Feature #18182

Parameter on get_permissions API to return every user and group with permissions

Added by Peter Amstutz about 1 month ago. Updated about 1 month ago.

Status:
New
Priority:
Normal
Assigned To:
-
Category:
API
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Story points:
-

Description

We have a get_permissions API call which returns the direct permission links to an object. For auditing, it is desireable to be able to get a list of all the users and groups that have permission to an object, through both direct and indirect permissions.

Proposal: add a parameter to get_permissions such as "indirect=true" that returns both direct and indirect permission grants in the form {uuid, permission_type}.

It would also be convenient to be able to return the user/group objects in an 'included' field, for those objects where the requesting user has read access. This would allow a single API response to include both the permission grants and the names of the users/groups that have the grant (instead of having to look up the users/groups separately).

History

#1 Updated by Peter Amstutz about 1 month ago

  • Category set to API

#2 Updated by Peter Amstutz about 1 month ago

  • Description updated (diff)

Also available in: Atom PDF