github.com/cozy/cozy-stack@v0.0.0-20240603063001-31110fa4cae1/docs/admin.md (about) 1 [Table of contents](README.md#table-of-contents) 2 3 # Admin 4 5 ## Introduction 6 7 An admin API is available on the stack. It offers several endpoints to interact 8 with your cozy-stack installation (E.g. interacting with instances, generating tokens, ...). 9 10 :warning: Use the admin API only if you know what you are doing. The admin API 11 provides a basic authentication, you **must** protect these endpoints as they 12 are very powerful. 13 14 The default port for the admin endpoints is `6060`. If you want to customize the parameters, please see the [config file documentation page](config.md). 15 16 17 ## Instance 18 19 ### GET /instances 20 21 Returns the list of all instances. By default, there is no pagination, but it 22 is possible to add a `page[limit]` parameter in the query-string to paginate ( 23 cf [JSON-API pagination](./http-api.md#pagination)). A `page[skip]` parameter in 24 the query-string is also supported, but CouchDB may be slow on requests with a 25 skip on large collections. 26 27 #### Request 28 29 ```http 30 GET /instances HTTP/1.1 31 ``` 32 33 #### Response 34 35 ```http 36 HTTP/1.1 200 OK 37 Content-Type: application/vnd.api+json 38 ``` 39 40 ```json 41 { 42 "data": [ 43 { 44 "type": "instances", 45 "id": "3af6ed68a6d9146b3529d2584a001d98", 46 "attributes": { 47 "domain": "alice.cozy.localhost:8080", 48 "prefix": "cozy7d3d5947e7f3b0c674d1b8644646348e", 49 "locale": "fr", 50 "context": "dev", 51 "onboarding_finished": true, 52 "indexes_version": 30 53 }, 54 "meta": { 55 "rev": "1-32c855c989e8f6def0bc0cc417d8b3b4" 56 }, 57 "links": { 58 "self": "/instances/3af6ed68a6d9146b3529d2584a001d98" 59 } 60 }, 61 { 62 "type": "instances", 63 "id": "3af6ed68a6d9146b3529d2584a01d557", 64 "attributes": { 65 "domain": "bob.cozy.localhost:8080", 66 "prefix": "cozybf682065ca3c7d64f2dafc6cc12fe702", 67 "locale": "fr", 68 "context": "dev", 69 "onboarding_finished": true, 70 "indexes_version": 30 71 }, 72 "meta": { 73 "rev": "1-ab6f77dbfdb3aab5b70b022e37fe231f" 74 }, 75 "links": { 76 "self": "/instances/3af6ed68a6d9146b3529d2584a01d557" 77 } 78 } 79 ], 80 "meta": { 81 "count": 2 82 } 83 } 84 ``` 85 86 ### GET /instances/count 87 88 Returns the count of all instances. 89 90 #### Request 91 92 ```http 93 GET /instances/count HTTP/1.1 94 ``` 95 96 #### Response 97 98 ```http 99 HTTP/1.1 200 OK 100 Content-Type: application/json 101 ``` 102 103 ```json 104 {"count":259} 105 ``` 106 107 ### GET /instances/:domain/last-activity 108 109 It returns an approximate date of when the instance was last used by their 110 owner (automatic jobs like connectors don't count). It looks at the sessions 111 and OAuth tokens. 112 113 #### Request 114 115 ```http 116 GET /instances/john.mycozy.cloud/last-activity HTTP/1.1 117 ``` 118 119 #### Response 120 121 ```http 122 HTTP/1.1 200 OK 123 Content-Type: application/json 124 ``` 125 126 ```json 127 { 128 "last-activity": "2022-12-31" 129 } 130 ``` 131 132 ### PATCH /instances/:domain 133 134 This route can be used to change an instance (email, locale, disk quota, ToS, 135 etc.) 136 137 **Note** a special parameter `FromCloudery=true` in the query string can be 138 used to tell the stack to not call the cloudery if the email or public name has 139 changed, since the change is already coming from the cloudery. 140 141 #### Request 142 143 ```http 144 PATCH /instances/john.mycozy.cloud?Email=john@example.com&FromCloudery=true HTTP/1.1 145 ``` 146 147 #### Response 148 149 ```http 150 HTTP/1.1 200 OK 151 ``` 152 153 ```json 154 { 155 "data": { 156 "type": "instances", 157 "id": "0dc76ad9b1cf3a979b916b3155001830", 158 "attributes": { 159 "domain": "john.mycozy.cloud", 160 "prefix": "cozy1a4e1aabf424a194d7daf946d7b1337d", 161 "locale": "fr", 162 "context": "cozy", 163 "onboarding_finished": true, 164 "indexes_version": 31, 165 "passphrase_hash": "c2NyeXB0JDMyNzY4JDgkMSQyYjMzMTU1YTY5OTdjYzM2ZjQyYjk1MWM0MWU4ZWVkYSRlODA4NTY2ODQ5OTdkOWNmNzc1ZGEzMjdlYWMwOTgyNTMwMTM3NTJjYTMxMTdhYTIyYTIxODI0NzBmODhjYjdl", 166 "session_secret": "eyG2l+G1xO38WyD1GfqYkgSU/T4rnti+JzOwj6haHpM8PSMvzkGu/CSH0mpXUuuCNVbjEXc+hRwGMJ8lTKqs+w==", 167 "oauth_secret": "tnr6V8jDK27CDVpzNiOOAJZs+5wrvGyNyJxIc/BJ6O87i2eJX4LCzblDFyDbVv/B7qV7HA9/Fc+Agon2gHQg8x0E0zzfGizbFeWt+KPk7UrZNd4sZJ81oWNNd9BrJ2+eKXDmZeYBI0AwUSykyr7iOIpB5jXaIvfOQvH7EYwtKLg=", 168 "cli_secret": "dcLa1VqcoI4eNE7nBrFzhJ9w6rRLlAMESl3PAEqr+IDE29OeN3uyhzLhxPlk0b9rkc0yvozQc/AFttZxyqH/DDYa6rrJyrf91gddtwSfka1pJVss+/DiFaghyWJzEbffBs78X3swA2gSJNu0eGDKdFVY7q8iLT4JpfXy+GPzdLk=" 169 }, 170 "meta": { 171 "rev": "1-1c4efe4196191469a65b2a3e0898db61" 172 }, 173 "links": { 174 "self": "/instances/0dc76ad9b1cf3a979b916b3155001830" 175 } 176 } 177 } 178 ``` 179 180 181 ### GET /instances/with-app-version/:slug/:version 182 183 Returns all the instances using slug/version pair 184 185 #### Request 186 187 ```http 188 GET /instances/with-app-version/drive/1.0.0 HTTP/1.1 189 ``` 190 191 #### Response 192 193 ```http 194 HTTP/1.1 200 OK 195 Content-Type: application/json 196 ``` 197 198 ```json 199 { 200 "instances": [ 201 "alice.cozy.localhost", 202 "bob.cozy.localhost", 203 "zoe.cozy.localhost" 204 ] 205 } 206 ``` 207 208 ### POST /instances/:domain/magic_link 209 210 Creates a code that can be used in a magic link (if this feature is enabled on 211 the Cozy). 212 213 #### Request 214 215 ```http 216 POST /instances/alice.cozy.localhost/magic_link HTTP/1.1 217 ``` 218 219 #### Response 220 221 ```http 222 HTTP/1.1 200 OK 223 Content-Type: application/json 224 ``` 225 226 ```json 227 { 228 "code": "YmU5NmEzMzAtYjZiYy0wMTNiLTE1YzUtMThjMDRkYWJhMzI2" 229 } 230 ``` 231 232 ### POST /instances/:domain/session_code 233 234 Creates a session_code that can be used to login on the given instance. 235 236 #### Request 237 238 ```http 239 POST /instances/alice.cozy.localhost/session_code HTTP/1.1 240 ``` 241 242 #### Response 243 244 ```http 245 HTTP/1.1 200 OK 246 Content-Type: application/json 247 ``` 248 249 ```json 250 { 251 "session_code": "L7oJ6BDQtdbLR5Vr5vTxTXLJ1pQzMXcD" 252 } 253 ``` 254 255 ### POST /instances/:domain/session_code/check 256 257 Checks that a session_code is valid for the given instance. Note that the 258 session_code will be invalidated after that. 259 260 #### Request 261 262 ```http 263 POST /instances/alice.cozy.localhost/session_code/check HTTP/1.1 264 Content-Type: application/json 265 ``` 266 267 ```json 268 { 269 "session_code": "L7oJ6BDQtdbLR5Vr5vTxTXLJ1pQzMXcD" 270 } 271 ``` 272 273 #### Response 274 275 ```http 276 HTTP/1.1 200 OK 277 Content-Type: application/json 278 ``` 279 280 ```json 281 { 282 "valid": true 283 } 284 ``` 285 286 ### POST /instances/:domain/email_verified_code 287 288 Creates an email_verified_code that can be used on the given instance to avoid 289 the 2FA by email. 290 291 #### Request 292 293 ```http 294 POST /instances/alice.cozy.localhost/email_verified_code HTTP/1.1 295 ``` 296 297 #### Response 298 299 ```http 300 HTTP/1.1 200 OK 301 Content-Type: application/json 302 ``` 303 304 ```json 305 { 306 "email_verified_code": "jBPF5Kvpv1oztdaSgdA2315hVpAf6BCd" 307 } 308 ``` 309 310 Note: if the two factor authentication by email is not enabled on this 311 instance, it will return a 400 Bad Request error. 312 313 ### DELETE /instances/:domain/sessions 314 315 Delete the databases for io.cozy.sessions and io.cozy.sessions.logins. 316 317 #### Request 318 319 ```http 320 DELETE /instances/alice.cozy.localhost/sessions HTTP/1.1 321 ``` 322 323 #### Response 324 325 ```http 326 HTTP/1.1 204 No Content 327 ``` 328 329 ### POST /instances/:domain/fixers/content-mismatch 330 331 Fixes the 64k (or multiple) content mismatch files of an instance 332 333 #### Request 334 335 ```http 336 POST /instances/alice.cozy.localhost/fixers/content-mismatch HTTP/1.1 337 Content-Type: application/json 338 ``` 339 340 ```json 341 { 342 "dry_run": true 343 } 344 ``` 345 346 The `dry_run` (default to `true`) body parameter tells if the request is a 347 dry-run or not. 348 349 #### Response 350 351 ```http 352 HTTP/1.1 200 OK 353 Content-Type: application/json 354 ``` 355 356 ```json 357 { 358 "dry_run": true, 359 "updated": [ 360 { 361 "filepath": "/file64.txt", 362 "id": "3c79846513e81aee78ab30849d006550", 363 "created_at": "2019-07-30 15:05:27.268876334 +0200 CEST", 364 "updated_at": "2019-07-30 15:05:27.268876334 +0200 CEST" 365 } 366 ], 367 "removed": [ 368 { 369 "filepath": "/.cozy_trash/file64.txt-corrupted", 370 "id": "3c79846513e81aee78ab30849d001f98", 371 "created_at": "2019-07-30 10:18:28.826400117 +0200 CEST", 372 "updated_at": "2019-07-30 14:32:29.862882247 +0200 CEST" 373 } 374 ], 375 "domain": "alice.cozy.localhost" 376 } 377 ``` 378 379 ### POST /instances/:domain/fixers/password-defined 380 381 Fill the `password_defined` field of the io.cozy.settings.instance if it was 382 missing. 