Add or update a Role. The User will need to have admin level Roles for creating or updating a Role, or an organisation level Role for creating or updating a Role.
Permissions can be one or more of the following - .AllPermission, .AllReadPermission, .AssignRolePermission, .CreateCollectionPermission, .CreateGroupPermission, .CreateLocationPermission, .CreateOrganisationPermission, .CreatePlatformPermission, .CreateProcedurePermission, .CreateResultsPermission, .CreateRolePermission, .CreateSharePermission, .CreateStreamPermission, .CreateUserPermission, .DeleteCollectionPermission, .DeleteGroupPermission, .DeleteLocationPermission, .DeleteOrganisationPermission, .DeletePlatformPermission, .DeleteProcedurePermission, .DeleteResultsPermission, .DeleteRolePermission, .DeleteSharePermission, .DeleteStreamPermission, .DeleteThreddsDatasetPermission, .DeleteUserPermission, .ReadCollectionPermission, .ReadGroupPermission, .ReadLocationPermission, .ReadModelPermission, .ReadOrganisationPermission, .ReadPlatformPermission, .ReadProcedurePermission, .ReadResultsPermission, .ReadRolePermission, .ReadSharePermission, .ReadStreamPermission, .ReadThreddsDatasetPermission, .ReadUserPermission, .ReadWorkflowPermission, .ReadWorkflowResultsPermission, .RunWorkflowPermission, .UpdateCollectionPermission, .UpdateGroupPermission, .UpdateLocationPermission, .UpdateOrganisationPermission, .UpdatePlatformPermission, .UpdateProcedurePermission, .UpdateResultsPermission, .UpdateRolePermission, .UpdateSharePermission, .UpdateStreamPermission, .UpdateUserPermission, .WriteModelPermission, .WriteThreddsDatasetPermission, .WriteWorkflowPermission.
A client can only assign a permission to a role of a certain role scope if they already have a role with the 'createrolepermission'. For example if user a has an OrganisationRole with 'createrolepermission' they will beable to create an organisation role with any permission. Importantly they can only create an organisation role for the organisation with which they already have a 'createrolepermission'.
Similarly, if a client has a GroupRole with createrolepermission on 'group1' then they can create an other GroupRole with any permission.
Given this, the 'createrolepermission' essentially allows the client to do anything with the the scope of the role.
addressfilters: Advanced users can specify a list of address filters that apply to this role. Users connecting to Senaps APIs outside the configured IP ranges will not be assigned this role. Allowed formats are IPv4 addresses and/or IPv4 CIDR subnet notations.