/r/{repoId}/permissions/{id}
GET
Retrieving a permission
In the response, you receive the detailed information about the specified permission.
Parameters
repoId/string/required
The unique ID of the repository.
id/string/required
The unique ID of the permission.
Responses
200
The permission was determined successfully.
Content
Media type: application/json
{
"assignments": {
"type": "array",
"items": {
"required": [
"subject"
],
"type": "object",
"properties": {
"delete": {
"type": "string",
"description": "Authorizes the group members or applications to delete objects.",
"default": "INHERITED",
"nullable": true,
"example": "ALLOWED | INHERITED | DENIED"
},
"read": {
"type": "string",
"description": "Authorizes the group members or applications to read objects.",
"default": "INHERITED",
"nullable": true,
"example": "ALLOWED | INHERITED | DENIED"
},
"subject": {
"minLength": 1,
"type": "string",
"description": "The ID of an application or group from the identity provider app.",
"example": "00000000-0000-0000-0000-000000000000 | APP_NAME"
},
"type": {
"type": "string",
"description": "The type of the object that is being assigned.\r\n- GROUP: The right is assigned to a group.\r\n- APP: The right is assigned to an application.",
"default": "GROUP",
"nullable": true,
"example": "GROUP | APP"
},
"write": {
"type": "string",
"description": "Authorizes the group members or applications to edit or create objects.",
"default": "INHERITED",
"nullable": true,
"example": "ALLOWED | INHERITED | DENIED"
}
},
"additionalProperties": false,
"description": "An assignment describes a group or application that contains permissions and their corresponding rights.\r\n \r\nYou can use this restriction levels:\r\n- ALLOWED: Right is explicitly granted.\r\n- INHERITED: Right is not granted. If several permissions for the group or application pertain to an object, the others will apply. Otherwise as DENIED\r\n- DENIED: Right is explicitly denied. If several permissions for the group or application pertain to an object, DENIED will always apply.\r\nIf the property read contains the value DENIED, the properties write and delete also need to contain the value DENIED.\r\nIf the properties write or delete contain the value ALLOWED, the property read also needs to contain the value ALLOWED."
},
"description": "The groups and applications receiving permissions.",
"nullable": true
},
"id": {
"type": "string",
"description": "The unique ID of the permission.",
"nullable": true,
"readOnly": true,
"example": "00000000-0000-0000-0000-000000000000"
},
"name": {
"minLength": 1,
"type": "string",
"description": "Name, only relevant for differentiation by the administrator.",
"example": "supplier permission"
},
"restrictions": {
"type": "array",
"items": {
"required": [
"key",
"value"
],
"type": "object",
"properties": {
"key": {
"minLength": 1,
"type": "string",
"description": "Either CATEGORY to filter for a category (may occur only once), or the ID of an object property.",
"example": "CATEGORY | 00000000-0000-0000-0000-000000000000 | OWNER"
},
"value": {
"minLength": 1,
"type": "string",
"description": "For a category the ID of the category, in all other cases a filter text.\r\n \r\nOperators:\r\n- Range: |-\r\n- Placeholder for an unknown number of characters: *\r\n- Placeholder for exactly one unknown character: ?\r\n- Placeholder for the ID of the logged on user: @CURRENT_USER\r\n- Placeholder for the ID of a group or application in which the logged on user is a member: @CURRENT_USER_IN_GROUP\r\n- Dynamically via a filter set with @Filter([Filter-ID])",
"example": "00000000-0000-0000-0000-000000000000 | @CURRENT_USER"
}
},
"additionalProperties": false,
"description": "The restriction object describes a filter that defines the documents and dossiers to which this permission applies."
},
"description": "The filters defining to which documents and dossiers this permission applies. There must be at least one object with the key category."
}
}
Media type: application/hal+json
{
"assignments": {
"type": "array",
"items": {
"required": [
"subject"
],
"type": "object",
"properties": {
"delete": {
"type": "string",
"description": "Authorizes the group members or applications to delete objects.",
"default": "INHERITED",
"nullable": true,
"example": "ALLOWED | INHERITED | DENIED"
},
"read": {
"type": "string",
"description": "Authorizes the group members or applications to read objects.",
"default": "INHERITED",
"nullable": true,
"example": "ALLOWED | INHERITED | DENIED"
},
"subject": {
"minLength": 1,
"type": "string",
"description": "The ID of an application or group from the identity provider app.",
"example": "00000000-0000-0000-0000-000000000000 | APP_NAME"
},
"type": {
"type": "string",
"description": "The type of the object that is being assigned.\r\n- GROUP: The right is assigned to a group.\r\n- APP: The right is assigned to an application.",
"default": "GROUP",
"nullable": true,
"example": "GROUP | APP"
},
"write": {
"type": "string",
"description": "Authorizes the group members or applications to edit or create objects.",
"default": "INHERITED",
"nullable": true,
"example": "ALLOWED | INHERITED | DENIED"
}
},
"additionalProperties": false,
"description": "An assignment describes a group or application that contains permissions and their corresponding rights.\r\n \r\nYou can use this restriction levels:\r\n- ALLOWED: Right is explicitly granted.\r\n- INHERITED: Right is not granted. If several permissions for the group or application pertain to an object, the others will apply. Otherwise as DENIED\r\n- DENIED: Right is explicitly denied. If several permissions for the group or application pertain to an object, DENIED will always apply.\r\nIf the property read contains the value DENIED, the properties write and delete also need to contain the value DENIED.\r\nIf the properties write or delete contain the value ALLOWED, the property read also needs to contain the value ALLOWED."
},
"description": "The groups and applications receiving permissions.",
"nullable": true
},
"id": {
"type": "string",
"description": "The unique ID of the permission.",
"nullable": true,
"readOnly": true,
"example": "00000000-0000-0000-0000-000000000000"
},
"name": {
"minLength": 1,
"type": "string",
"description": "Name, only relevant for differentiation by the administrator.",
"example": "supplier permission"
},
"restrictions": {
"type": "array",
"items": {
"required": [
"key",
"value"
],
"type": "object",
"properties": {
"key": {
"minLength": 1,
"type": "string",
"description": "Either CATEGORY to filter for a category (may occur only once), or the ID of an object property.",
"example": "CATEGORY | 00000000-0000-0000-0000-000000000000 | OWNER"
},
"value": {
"minLength": 1,
"type": "string",
"description": "For a category the ID of the category, in all other cases a filter text.\r\n \r\nOperators:\r\n- Range: |-\r\n- Placeholder for an unknown number of characters: *\r\n- Placeholder for exactly one unknown character: ?\r\n- Placeholder for the ID of the logged on user: @CURRENT_USER\r\n- Placeholder for the ID of a group or application in which the logged on user is a member: @CURRENT_USER_IN_GROUP\r\n- Dynamically via a filter set with @Filter([Filter-ID])",
"example": "00000000-0000-0000-0000-000000000000 | @CURRENT_USER"
}
},
"additionalProperties": false,
"description": "The restriction object describes a filter that defines the documents and dossiers to which this permission applies."
},
"description": "The filters defining to which documents and dossiers this permission applies. There must be at least one object with the key category."
}
}
404
The permission with the specified ID could not be determined.
Content
Media type: application/json
{
"code": {
"type": "integer",
"format": "int32",
"example": 240100
},
"reason": {
"type": "string",
"nullable": true,
"example": "Reason why the request failed."
}
}
Media type: application/hal+json
{
"code": {
"type": "integer",
"format": "int32",
"example": 240100
},
"reason": {
"type": "string",
"nullable": true,
"example": "Reason why the request failed."
}
}
Show operation