383 384 #### Request 385 386 ```http 387 POST /instances/alice.cozy.localhost/fixers/password-defined HTTP/1.1 388 ``` 389 390 ### POST /instances/:domain/fixers/orphan-account 391 392 Delete the accounts which are not linked to a konnector 393 394 #### Request 395 396 ```http 397 POST /instances/alice.cozy.localhost/fixers/orphan-account HTTP/1.1 398 ``` 399 400 ### POST /instances/:domain/export 401 402 Starts an export for the given instance. The CouchDB documents will be saved in 403 an intermediary archive while the files won't be added until the data is 404 actually downloaded. 405 406 The response contains the details of the scheduled export job. 407 408 #### Query-String 409 410 | Parameter | Description | 411 | --------- | ------------------------------------------------------------------------------------------- | 412 | admin-req | Boolean indicating when the request is made by an admin and the user should not be notified | 413 414 The admin-req parameter is optional: by default, the instance's owner will be 415 notified via e-mail, whether the export is successful or not. If it's 416 successful, the e-mail will contain a link to the Settings app allowing the user 417 to download the data archives. 418 When this parameter is `true`, no e-mails will be sent and the admin will be 419 able to get the export document via realtime events. 420 421 #### Request 422 423 ```http 424 POST /instances/alice.cozy.localhost/export?admin-req=true HTTP/1.1 425 ``` 426 427 #### Response 428 429 ```http 430 HTTP/1.1 204 Accepted 431 Content-Type: application/json 432 ``` 433 434 ```json 435 { 436 "_id": "123123", 437 "_rev": "1-58d2b368da0a1b336bcd18ced210a8a1", 438 "domain": "alice.cozy.localhost", 439 "prefix": "cozyfdd8fd8eb825ad98821b11871abf58c9", 440 "worker": "export", 441 "message": { 442 "parts_size": 0, 443 "max_age": 0, 444 "contextual_domain": "alice.cozy.localhost", 445 "admin_req": true 446 }, 447 "event": null, 448 "state": "queued", 449 "queued_at": "2023-02-01T11:50:59.286530525+01:00", 450 "started_at": "0001-01-01T00:00:00Z", 451 "finished_at": "0001-01-01T00:00:00Z" 452 } 453 ``` 454 455 ### GET /instances/:domain/exports/:export-id/data 456 457 This endpoint will return an archive containing the metadata and files of the 458 user, as part of a multi-part response. 459 460 Only the first part of the archive contains the metadata. 461 462 #### Query-String 463 464 | Parameter | Description | 465 | --------- | ------------------------------------------------------------------- | 466 | cursor | String reprentation of the export cursor to start the download from | 467 468 The cursor parameter is optional but any given cursor should be one of the 469 defined `parts_cursors` in the export document. 470 To get all the parts, this endpoint must be called one time with no cursors, and 471 one time for each cursor in `parts_cursors`. 472 473 #### Request 474 475 ```http 476 GET /instances/alice.cozy.localhost/exports/123123/data?cursor=io.cozy.files%2Fa27b3bae83160774a74525de670d5d8e HTTP/1.1 477 ``` 478 479 #### Response 480 481 ```http 482 HTTP/1.1 200 OK 483 Content-Type: application/zip 484 Content-Disposition: attachment; filename="alice.cozy.localhost - part001.zip" 485 ``` 486 487 ### POST /instances/:domain/notifications 488 489 This endpoint allows to send a notification via the notification center. Both 490 the notification declaration and its properties need to be passed in the body. 491 These notifications cannot use templates defined in cozy-stack though so their 492 e-mail content must be provided directly (at least in HTML). 493 494 When the request is successful, the generated notification object is returned. 495 496 ```http 497 POST /instances/alice.cozy.localhost/notifications HTTP/1.1 498 Authorization: Bearer ... 499 Content-Type: application/json 500 ``` 501 502 ```json 503 { 504 "notification": { 505 "category": "account-balance", 506 "category_id": "my-bank", 507 "title": "Your account balance is not OK", 508 "message": "Warning: we have detected a negative balance in your my-bank", 509 "priority": "high", 510 "state": "-1", 511 "preferred_channels": ["mobile"], 512 "content": "Hello,\r\nWe have detected a negative balance in your my-bank account.", 513 "content_html": "<html>\r\n\t<body>\r\n\t<p>Hello,<br/>We have detected a negative balance in your my-bank account.</p>\r\n\t</body>\r\n\t</html>" 514 }, 515 "properties": { 516 "description": "Alert the user when its account balance is negative", 517 "collapsible": true, 518 "multiple": true, 519 "stateful": true, 520 "default_priority": "high" 521 } 522 } 523 ``` 524 525 #### Response 526 527 ```http 528 HTTP/1.1 201 Created 529 Content-Type: application/json 530 ``` 531 532 ```json 533 { 534 "_id": "c57a548c-7602-11e7-933b-6f27603d27da", 535 "_rev": "1-1f2903f9a867", 536 "source_id": "cozy/cli//account-balance/my-bank", 537 "originator": "cli", 538 "category": "account-balance", 539 "category_id": "my-bank", 540 "created_at": "2024-01-04T15:23:01.832Z", 541 "last_sent": "2024-01-04T15:23:01.832Z", 542 "title": "Your account balance is not OK", 543 "message": "Warning: we have detected a negative balance in your my-bank", 544 "priority": "high", 545 "state": "-1", 546 "content": "Hello,\r\nWe have detected a negative balance in your my-bank account.", 547 "contentHTML": "<html>\r\n\t<body>\r\n\t<p>Hello,<br/>We have detected a negative balance in your my-bank account.</p>\r\n\t</body>\r\n\t</html>" 548 } 549 ``` 550 551 ## Contexts 552 553 ### GET /instances/contexts 554 555 This endpoint returns the list of the contexts, with their name, config, 556 registries, office server, cloudery endpoints, and OIDC data. 557 558 #### Request 559 560 ``` 561 GET /instances/contexts HTTP/1.1 562 ``` 563 564 #### Response 565 566 ```http 567 HTTP/1.1 200 OK 568 ``` 569 570 ```json 571 [ 572 { 573 "config": { 574 "claudy_actions": [ 575 "desktop", 576 "mobile", 577 "support" 578 ], 579 "debug": true, 580 "features": [ 581 { 582 "foo": "bar" 583 }, 584 { 585 "baz": [ 586 "qux", 587 "quux" 588 ] 589 } 590 ], 591 "help_link": "https://forum.cozy.io/", 592 "noreply_address": "noreply@cozy.beta", 593 "noreply_name": "My Cozy Beta", 594 "sharing_domain": "cozy.localhost" 595 }, 596 "context": "dev", 597 "registries": [ 598 "https://apps-registry.cozycloud.cc/" 599 ], 600 "office": { 601 "OnlyOfficeURL": "https://documentserver.cozycloud.cc/" 602 }, 603 "cloudery_endpoint": "", 604 "oidc": { 605 "allow_oauth_token": false, 606 "authorize_url": "https://identity-prodiver/path/to/authorize", 607 "client_id": "aClientID", 608 "id_token_jwk_url": "https://identity-prodiver/path/to/jwk", 609 "login_domain": "login.mycozy.cloud", 610 "redirect_uri": "https://oauthcallback.mycozy.cloud/oidc/redirect", 611 "scope": "openid profile", 612 "token_url": "https://identity-prodiver/path/to/token", 613 "userinfo_instance_field": "cozy_number", 614 "userinfo_instance_prefix": "name", 615 "userinfo_instance_suffix": ".mycozy.cloud", 616 "userinfo_url": "https://identity-prodiver/path/to/userinfo" 617 } 618 } 619 ] 620 ``` 621 622 ### GET /instances/contexts/:name 623 624 This endpoint returns the config of a given context. 625 626 #### Request 627 628 ``` 629 GET /instances/contexts/dev HTTP/1.1 630 ``` 631 632 #### Response 633 634 ```http 635 HTTP/1.1 200 OK 636 ``` 637 638 ```json 639 { 640 "config": { 641 "claudy_actions": [ 642 "desktop", 643 "mobile", 644 "support" 645 ], 646 "debug": true, 647 "features": [ 648 { 649 "foo": "bar" 650 }, 651 { 652 "baz": [ 653 "qux", 654 "quux" 655 ] 656 } 657 ], 658 "help_link": "https://forum.cozy.io/", 659 "noreply_address": "noreply@cozy.beta", 660 "noreply_name": "My Cozy Beta", 661 "sharing_domain": "cozy.localhost" 662 }, 663 "context": "dev", 664 "registries": [ 665 "https://apps-registry.cozycloud.cc/" 666 ], 667 "office": { 668 "OnlyOfficeURL": "https://documentserver.cozycloud.cc/", 669 "InboxSecret": "inbox_secret", 670 "OutboxSecret": "outbox_secret" 671 }, 672 "cloudery_endpoint": "" 673 } 674 ``` 675 676 677 ## Checkers 678 679 ### GET /instances/:domain/fsck 680 681 This endpoint can be use to check the VFS of a given instance. It accepts three 682 possible parameters in the query-string: 683 684 - `IndexIntegrity=true` to check only the integrity of the data in CouchDB 685 - `FilesConsistency` to check the consistency between CouchDB and Swift 686 - `FailFast` to abort on the first error. 687 688 It will returns a `200 OK`, except if the instance is not found where the code 689 will be `404 Not Found` (a `5xx` can also happen in case of server errors like 690 CouchDB not available). The format of the response will be one JSON per line, 691 and each JSON represents an error. 