Project

General

Profile

Actions

Feature #18182

open

Parameter on get_permissions API to return every user and group with permissions

Added by Peter Amstutz about 3 years ago. Updated 5 months ago.

Status:
New
Priority:
Normal
Assigned To:
-
Category:
API
Target version:
Story points:
-

Description

We have a get_permissions API call which returns the direct permission links to an object. For auditing, it is desireable to be able to get a list of all the users and groups that have permission to an object, through both direct and indirect permissions.

Should also be able to apply filters (e.g. to search for a specific user or group by name).

Proposal: add a parameter to get_permissions such as "indirect=true" that returns both direct and indirect permission grants in the form {uuid, permission_type}.

It would also be convenient to be able to return the user/group objects in an 'included' field, for those objects where the requesting user has read access. This would allow a single API response to include both the permission grants and the names of the users/groups that have the grant (instead of having to look up the users/groups separately).


Related issues

Related to Arvados - Feature #18463: Sharing dialog shows all permissions including indirect and allows searching for users by nameNewActions
Related to Arvados - Feature #20640: API for admin to query materialized permissionsResolvedTom CleggActions
Actions #1

Updated by Peter Amstutz about 3 years ago

  • Category set to API
Actions #2

Updated by Peter Amstutz about 3 years ago

  • Description updated (diff)
Actions #3

Updated by Peter Amstutz almost 3 years ago

  • Related to Feature #18463: Sharing dialog shows all permissions including indirect and allows searching for users by name added
Actions #4

Updated by Peter Amstutz almost 3 years ago

  • Description updated (diff)
Actions #5

Updated by Peter Amstutz over 1 year ago

  • Release set to 60
Actions #6

Updated by Peter Amstutz 7 months ago

  • Target version set to Future
Actions #7

Updated by Peter Amstutz 5 months ago

  • Release deleted (60)
Actions #8

Updated by Peter Amstutz 5 months ago

  • Related to Feature #20640: API for admin to query materialized permissions added
Actions

Also available in: Atom PDF