Access Control

The AccessControlController interface allows developers to define and manage user access and role.

Overview

AccessControlController is an Authorization API that provides a way for developers to get information or execute requests regarding user access, role and resources.

Methods and Response Formats

Table 1. AccessControlController Interface
Method and response format Remarks
DELETE /access/principals/{principalId} Deletes a member from a specified resource for a particular role.
POST /access/principals Adds a member to a particular role for a specified resource.
PUT /access/resources/{resourceId}/config Modifies the resource configuration.
GET /{accessType}/access/currentuser Check if the user is allowed to access a resource. Also returns the list of roles available with a user.
GET /{accessType}/access/principals Returns the list of members associated with a particular role for a specified resource.
GET /{accessType}/access/resources/{resourceId}/config Returns the resource configuration.
GET /{accessType}/access/roles/{role} Returns the role information if the role is associated with a resource.
GET /{accessType}/access/roles Returns the list of roles available for a resource.

Parameters

The request must be a standard HTTP GET, POST, PUT or DELETE command.

Table 2. Additional Parameters
Name Description
Cookie Access token for authentication fetched from Cookie.
virtualportal Virtual portal to which the request needs to be sent to.
resourceId The Portal resource to inspect.
role The user role
principalId The principal ID.
accessType Base URL to invoke different contenthandler

Response Codes

Table 3. Response Codes
Code Description
200 OK.
400 Bad request
401 Unauthorized request
404 Request not found
422 Unprocessable entity (WebDAV)
500 Internal server error