IafPermission
Use the IafPermission API to manage permissions in the Passport, Item, File, Datasources, and Object Model API Services.
AllAccessIrn#
Irn constant to specify all the resources in all the services in the namespace. The value is ::*
checkAccess#
A utility function that checks if a user has permission to perform an action based on a passed irn
| Parameter | Required | Type | Description |
|---|---|---|---|
| resourceDesc | Yes | Object | An object which contains details such as irn |
| permissionAction | Yes | String | Any action in the PermConst.Action |
| ctx | Yes | Ctx | Context, such as authorization token requirements, namespaces, or session storage |
Boolean - Return true or false based on the permission a user can perform
const resourceDesc = { '_irn': 'datasourcesvc:orchestrator:63fb01d2-bec8-4e31-835e-1d358d6ddbba' };
const hasAccess = IafPermission.checkAccess(resourceDesc, "read", ctx);constructPermObj#
| Parameter | Required | Type | Description |
|---|---|---|---|
| operations | Yes | PermissionOperation | PermissionOperation class object |
| namespace | Yes | String | Namespace |
| userId | Yes | String | Either user id or user group id. if userId isUser flag should be true |
| irnInit | Yes | String | irn without resource section(For Ex, "itemsvc:nameduseritem:", "filesvc:file:" |
| resourceId | Yes | String | resource id (For Ex, file id, named user item id). if its not give '*' is taken, which means all the resources |
| isUser | Yes | boolean | false when userId refers user group id other wise true |
| isPermissionProfile | Yes | boolean | = true if PermissionProfile other wise false |
Permission - permission object
constructPermObjWithActions#
A utility function to construct a Permission object when you pass an actions array.
| Parameter | Required | Type | Description |
|---|---|---|---|
| actions | Yes | Array<String> | Valid actions in IafPermission.PermConst.Actions |
| namespace | Yes | String | Namespace for the permission is given |
| userId | Yes | String | Either user id or user group id. if userId isUser flag should be true |
| irnInit | Yes | String | irn without resource section(For Ex, "itemsvc:nameduseritem:", "filesvc:file:" |
| resourceId | Yes | String | Pass the resource's id. For example, for a file, pass the file id, or for a named user item, pass the named user item id. If you do not pass a resource id, the method selects all resources with the '*' character. |
| isUser | Yes | boolean | For the userId property, if you enter a user id, this property sets to true; if you enter a user group id, this property sets to false. |
| isPermissionProfile | Yes | boolean | = true if PermissionProfile other wise false |
Permission - permission object
constructPermObjWithActionsAndUserType#
Utility function to construct Permission object with actions array
| Parameter | Required | Type | Description |
|---|---|---|---|
| actions | Yes | Array<String> | Valid actions in IafPermission.PermConst.Actions |
| namespace | Yes | String | Namespace for the permission is given |
| userId | Yes | String | Either user id or user group id. if userId isUser flag should be true |
| irnInit | Yes | String | irn without resource section(For Ex, "itemsvc:nameduseritem:", "filesvc:file:" |
| resourceId | Yes | String | resource id (For Ex, file id, named user item id). if its not give '*' is taken, which means all the resources |
| permUserType | Yes | String | Permission User Type, should be one of the value from the below object |
UserType: { User: 'user', UserGroup: 'usergroup', PermissionProfile: 'permprofile' }|
Permission - permission object
constructPermObjWithUserType#
A utility function that constructs a Permission object from a PermissionOperation object you pass.
| Parameter | Required | Type | Description |
|---|---|---|---|
| operations | Yes | PermissionOperation | Pass a PermissionOperation with the permission properties and boolean values you want to define. |
| namespace | Yes | String | Pass the namespace you want the resource to belong to. |
| userId | Yes | String | Either user id or user group id. if userId isUser flag should be true |
| irnInit | Yes | String | Pass the irn without resource section at the end of the path. For more information, see the following examples: "itemsvc:nameduseritem:", "filesvc:file:". |
| resourceId | Yes | String | Pass the resource's id. For example, for a file, pass the file id, or for a named user item, pass the named user item id. If you do not pass a resource id, the method selects all resources with the '*' character. |
| permUserType | Yes | String | Permission User Type, should be one of the value from the below object |
UserType: { User: 'user', UserGroup: 'usergroup', PermissionProfile: 'permprofile' }|
Permission - The constructed Permission object
convertToOperations#
A utility function that converts an actions array to PermissionOperation object.