692 693 #### Request 694 695 ```http 696 GET /instances/alice.cozy.localhost/fsck HTTP/1.1 697 ``` 698 699 #### Response 700 701 ```http 702 HTTP/1.1 200 OK 703 ``` 704 705 ```json 706 {"type":"index_orphan_tree","dir_doc":{"type":"directory","_id":"34a61c6ceb38075fe971cc6a3263659f","_rev":"2-94ca3acfebf927cb231d125c57f85bd7","name":"Photos","dir_id":"45496c5c442dabecae87de3d73008ec4","created_at":"2020-12-15T18:23:21.498323965+01:00","updated_at":"2020-12-15T18:23:21.498323965+01:00","tags":[],"path":"/Photos","cozyMetadata":{"doctypeVersion":"1","metadataVersion":1,"createdAt":"2020-12-15T18:23:21.498327603+01:00","updatedAt":"2020-12-15T18:23:21.498327603+01:00","createdOn":"http://alice.cozy.localhost:8080/"},"size":"0","is_dir":true,"is_orphan":true,"has_cycle":false},"is_file":false,"is_version":false} 707 {"type":"index_missing","file_doc":{"type":"file","name":"Photos","dir_id":"","created_at":"2020-12-15T18:23:21.527308795+01:00","updated_at":"2020-12-15T18:23:21.527308795+01:00","tags":null,"path":"/Photos","size":"4096","mime":"application/octet-stream","class":"files","executable":true,"is_dir":false,"is_orphan":false,"has_cycle":false},"is_file":true,"is_version":false} 708 ``` 709 710 ### POST /instances/:domain/checks/triggers 711 712 This endpoint will check if no trigger has been installed twice (or more). 713 714 #### Request 715 716 ```http 717 POST /instances/alice.cozy.localhost/checks/triggers HTTP/1.1 718 ``` 719 720 #### Response 721 722 ```http 723 HTTP/1.1 200 OK 724 Content-Type: application/json 725 ``` 726 727 ```json 728 [ 729 { 730 "_id": "45496c5c442dabecae87de3d7300666f", 731 "arguments": "io.cozy.files:CREATED,UPDATED,DELETED:image:class", 732 "debounce": "", 733 "other_id": "34a61c6ceb38075fe971cc6a3263895f", 734 "trigger": "@event", 735 "type": "duplicate", 736 "worker": "thumbnail" 737 } 738 ] 739 ``` 740 741 ### POST /instances/:domain/checks/shared 742 743 This endpoint will check that the io.cozy.shared documents have a correct 744 revision tree (no generation smaller for a children than its parent). 745 746 #### Request 747 748 ```http 749 POST /instances/alice.cozy.localhost/checks/shared HTTP/1.1 750 ``` 751 752 #### Response 753 754 ```http 755 HTTP/1.1 200 OK 756 Content-Type: application/json 757 ``` 758 759 ```json 760 [ 761 {"_id":"io.cozy.files/fd1706de234d17d1ac2fe560051a2aae","child_rev":"1-e19947b4f9bfb273bc8958ae932ae4c7","parent_rev":"2-4f82af35577dbc9b686dd447719e4835","type":"invalid_revs_suite"}, 762 {"_id":"io.cozy.files/fd9bef5df406f5b150f302b8c5b3f5f0","child_rev":"7-05bb459e0ac5450c17df79ed1f13afa1","parent_rev":"8-07b4cafef3c2e74e698ee4a04d1874c2","type":"invalid_revs_suite"} 763 ] 764 ``` 765 766 ### POST /instances/:domain/checks/sharings 767 768 This endpoint can be used to check the setup of sharings owned by a given 769 instance and the consistency of the shared files and folders with their 770 counterparts on the Cozy they're shared with. It accepts one parameter in the 771 query-string: 772 773 - `Fast` to skip the files and folders consistency check as it can be quite long 774 775 It will return a `200 OK`, except if the instance is not found where the code 776 will be `404 Not Found` (a `5xx` can also happen in case of server errors like 777 CouchDB not available). The format of the response will be a JSON array of 778 objects, each object representing an error. 779 780 781 #### Possible error types 782 783 ##### invalid_rules 784 785 This will be raised when the owner's sharing rules are invalid. 786 The validation result will be returned in the `error` attribute. 787 788 ##### sharing_in_sharing 789 790 This will be raised when the root of the sharing being checked is part of 791 another sharing (i.e. one of its parent folders is shared). The parent 792 sharing can be found either on the owner's instance or on one of its members' 793 instance. 794 The `parent_sharing` attribute will contain the parent sharing ID. 795 796 ##### missing_matching_docs_for_owner 797 798 This will be raised if the shared files and folders associated with the sharing 799 could not be fetched on the owner's instance. 800 The request error will be returned in the `error` attribute. 801 No further consistency checks will be run on this sharing. 802 803 ##### missing_sharing_for_member 804 805 This will be raised when the associated `io.cozy.sharing` document cannot be 806 found on a sharing member's instance. 