System Permission

Manage global system permissions.

opal perm-system <CREDENTIALS> [OPTIONS] [EXTRAS]


Option Description
--add, -a Add a permission
--delete, -d Delete a permission
--permission PERM, -pe PERM Permission to apply: administrate, add-project
--subject SUBJECT, -s SUBJECT Subject name to which the permission will be granted
--type TYPE, -ty TYPE Subject type: user or group


Authentication can be done by username/password credentials OR by personal access token OR by certificate/private key pair (two-way SSL authentication).

Option Description
--opal OPAL, -o OPAL Opal server base url
--user USER, -u USER Credentials auth: user name (requires a password)
--password PASSWORD, -p PASSWORD Credentials auth: user password (requires a user name)
--otp, -ot Whether a one-time password is to be provided (required when connecting with username/password AND two-factor authentication is enabled)
--token TOKEN, -tk TOKEN Token auth: user’s personal access token
--ssl-cert SSL_CERT, -sc SSL_CERT Two-way SSL auth: certificate/public key file (requires a private key)
--ssl-key SSL_KEY, -sk SSL_KEY Two-way SSL auth: private key file (requires a certificate)


Option Description
-h, --help Show the command help’s message.
--verbose, -v Verbose output.
--json, -j Output pretty-print JSON


Add add-project permission for subject demouser:

opal perm-system --opal --user administrator --password password --type USER --subject demouser --permission add-project --add

Remove the above permission:

opal perm-system --opal --user administrator --password password --type USER --subject demouser --delete