| Parameter | Required | Type | Description |
|---|---|---|---|
| permActions | Yes | Array<String> | Valid actions in IafPermission.PermConst.Actions |
PermissionOperation - The converted PermissionOperation class object
const permissionOperation = IafPermission.convertToOperations(['READ', 'CREATE', 'UPDATE', 'DELETE', 'SHARE']);createAiPermissions#
Creates permissions for AISvc resources such as Agent, Tool, Team, KnowledgeBase, and Conversation class objects.
| Parameter | Required | Type | Description |
|---|---|---|---|
| permissions | Yes | Array<Permission> | Pass an array of Permission objects with the properties and values you want to define. |
| ctx | No | Ctx | Context, such as authorization token requirements, namespaces, or session storage. |
Promise<CreatePermissionsResponse> - A CreatePermissionsResponse object that contains the successful and failed permissions in separate arrays.
const permissions = [{ _actions: [ IafPermission.PermConst.Action.Read, IafPermission.PermConst.Action.Share, IafPermission.PermConst.Action.Delete ], _namespace: "ProjA_HEpftR8X", _resourceDesc: { _irn: "aisvc:agent:*" }, _user: { _id: "75b2a3d6-a3e8-498d-99dc-23538bc9a389", _type: IafPermission.PermConst.UserType.User }}];
const result = IafPermission.createAiPermissions(permissions, ctx);createDatasourcePermissions#
Creates permissions for a Datasource Orchestrator resource.
| Parameter | Required | Type | Description |
|---|---|---|---|
| permissions | Yes | Array<Permission> | Pass an array of Permission objects with the properties and values you want to define. |
| ctx | Yes | Ctx | Context, such as authorization token requirements, namespaces, or session storage. |
CreatePermissionsResponse - A CreatePermissionsResponse object that contains the successful and failed permissions in separate arrays.
// Permissions with mandatory fieldsconst permissions = [{ _actions: [ IafPermission.PermConst.Action.Read, IafPermission.PermConst.Action.SHARE, IafPermission.PermConst.Action.Delete ], _namespace: "ProjA_HEpftR8X", _resourceDesc:{ _irn: IafPermission.OrchestratorIrnAll }, _user:{ _id: "75b2a3d6-a3e8-498d-99dc-23538bc9a389", // Either user or usergroup id, specify respective _type _type: IafPermission.PermConst.UserType.User // Either user or usergroup, specify respective _id }}];
const result = IafPermission.createDatasourcePermissions(permissions, ctx);
// Permissions with criteria.const permissions = [{ _actions: [ IafPermission.PermConst.Action.Read, IafPermission.PermConst.Action.SHARE, IafPermission.PermConst.Action.Delete ], _namespace: "ProjA_HEpftR8X", _resourceDesc: { _irn: IafPermission.OrchestratorIrnAll, _user:{ _id: "75b2a3d6-a3e8-498d-99dc-23538bc9a389", // Either user or usergroup id, specify respective _type _type: IafPermission.PermConst.UserType.User // Either user or usergroup, specify respective _id }}];
const result = IafPermission.createItemPermissions(permissions, ctx);createFilePermissions#
Creates permissions for File Service resources.
| Parameter | Required | Type | Description |
|---|---|---|---|
| permissions | Yes | Array<Permission> | Pass an array of Permission objects with the properties and values you want to define your permissions. |
| ctx | No | Ctx | Context, such as authorization token requirements, namespaces, or session storage. |
Promise<CreatePermissionsResponse> - A CreatePermissionsResponse object that contains the successful and failed permissions in separate arrays
// Permissions with mandatory fieldsconst permissions = [{ _actions: [ IafPermission.PermConst.Action.Read, IafPermission.PermConst.Action.SHARE, IafPermission.PermConst.Action.Delete], _namespace: "ProjA_HEpftR8X", _resourceDesc:{ _irn: "filesvc:file:7600fe2a-5044-11ed-bdc3-0242ac120002" }, _user:{ _id: "75b2a3d6-a3e8-498d-99dc-23538bc9a389", // Either user or usergroup, specify respective _type _type: IafPermission.PermConst.UserType.User // Either user or usergroup, specify respective _id }}];
const result = IafPermission.createFilePermissions(permissions, ctx);
// Permissions with criteriaconst permissions = [{ _actions: [ IafPermission.PermConst.Action.Read, IafPermission.PermConst.Action.SHARE, IafPermission.PermConst.Action.Delete], _namespace: "ProjA_HEpftR8X", _resourceDesc:{ _irn: "filesvc:file:6489fe2a-9458-31ed-bdc3-9787ac165894", // Refer {Permission} for more valid irns _criteria: { filetype: "bimpk" } }, _user:{ _id: "75b2a3d6-a3e8-498d-99dc-23538bc9a389", // Either user or usergroup, specify respective _type _type: IafPermission.PermConst.UserType.User // Either user or usergroup, specify respective _id }}];
const result = IafPermission.createFilePermissions(permissions, ctx);createGraphicsPermissions#
Creates permissions for a Graphics resource.