807 The request error will be returned in the `error` attribute. 808 No further consistency checks will be run for this member. 809 810 ##### missing_files_rule_for_member 811 812 This will be raised if a member's sharing doesn't have any sharing rule for 813 `io.cozy.files` documents (while the owner's sharing has been determined to be 814 of this type). 815 The member's domain will be available in the `member` attribute. 816 No further consistency checks will be run for this member. 817 818 ##### missing_matching_docs_for_member 819 820 This will be raised if the shared files and folders associated with the sharing 821 could not be fetched on a member's instance. 822 The request error will be returned in the `error` attribute and the member's 823 domain in the `member` attribute. No further consistency checks will be run for 824 this member. 825 826 ##### disk_quota_exceeded 827 828 This will be raised if a file is outdated or missing on an instance and its size 829 is larger than the available space on this instance. If the file was created or 830 modified in the last 5 minutes, the check is skipped as we expect the 831 synchronization to happen later. 832 The instance's domain will be available in the `instance` attribute. 833 834 ##### read_only_member 835 836 This will be raised if a file or folder is outdated or missing on the owner's 837 instance and the member being checked has only read-only access to the sharing. 838 This is not really an error as this behavior is expected but since it can be 839 confusing for users we log it for debugging purposes. 840 The member's domain will be available in the `member` attribute. 841 842 ##### invalid_doc_rev 843 844 This will be raised if a file or folder's revisions don't match on the owner's 845 and member's instances while the member has write access to the sharing and the 846 file size is not greater than the outdated instance's available disk space. The 847 revisions generations can be the same too. If the document was modified in the 848 last 5 minutes, the check is skipped as we expect the synchronization to happen 849 later. 850 The member's domain will be available in the `member` attribute, as well as the 851 revision of the member document in `memberRev` and the complete owner document 852 in `ownerDoc`. 853 854 ##### invalid_doc_name 855 856 This will be raised if a file or folder's revisions match on the owner's and 857 member's instances but their names don't. 858 The member's domain will be available in the `member` attribute, as well as the 859 name of the member document in `memberName` and the complete owner document 860 in `ownerDoc`. 861 862 ##### invalid_doc_checksum 863 864 This will be raised if a file's revisions match on the owner's and member's 865 instances but their checksums don't. 866 The member's domain will be available in the `member` attribute, as well as the 867 checksum of the member file in `memberChecksum` and the complete owner document 868 in `ownerDoc`. 869 870 ##### invalid_doc_parent 871 872 This will be raised if a file or folder's parent directories don't match on the 873 owner's and member's instances but their names don't. Since it is expected for 874 the sharing root to not have different parents on each instance, the check does 875 not apply to this document. 876 The member's domain will be available in the `member` attribute, as well as the 877 id of the member's parent directory in `memberParent` and the complete owner 878 document in `ownerDoc`. 879 880 ##### missing_matching_doc_for_owner 881 882 This will be raised if a file or directory is missing on the owner's instance 883 while the member being check has write access to the sharing and the file size 884 is not greater than the instance's available disk space. If the missing document 885 was created or modified in the last 5 minutes, the check is skipped as we expect 886 the synchronization to happen later. 887 The member's domain will be available in the `member` attribute and the complete 888 missing member document in `memberDoc`. 889 890 ##### missing_matching_doc_for_member 891 892 This will be raised if a file or directory is missing on a member's instance 893 while the file size is not greater than the instance's available disk space. If 894 the missing document was created or modified in the last 5 minutes, the check is 895 skipped as we expect the synchronization to happen later. 