(Click to open topic with navigation)
See the associated Permissions resource section for more information on how to use this resource and supported operations.
Additional references
Type | Value | Additional information |
---|---|---|
Permissions resource | permissions/users | Permissions |
Hooks filename | permissions.users.groovy | Pre- and Post-Processing Hooks |
Tenant-supported | No | Tenants |
Distinct query-supported | Yes | Distinct |
Field Name | Type | Description |
---|---|---|
id | String |
The unique ID of the cached user permission. |
name | String |
The unique name of the user. |
permissions | List<Permission> |
The list of permissions. |
Represents a permission
Field Name | Type | Description |
---|---|---|
id | String |
The unique ID of this role. |
action | String |
The action that can be performed on the resource. |
description | String |
A description of this permission. |
fieldPath | String |
Field level ACL control, if null or '*', all fields are accessible, otherwise requests must match dot delimited path. Currently only checked when doing writable actions. Example - attributes.*: create|update |
label | String |
A human readable label for this permission. |
resource | String |
The resource the permission applies to. |
resourceFilter | Map<String, Map> |
A map used to limit which resource instances this permission applies to. If this is null then the permission will apply to all instances of the resource. For api permissions the filter uses mongo query syntax. |
scope | PrivilegeScope |
Whether this permission applies to the principal's tenant-associated resources or globally |
type | String |
The type of the permission. Only 'api' type permissions are enforced. |
Some permissions and roles ignore tenants and apply globally. Others apply only to the resources associated with the principal's tenants.
Field Name | Type | Description |
---|---|---|
id | String |
The unique ID of the cached user permission. |
name | String |
The unique name of the user. |
permissions | List<Permission> |
The list of permissions. |
Represents a permission
Field Name | Type | Description |
---|---|---|
id | String |
The unique ID of this role. |
action | String |
The action that can be performed on the resource. |
description | String |
A description of this permission. |
fieldPath | String |
Field level ACL control, if null or '*', all fields are accessible, otherwise requests must match dot delimited path. Currently only checked when doing writable actions. Example - attributes.*: create|update |
label | String |
A human readable label for this permission. |
resource | String |
The resource the permission applies to. |
resourceFilter | Map<String, Map> |
A map used to limit which resource instances this permission applies to. If this is null then the permission will apply to all instances of the resource. For api permissions the filter uses mongo query syntax. |
scope | PrivilegeScope |
Whether this permission applies to the principal's tenant-associated resources or globally |
type | String |
The type of the permission. Only 'api' type permissions are enforced. |
Some permissions and roles ignore tenants and apply globally. Others apply only to the resources associated with the principal's tenants.
Related Topics