| Parameter | Required | Type | Description |
|---|---|---|---|
| permissions | Yes | Array<Permission> | Array of Permission objects. |
| ctx | Yes | Ctx | Authorization context (token, namespace, etc.). |
const permissions = [{ _actions: [ IafPermission.PermConst.Action.Read, IafPermission.PermConst.Action.Share ], _namespace: "ProjX_ExampleNamespace", _resourceDesc: { _irn: "graphicssvc:graphicsdata:some-resource-id" }, _user: { _id: "75b2a3d6-a3e8-498d-99dc-23538bc9a389", _type: IafPermission.PermConst.UserType.User }}];
const result = IafPermission.createGraphicsPermissions(permissions, ctx);createItemPermissions#
Creates permissions for Item Service resources such as NamedUserItem, NamedUserCollections, NamedCompositeItem, Script, and UserConfig classes. The same API also used to grant permission to RelateItem(s) using _subresouceDesc
| Parameter | Required | Type | Description |
|---|---|---|---|
| permissions | Yes | Array<Permission> | Pass an array of Permission objects. |
| ctx | No | Ctx | Context, such as authorization token requirements, namespaces, or session storage. |
CreatePermissionsResponse - A CreatePermissionsResponse object that contains the successful and failed permissions in separate arrays
// Permissions with mandatory fieldsconst permissions = [{ _actions: [ IafPermission.PermConst.Action.Read, IafPermission.PermConst.Action.SHARE, IafPermission.PermConst.Action.Delete], _namespace: "ProjA_HEpftR8X", _resourceDesc:{ _irn: IafPermission.NamedUserItemIrnAll }, _user:{ _id: "75b2a3d6-a3e8-498d-99dc-23538bc9a389", // Either user or usergroup id, specify respective _type _type: IafPermission.PermConst.UserType.User // Either user or usergroup, specify respective _id }}];
const result = IafPermission.createItemPermissions(permissions, ctx);
// Permissions with criteria - The permission is applicable for NamedUserItems matching the criteriaconst permissions = [{ _actions: [ IafPermission.PermConst.Action.Read, IafPermission.PermConst.Action.SHARE, IafPermission.PermConst.Action.Delete], _namespace: "ProjA_HEpftR8X", _resourceDesc:{ _irn: IafPermission.NamedUserItemIrnAll, _criteria: { // As of now criteria supports just two keys _itemClass and _userType _itemClass: "UserConfig", _userType: "Project_Setup_Config" } }, _user:{ _id: "75b2a3d6-a3e8-498d-99dc-23538bc9a389", // Either user or usergroup id, specify respective _type _type: IafPermission.PermConst.UserType.User // Either user or usergroup, specify respective _id }}];
const result = IafPermission.createItemPermissions(permissions, ctx);
// Grant permissions for Related Items in a NamedUserCollection// 1. _resourceDesc._subresourceDesc._criteria is a valid RelatedItem query. // 2. The permission is applicable only for the RelatedItem(s) matching the criteria. // 3. It provides READ access to NamedUserItem, But it doesn't provide any additional access to NamedUserItem.// 4. _subresourceDesc can be specified only when the IRN refers to specific NamedUserItem. For ex: itemsvc:nameduseritem:6333e105026300398e2d653e, It can't be used for the IRN(s) such as itemsvc:nameduseritem:*const permissions = [ { "_resourceDesc": { "_irn": "itemsvc:nameduseritem:6333e105026300398e2d653e", "_subresourceDesc": { "_type": "relateditem", "_criteria": { "section": {"$in": ["sectionA", "sectionB"]} } } }, "_actions": [ "READ" ], "_namespace": "r_TmBKvZTI", "_user": { "_type": "user", "_id": "1f159053-657b-40f4-9897-434f9e2df8be" } }]createObjectModelPermissions#
Creates permissions for Object Model API Service resources, such as ApiConfigDef.
| Parameter | Required | Type | Description |
|---|---|---|---|
| permissions | Yes | Array<Permission> | Pass an array of Permission objects with the properties and values you want to update. |
| ctx | No | Ctx | Context, such as authorization token requirements, namespaces, or session storage. |
CreatePermissionsResponse - A CreatePermissionsResponse object that contains the successful and failed permissions in separate arrays.