896 The member's domain will be available in the `member` attribute and the complete 897 missing owner document in `ownerDoc`. 898 899 === 900 901 Other error types include `missing_trigger_on_active_sharing`, 902 `trigger_on_inactive_sharing`, `not_enough_members`, `mail_not_sent`, 903 `invalid_member_status`, `invalid_instance_for_member`, 904 `missing_instance_for_member`, `missing_oauth_client`, `missing_access_token`, 905 `invalid_number_of_credentials` and `missing_inbound_client_id`. 906 907 When checking for files and folders inconsistencies, sharings will be skipped 908 when inactive, not initialized, read-only or not about `io.cozy.files` 909 documents. 910 Also, for each instance, only the sharings owned by said instance will be 911 checked. Other sharings will be checked via their owner instance. 912 913 #### Request 914 915 ```http 916 POST /instances/alice.cozy.localhost/checks/sharings HTTP/1.1 917 ``` 918 919 #### Response 920 921 ```http 922 HTTP/1.1 200 OK 923 Content-Type: application/json 924 ``` 925 926 ```json 927 [ 928 {"id":"314d69d7ebaed0a1870cca67f4433390","trigger":"track","trigger_id":"314d69d7ebaed0a1870cca67f4d75e41","type":"trigger_on_inactive_sharing"}, 929 {"id":"314d69d7ebaed0a1870cca67f4433390","trigger":"replicate","trigger_id":"314d69d7ebaed0a1870cca67f4d75e41","type":"trigger_on_inactive_sharing"}, 930 {"id":"314d69d7ebaed0a1870cca67f4433390","trigger":"upload","trigger_id":"314d69d7ebaed0a1870cca67f4d75e41","type":"trigger_on_inactive_sharing"}, 931 {"id":"314d69d7ebaed0a1870cca67f4433390","member":0,"status":"revoked","type":"invalid_member_status"}, 932 {"id":"314d69d7ebaed0a1870cca67f4433390","nb_members":0,"owner":false,"type":"invalid_number_of_credentials"} 933 ] 934 ``` 935 936 937 ## Konnectors 938 939 ### GET /konnectors/maintenance 940 941 #### Request 942 943 ```http 944 GET /konnectors/maintenance HTTP/1.1 945 ``` 946 947 A parameter `Context` can be given on the query string to also includes the 948 konnectors that are in maintenance on the apps registry. 949 950 #### Response 951 952 ```http 953 HTTP/1.1 200 OK 954 Content-Type: application/json 955 ``` 956 957 ```json 958 { 959 "meta": { 960 "count": 1 961 }, 962 "data": [ 963 { 964 "type": "io.cozy.konnectors.maintenance", 965 "attributes": { 966 "level": "stack", 967 "maintenance_activated": true, 968 "maintenance_options": { 969 "flag_disallow_manual_exec": false, 970 "flag_infra_maintenance": true, 971 "flag_short_maintenance": true, 972 "messages": { 973 "fr": { 974 "long_message": "Bla bla bla", 975 "short_message": "Bla" 976 } 977 } 978 }, 979 "slug": "ameli", 980 "type": "konnector" 981 } 982 } 983 ] 984 } 985 ``` 986 987 **Note:** `level` can be `stack` or `registry`. 988 989 ### PUT /konnectors/maintenance/:slug 990 991 #### Request 992 993 ```http 994 PUT /konnectors/maintenance/ameli HTTP/1.1 995 Content-Type: application/vnd.api+json 996 ``` 997 998 ```json 999 { 1000 "data": { 1001 "attributes": { 1002 "flag_short_maintenance": true, 1003 "flag_disallow_manual_exec": false, 1004 "messages": { 1005 "fr": { 1006 "long_message": "Bla bla bla", 1007 "short_message": "Bla" 1008 }, 1009 "en": { 1010 "long_message": "Yadi yadi yada", 1011 "short_message": "Yada" 1012 } 1013 } 1014 } 1015 } 1016 } 1017 ``` 1018 1019 **Note:** the `flag_infra_maintenance` will always be set to true with this 1020 endpoint. 1021 1022 #### Response 1023 1024 ```http 1025 HTTP/1.1 204 No Content 1026 ``` 1027 1028 ### DELETE /konnectors/maintenance/:slug 1029 1030 #### Request 1031 1032 ```http 1033 DELETE /konnectors/maintenance/ameli HTTP/1.1 1034 ``` 1035 1036 #### Response 1037 1038 ```http 1039 HTTP/1.1 204 No Content 1040 ``` 1041 1042 ## OIDC 1043 1044 ### POST /oidc/:context/:provider/code 1045 1046 This endpoint is used by the cloudery to create a delegated code, which will be 1047 then used by the flagship app to obtain its access_token and refresh_token. The 1048 `:provider` parameter can be `generic` or `franceconnect`. 1049 1050 The cloudery sends its access_token for the OIDC provider, the stack can use it 1051 to make a request to the userinfo endpoint of the OIDC provider. With the 1052 response, the stack can create a delegated code associated to the sub. 1053 1054 ```http 1055 POST /oidc/dev/franceconnect/code HTTP/1.1 1056 Accept: application/json 1057 Content-Type: application/json 1058 Authorization: Bearer ZmE2ZTFmN 1059 ``` 1060 1061 ```json 1062 { 1063 "access_token": "ZmE2ZTFmN" 1064 } 1065 ``` 1066 1067 ```http 1068 HTTP/1.1 200 OK 1069 Content-Type: application/json 1070 ``` 1071 1072 ```json 1073 { 1074 "delegated_code": "wMTNiLTNmZWItMThY", 1075 "sub": "DIzYWE2MjA", 1076 "email": "jerome@example.org" 1077 } 1078 ``` 1079 1080 ## OAuth clients 1081 1082 ### DELETE /oauth/:domain/clients 1083 1084 Delete all the OAuth clients for the given instance. It can be limited to a 1085 specific kind of clients (`desktop`, `mobile`, `sharing`, etc.) by using the 1086 `Kind` parameter of the query-string. It returns the number of clients that 1087 have been deleted. 1088 1089 #### Request 1090 1091 ```http 1092 DELETE /oauth/cozy.example/clients HTTP/1.1 1093 ``` 1094 1095 #### Response 1096 1097 ```http 1098 HTTP/1.1 200 OK 1099 ``` 1100 1101 ```json 1102 {"count": 42} 1103 ``` 1104 1105 ## Swift 1106 1107 ### GET /swift/layouts 1108 1109 Count swift layouts by type 1110 1111 #### Request 1112 1113 ```http 1114 GET /swift/layouts HTTP/1.1 1115 ``` 1116 1117 #### Response 1118 1119 ```http 1120 HTTP/1.1 200 OK 1121 Content-Type: application/json 1122 ``` 1123 1124 ```json 1125 { 1126 "total": 3, 1127 "unknown": { 1128 "counter": 0 1129 }, 1130 "v1": { 1131 "counter": 1 1132 }, 1133 "v2a": { 1134 "counter": 0 1135 }, 1136 "v2b": { 1137 "counter": 0 1138 }, 1139 "v3a": { 1140 "counter": 2 1141 }, 1142 "v3b": { 1143 "counter": 4 1144 } 1145 } 1146 ``` 1147 1148 The `show_domains=true` query parameter provides the domain names if needed 1149 1150 1151 #### Request 1152 1153 ```http 1154 GET /swift/layouts?show_domains=true HTTP/1.1 1155 ``` 1156 1157 #### Response 1158 1159 ```http 1160 HTTP/1.1 200 OK 1161 Content-Type: application/json 1162 ``` 1163 1164 ```json 1165 { 1166 "total": 3, 1167 "unknown": { 1168 "counter": 0 1169 }, 1170 "v1": { 1171 "counter": 1, 1172 "domains": [ 1173 "bob.cozy.localhost:8081" 1174 ] 1175 }, 1176 "v2a": { 1177 "counter": 0 1178 }, 1179 "v2b": { 1180 "counter": 0 1181 }, 1182 "v3a": { 1183 "counter": 2, 1184 "domains": [ 1185 "alice.cozy.localhost:8081", 1186 "ru.cozy.localhost:8081" 1187 ] 1188 }, 1189 "v3b": { 1190 "counter": 4, 1191 "domains": [ 1192 "foo.cozy.localhost:8081", 1193 "bar.cozy.localhost:8081", 1194 "baz.cozy.localhost:8081", 1195 "foobar.cozy.localhost:8081" 1196 ] 1197 } 1198 } 1199 ``` 1200 1201 ### GET /swift/vfs/:object 1202 1203 Retrieves a Swift object 1204 1205 #### Request 1206 1207 ```http 1208 GET /swift/vfs/67a88b22520680b1fae840%2F9a8a0%2F18d02%2FiYbkfuCDEMaVoIXg HTTP/1.1 1209 Host: alice.cozy.localhost 1210 ``` 1211 1212 #### Response 1213 1214 ```http 1215 HTTP/1.1 200 OK 1216 Content-Type: text/plain 1217 ``` 1218 1219 ```text 1220 "foobar" 1221 ``` 1222 1223 ### PUT /swift/vfs/:object 1224 1225 Put an object in Swift 1226 1227 #### Request 1228 1229 ```http 1230 PUT /swift/vfs/67a88b22520680b1fae840%2F9a8a0%2F18d02%2FiYbkfuCDEMaVoIXg HTTP/1.1 1231 Host: alice.cozy.localhost 1232 Content-Type: text/plain 1233 ``` 1234 1235 ```text 1236 "this is my content" 1237 ``` 1238 1239 ### DELETE /swift/vfs/:object 1240 1241 Removes an object from Swift 1242 1243 #### Request 1244 1245 ```http 1246 DELETE /swift/vfs/67a88b22520680b1fae840%2F9a8a0%2F18d02%2FiYbkfuCDEMaVoIXg HTTP/1.1 1247 Host: alice.cozy.localhost 1248 ``` 1249 1250 ### GET /swift/vfs 1251 1252 List Swift objects of an instance 1253 1254 #### Request 1255 1256 ```http 1257 GET /swift/vfs HTTP/1.1 1258 Host: alice.cozy.localhost 1259 ``` 1260 1261 #### Response 1262 1263 ```http 1264 HTTP/1.1 200 OK 1265 Content-Type: application/json 1266 ``` 1267 1268 ```json 1269 { 1270 "objects_names": [ 1271 "67a88b22520680b1fae840/9a8a0/17264/AxfGhAiWVRhPufKK", 1272 "67a88b22520680b1fae840/9a8a0/18d02/iYbkfuCDEMaVoIXg", 1273 "thumbs/67a88b22520680b1fae840/9a8a0/17264-large", 1274 "thumbs/67a88b22520680b1fae840/9a8a0/17264-medium", 1275 "thumbs/67a88b22520680b1fae840/9a8a0/17264-small", 1276 "thumbs/67a88b22520680b1fae840/9a8a0/17264-tiny" 1277 ] 1278 } 1279 ``` 1280 1281 ## Tools 1282 1283 ### GET /tools/pprof/heap 1284 1285 Return a sampling of memory allocations as pprof format. 1286 1287 #### Request 1288 1289 ```http 1290 GET /tools/pprof/heap HTTP/1.1 1291 ``` 1292 1293 #### Response 1294 1295 ```http 1296 HTTP/1.1 200 OK 1297 ```