adding last examples

weaviate · Dec 10, 2024 · 1d74cf3 · 1d74cf3
1 parent 4787ad8
commit 1d74cf3
Show file tree

Hide file tree

Showing 2 changed files with 201 additions and 4 deletions.
diff --git a/_includes/code/python/howto.configure.rbac.roles.py b/_includes/code/python/howto.configure.rbac.roles.py
@@ -80,5 +80,48 @@
 
 # START CheckRoleExists
 
-admin_client.roles.exists(role_name="devrel")
-# END CheckRoleExists
+admin_client.roles.exists(role_name="role-name")
+# END CheckRoleExists
+
+# START InspectRole
+
+admin_client.roles.by_name(role_name="role-name")
+# END InspectRole
+
+# START AssignedUsers
+
+admin_client.roles.assigned_users(role_name="role-name")
+# END AssignedUsers
+
+# START ListAllRoles
+
+admin_client.roles.list_all()
+# END ListAllRoles
+
+
+# START DeleteRole
+
+admin_client.roles.delete(role_name="role-name")
+# END DeleteRole
+
+# START RevoveRoles
+
+admin_client.roles.revoke_from_user(role_names=["role-1", "role-2"], user="jane-doe")
+# END RevoveRoles
+
+
+# START RemovePermissions
+
+permissions = [
+    Permissions.collections(
+      collection="Test_DevRel", 
+      read_config=True, 
+      create_collection=True, 
+      delete_collection=True,
+  ),
+  Permissions.data(collection="Test_*", read=True, create=False)
+]
+
+admin_client.roles.remove_permissions(
+    role_name="devrel", permissions=permissions
+)# END RemovePermissions
diff --git a/developers/weaviate/configuration/roles.md b/developers/weaviate/configuration/roles.md
@@ -317,6 +317,36 @@ Finally, let's add some extra permissions around inspecting the Cluster and Node
 
 </Tabs>
 
+### Remove permissions from a role
+You can provide a list of `Permissions` and a role name to the `remove_permissions` mehtod, to remove the permissions from that role. If the permissions you've provided do not exist in the first place, it will be ignored. If the permission is the last one available for a given role, this will delete the role.
+
+In the example below, we are removing the permissions to read the data from collections that start with "Test-" and the permission to create and delete collections called "Test_DevRel" from the "devrel" role.
+
+<Tabs groupId="languages">
+
+  <TabItem value="py" label="Python Client v4">
+    <FilteredTextBlock
+      text={RolePyCode}
+      startMarker="# START RemovePermissions"
+      endMarker="# END RemovePermissions"
+      language="py"
+    />
+  </TabItem>
+
+  <TabItem value="js" label="JS/TS Client v3">
+    TBD
+  </TabItem>
+
+  <TabItem value="go" label="Go">
+    TBD
+  </TabItem>
+
+  <TabItem value="java" label="Java">
+    TBD
+  </TabItem>
+
+</Tabs>
+
 ### Assign a role to a user
 When connected to weaviate as an admin, we can assign one or more roles to a given user. For example, let's assign the "devrel" role to "jane-doe"
 
@@ -405,12 +435,136 @@ For example, the `admin_client` below is first listing its own roles, then, of t
 
 ### Inspect a role
 
-### List all roles
+<Tabs groupId="languages">
+
+  <TabItem value="py" label="Python Client v4">
+    <FilteredTextBlock
+      text={RolePyCode}
+      startMarker="# START InspectRole"
+      endMarker="# END InspectRole"
+      language="py"
+    />
+  </TabItem>
+
+  <TabItem value="js" label="JS/TS Client v3">
+    TBD
+  </TabItem>
+
+  <TabItem value="go" label="Go">
+    TBD
+  </TabItem>
+
+  <TabItem value="java" label="Java">
+    TBD
+  </TabItem>
+
+</Tabs>
+
+### List all Roles
+
+<Tabs groupId="languages">
+
+  <TabItem value="py" label="Python Client v4">
+    <FilteredTextBlock
+      text={RolePyCode}
+      startMarker="# START ListAllRoles"
+      endMarker="# END ListAllRolesd"
+      language="py"
+    />
+  </TabItem>
+
+  <TabItem value="js" label="JS/TS Client v3">
+    TBD
+  </TabItem>
+
+  <TabItem value="go" label="Go">
+    TBD
+  </TabItem>
+
+  <TabItem value="java" label="Java">
+    TBD
+  </TabItem>
+
+</Tabs>
 
 ### List users with a role
 
+<Tabs groupId="languages">
+
+  <TabItem value="py" label="Python Client v4">
+    <FilteredTextBlock
+      text={RolePyCode}
+      startMarker="# START AssignedUsers"
+      endMarker="# END AssignedUsers"
+      language="py"
+    />
+  </TabItem>
+
+  <TabItem value="js" label="JS/TS Client v3">
+    TBD
+  </TabItem>
+
+  <TabItem value="go" label="Go">
+    TBD
+  </TabItem>
+
+  <TabItem value="java" label="Java">
+    TBD
+  </TabItem>
+
+</Tabs>
+
 ### Delete a role
 
+<Tabs groupId="languages">
+
+  <TabItem value="py" label="Python Client v4">
+    <FilteredTextBlock
+      text={RolePyCode}
+      startMarker="# START DeleteRole"
+      endMarker="# END DeleteRole"
+      language="py"
+    />
+  </TabItem>
+
+  <TabItem value="js" label="JS/TS Client v3">
+    TBD
+  </TabItem>
+
+  <TabItem value="go" label="Go">
+    TBD
+  </TabItem>
+
+  <TabItem value="java" label="Java">
+    TBD
+  </TabItem>
+
+</Tabs>
+
 ### Revoke a role from a user
+You can revoke one or more roles from a specific user. Below, we are revoking "role-1" and "role-2" from the user "jane-doe".
+
+<Tabs groupId="languages">
+
+  <TabItem value="py" label="Python Client v4">
+    <FilteredTextBlock
+      text={RolePyCode}
+      startMarker="# START RevokeRoles"
+      endMarker="# END RevokeRoles"
+      language="py"
+    />
+  </TabItem>
 
-### Remove a permission from a role
+  <TabItem value="js" label="JS/TS Client v3">
+    TBD
+  </TabItem>
+
+  <TabItem value="go" label="Go">
+    TBD
+  </TabItem>
+
+  <TabItem value="java" label="Java">
+    TBD
+  </TabItem>
+
+</Tabs>