Project

General

Profile

Feature #18182

Updated by Peter Amstutz almost 3 years ago

We have a get_permissions API call which returns the direct permission links to an object.    For auditing, it is desireable to be able to get a list of _all_ the users and groups that have permission to an object, through both direct and indirect permissions. 

 Should also be able to apply filters (e.g. to search for a specific user or group by name). 

 Proposal: add a parameter to get_permissions such as "indirect=true" that returns both direct and indirect permission grants in the form {uuid, permission_type}. 

 It would also be convenient to be able to return the user/group objects in an 'included' field, for those objects where the requesting user has read access.    This would allow a single API response to include both the permission grants and the names of the users/groups that have the grant (instead of having to look up the users/groups separately). 

Back