Progress will discontinue Telerik Platform on May 10th, 2018. Learn more

Managing Type-Level Permissions

Managing Type-Level Permissions

Permissions restrict the CRUD operations that each role can perform over a given type. Permissions can only be read and updated.

Read

Read is a simple Get requests. This will get all permissions for the application.

//Ajax request using jQuery
$.ajax({
    url: 'https://api.everlive.com/v1/Metadata/Applications/your-app-id/Permissions',
    type: "GET",
    headers: {"Authorization" : "Masterkey your-master-key"},
    success: function(data){
        alert(JSON.stringify(data));
    },
    error: function(error){
        alert(JSON.stringify(error));
    }
})
Request:
    GET https://api.everlive.com/v1/Metadata/Applications/your-app-id/Permissions
Headers:
    Authorization  Masterkey your-master-key
Response:
    Status: 200 OK
    Content-Type: application/json

Note: CanCreate, CanRead, CanUpdate, CanDelete are boolean and accept "true" and "false" as values. If you don't specify a value for some of them it will receive true as default.

After setting the permission, the server will return the number of updated permissions.

Read by Filter

You can apply filters just as in a normal data request in order to get the permissions for a particular content type or role.

var filter = {
    ContentTypeId: "type-id"
};

//Ajax request using jQuery
$.ajax({
    url: 'https://api.everlive.com/v1/Metadata/Applications/your-app-id/Permissions',
    type: "GET",
    headers: {
        "Authorization" : "Masterkey your-master-key",
        "X-Everlive-Filter" : JSON.stringify(filter)
    },
    success: function(data){
        alert(JSON.stringify(data));
    },
    error: function(error){
        alert(JSON.stringify(error));
    }
})
Request:
    GET https://api.everlive.com/v1/Metadata/Applications/your-app-id/Permissions
Headers:
    Authorization  Masterkey your-master-key
    X-Everlive-Filter { "ContentTypeId" : "type-id" }
Response:
    Status: 200 OK
    Content-Type: application/json

Update

You can update a permission by providing a content type id and role id and specifying the new permissions.

var updateData = {
    "ContentTypeId" : "type-id",
    "RoleId": "role-id-here",
    "CanRead": true,
    "CanCreate": true,
    "CanUpdate": false,
    "CanDelete": false
};

//Ajax request using jQuery
$.ajax({
    url: 'https://api.everlive.com/v1/Metadata/Applications/your-app-id/Permissions',
    type: "PUT",
    headers: {
        "Authorization" : "Masterkey your-master-key"
    },
    contentType: "application/json",
    data: JSON.stringify(updateData),
    success: function(data){
        alert(JSON.stringify(data));
    },
    error: function(error){
        alert(JSON.stringify(error));
    }
})
Request:
    PUT https://api.everlive.com/v1/Metadata/Applications/your-app-id/Permissions
Headers:
    Authorization  Masterkey your-master-key
    Content-Type application/json
    Payload - raw:
    {
        "ContentTypeId" : "type-id",
        "RoleId": "role-id-here",
        "CanRead": true,
        "CanCreate": true,
        "CanUpdate": false,
        "CanDelete": false
    } 
Response:
    Status: 200 OK
    Content-Type: application/json

Also you might want to update more than one permission for more than one type. Simply pass an array of objects in the body. The object must contain "ContantTypeId" and "RoleId" in addition to "CanCreate", "CanRead", "CanUpdate", "CanDelete".

var updateData = [
    {
        "ContentTypeId" : "type-id",
        "RoleId": "role-id-here",
        "CanRead": true,
        "CanCreate": true,
        "CanUpdate": false,
        "CanDelete": false
    },
    {
        "ContentTypeId" : "type-id",
        "RoleId": "role-id-here",
        "CanRead": true,
        "CanCreate": false,
        "CanUpdate": true,
        "CanDelete": false
    }
];

//Ajax request using jQuery
$.ajax({
    url: 'https://api.everlive.com/v1/Metadata/Applications/your-app-id/Permissions'
    type: "PUT",
    headers: {
        "Authorization" : "Masterkey your-master-key"
    },
    contentType: "application/json",
    data: JSON.stringify(updateData),
    success: function(data){
        alert(JSON.stringify(data));
    },
    error: function(error){
        alert(JSON.stringify(error));
    }
})
Request:
    PUT https://api.everlive.com/v1/Metadata/Applications/your-app-id/Permissions
Headers:
    Authorization  Masterkey your-master-key
    Content-Type application/json       
Payload - raw:
    [
        {
            "ContentTypeId" : "type-id",
            "RoleId": "role-id-here",
            "CanRead": true,
            "CanCreate": true,
            "CanUpdate": false,
            "CanDelete": false
        },
        {
            "ContentTypeId" : "type-id",
            "RoleId": "role-id-here",
            "CanRead": true,
            "CanCreate": false,
            "CanUpdate": true,
            "CanDelete": false
        }
    ] 
Response:
    Status: 200 OK
    Content-Type: application/json
Contact us: +1-888-365-2779
sales@telerik.com
Copyright © 2016-2017, Progress Software Corporation and/or its subsidiaries or affiliates. All rights reserved.