Progress will discontinue Telerik Platform on May 10th, 2018. Learn more

Reading Item-Level Permissions

Reading Item-Level Permissions

An item's ACL object is returned in standard read requests as part of the item object. However, for security reasons you are required to use either Master Key authorization or the item owner user account.

If a user account reads multiple items, it only gets the ACLs of items it owns.

Items that are not owned by the user account making the request are returned with a Meta.Permissions object containing the allowed actions for the current user account. The information in this object reflects the entire security hierarchy, including type-level and item-level permissions.

Note that the Meta.Permissions object is returned for anonymous requests as well, allowing you to find out the permissions of the anonymous user.

$.ajax({
    type: "GET",
    url: 'https://api.everlive.com/v1/your-app-id/type-name/item-id',
    headers: { "Authorization" : "Masterkey your-master-key" },
    success: function(data){
        alert(JSON.stringify(data));
    },
    error: function(error){
        alert(JSON.stringify(error));
    }
});
Request:
    GET https://api.everlive.com/v1/your-app-id/type-name/item-id 
Headers:
    Authorization  MasterKey your-master-key
Response:
    Status: 200 OK
    Content-Type: application/json

Result:

STATUS 200 OK
{
    "Result": {
        "Comment": "Congratulations!",
        "ActivityId": "c473ea77-f7c0-11e4-87db-713680c9d2da",
        "UserId": "c473ea73-f7c0-11e4-87db-713680c9d2da",
        "CreatedBy": "c473ea73-f7c0-11e4-87db-713680c9d2da",
        "Owner": "c473ea73-f7c0-11e4-87db-713680c9d2da",
        "CreatedAt": "2015-05-11T09:33:25.282Z",
        "ModifiedAt": "2015-05-11T09:33:25.282Z",
        "ModifiedBy": "00000000-0000-0000-0000-000000000000",
        "_ACL": {
            "RolesCanRead": [
                "b6970600-23e2-11e5-8f10-7192c7d7169d"
            ],
            "RolesCanUpdate": [
                "b6970600-23e2-11e5-8f10-7192c7d7169d"
            ],
            "RolesCanDelete": [],
            "UsersCanRead": [
                "c473ea73-f7c0-11e4-87db-713680c9d2da"
            ],
            "UsersCanUpdate": [
                "c473ea73-f7c0-11e4-87db-713680c9d2da"
            ],
            "UsersCanDelete": [
                "c473ea73-f7c0-11e4-87db-713680c9d2da"
            ]
        },
        "Id": "c5d50110-f7c0-11e4-87db-713680c9d2da"
    }
}

The following is a sample result containing the Meta.Permissions object:

{
    Text : "Text",
    Name : "SampleItem",
    CreatedAt : ... ,
    ModifiedAt : ... ,
    CreatedBy : "a3eec1c0-08d0-11e3-a29e-b3aae595dddf",
    ModifiedBy : "a3eec1c0-08d0-11e3-a29e-b3aae595dddf",
    Owner: "a3eec1c0-08d0-11e3-a29e-b3aae595dddf",
    Id : "34f3fb90-fde1-11e2-88a1-d78d1b2ab6cf",
    Meta : {
         Permissions : {
             CanRead : true,
             CanUpdate : true,
             CanDelete : true
        }
    }
}

See Also

Contact us: +1-888-365-2779
sales@telerik.com
Copyright © 2016-2017, Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved.