8 +54,15 @@ message UserSelection {
string by_email = 1;
string by_name = 2;
string search = 4;
+
+ /* Select users by roles for the current organization. */
Filter.Roles roles = 5;
+
+ /* Select users by permissions for the current organization. */
Filter.OrganizationPermissions permissions = 6;
+
+ /* Select users by permissions for customer support. */
+ Filter.SupportPermissions support_permissions = 7;
}
enum UserSort {
@@ -98,16 +112,15 @@ message ApproveUserRequest {
string organization = 1;
repeated string user_ids = 2;
- /* Permissions the new user should get. DEPRECATED in favor of roles. */
- Filter.OrganizationPermissions permissions = 3 [deprecated = true];
-
/* Roles the new user should get. */
Filter.Roles roles = 5;
- /* By default, the server returns an error when you don't specify any permissions or roles.
+ /* By default, the server returns an error when you don't specify any roles.
* Set this to true to allow it.
*/
- bool override_allow_no_permissions = 4;
+ bool override_allow_no_roles = 4;
+
+ reserved 3;
}
message RemoveUserRequest {
@@ -152,16 +165,15 @@ message InviteUserRequest {
/* Invite the user again, even if there is an open invite. This can be done a limited amount of times. */
bool retry = 3;
- /* Permissions the new user should get. DEPRECATED in favor of roles. */
- Filter.OrganizationPermissions permissions = 4 [deprecated = true];
-
/* Roles the new user should get. */
Filter.Roles roles = 6;
- /* By default, the server returns an error when you don't specify any permissions or roles.
+ /* By default, the server returns an error when you don't specify any roles.
* Set this to true to allow it.
*/
- bool override_allow_no_permissions = 5;
+ bool override_allow_no_roles = 5;
+
+ reserved 4;
}
message CreateUserRequest {
@@ -173,9 +185,6 @@ message CreateUserRequest {
/* Optional. If no password is given, the account can only be accessed using a password reset. */
string password = 4;
- /* Permissions the new user should get. DEPRECATED in favor of roles. */
- Filter.OrganizationPermissions permissions = 5 [deprecated = true];
-
/* Roles the new user should get. */
Filter.Roles roles = 10;
@@ -186,13 +195,15 @@ message CreateUserRequest {
bool send_password_reset_mail = 7;
/* When the user cannot be created, (i.e. they already exist because they are in a different organization)
- * we can send an invite instead, effectively calling InviteUserRequest with the email and permissions.
+ * we can send an invite instead, effectively calling InviteUserRequest with the email and roles.
* Set this to true to allow this behaviour.
*/
bool allow_invite_instead = 8;
- /* By default, the server returns an error when you don't specify any permissions. Set this to true to allow it. */
- bool override_allow_no_permissions = 9;
+ /* By default, the server returns an error when you don't specify any roles. Set this to true to allow it. */
+ bool override_allow_no_roles = 9;
+
+ reserved 5;
}
message CreateUsersRequest {
@@ -206,12 +217,6 @@ message CreateUsersRequest {
/* Users to create. Allows for individual impersonation and mail settings. */
repeated CreateUserRequest users = 2;
- /* Permissions the new users should get.
- * Can be replaced for specific settings in the CreateUserRequest.
- * DEPRECATED in favor of roles.
- */
- Filter.OrganizationPermissions permissions = 3 [deprecated = true];
-
/* Roles the new users should get. Can be replaced for specific settings in the CreateUserRequest. */
Filter.Roles roles = 6;
@@ -231,23 +236,6 @@ message ResetUserPasswordRequest {
string user_id = 2;
}
-/* DEPRECATED in favor of roles. */
-message UpdateUserPermissionsRequest {
- option deprecated = true;
- message Response {
- }
-
- /* Pick the organization to use (/impersonate). If unset, your default organization is used. */
- string organization = 1;
- repeated string user_ids = 2;
-
- /* The previous permissions are replaced! */
- Filter.OrganizationPermissions new_permissions = 3 [deprecated = true];
-
- /* By default, the server returns an error when you don't specify any permissions. Set this to true to allow it. */
- bool override_allow_no_permissions = 4;
-}
-
message UpdateUserRoles {
message Request {
/* Pick the organization to use (/impersonate). If unset, your default organization is used. */
@@ -273,10 +261,10 @@ message UpdateUserRoles {
ReplaceRoles replace = 4;
}
- /* By default, the server returns an error when you don't specify any permissions.
+ /* By default, the server returns an error when you don't specify any roles.
* Set this to true to allow it.
*/
- bool override_allow_no_permissions = 5;
+ bool override_allow_no_roles = 5;
}
message Response {
}