// Permissions with mandatory fieldsconst permissions = [{ _actions: [ IafPermission.PermConst.Action.Read, IafPermission.PermConst.Action.SHARE, IafPermission.PermConst.Action.Delete ], _namespace: "ProjA_HEpftR8X", _resourceDesc: { _irn: IafPermission.ObjectModelSvcIrnAll }, _user:{ _id: "75b2a3d6-a3e8-498d-99dc-23538bc9a389", // Either user or usergroup id, specify respective _type _type: IafPermission.PermConst.UserType.User // Either user or usergroup, specify respective _id }}];
const result = IafPermission.createObjectModelPermissions(permissions, ctx);
// Permissions with criteria.const permissions = [{ _actions: [ IafPermission.PermConst.Action.Read, IafPermission.PermConst.Action.SHARE, IafPermission.PermConst.Action.Delete ], _namespace: "ProjA_HEpftR8X", _resourceDesc: { _irn": IafPermission.ObjectModelSvcIrnAll, _criteria: { // As of now criteria supports just two keys _itemClass and _userType _itemClass: "ApiConfigDef", _userType: "Project_Setup_Config" } }, _user: { _id: "75b2a3d6-a3e8-498d-99dc-23538bc9a389", // Either user or usergroup id, specify respective _type _type: IafPermission.PermConst.UserType.User // Either user or usergroup, specify respective _id }}];
const result = IafPermission.createObjectModelPermissions(permissions, ctx);createPassPermissions#
Creates permissions for Passport Service resources such as Workspace and UserGroup class objects.
| Parameter | Required | Type | Description |
|---|---|---|---|
| permissions | Yes | Array<Permission> | Pass an array of Permission objects with the properties and values you want to define. |
| ctx | No | Ctx | Context, such as authorization token requirements, namespaces, or session storage. |
Promise<CreatePermissionsResponse> - A CreatePermissionsResponse object that contains the successful and failed permissions in separate arrays.
// Permissions with mandatory fieldsconst permissions = [{ _actions: [ IafPermission.PermConst.Action.Read, IafPermission.PermConst.Action.SHARE, IafPermission.PermConst.Action.Delete], _namespace: "ProjA_HEpftR8X", _resourceDesc:{ _irn: "passportsvc:workspace:*" // Refer {Permission} for more valid irns }, _user:{ _id: "75b2a3d6-a3e8-498d-99dc-23538bc9a389", // Either user or usergroup, specify respective _type _type: IafPermission.PermConst.UserType.User // Either user or usergroup, specify respective _id }}];
const result = IafPermission.createPassPermissions(permissions, ctx);
// Permissions with criteriaconst permissions = [{ _actions: [ IafPermission.PermConst.Action.Read, IafPermission.PermConst.Action.SHARE, IafPermission.PermConst.Action.Delete], _namespace: "ProjA_HEpftR8X", _resourceDesc:{ _irn: "passportsvc:workspace:*", _criteria: { usertype: "project" } }, _user:{ _id: "75b2a3d6-a3e8-498d-99dc-23538bc9a389", // Either user or usergroup, specify respective _type _type: IafPermission.PermConst.UserType.User // Either user or usergroup, specify respective _id }}];
const result = IafPermission.createPassPermissions(permissions, ctx);DatasourceSvc#
DatasourceSvc used in Irn.
deleteAiPermission#
Deletes a permission for an AISvc resource when you pass its id.
| Parameter | Required | Type | Description |
|---|---|---|---|
| id | Yes | String | The Permission object's id. |
| ctx | No | Ctx | Context, such as authorization token requirements, namespaces, or session storage. |
Promise<String> - ok:204 response.
deleteDatasourcePermission#
Deletes a datasource permission when you pass its id.
| Parameter | Required | Type | Description |
|---|---|---|---|
| id | Yes | String | The Permission object's id. |
| ctx | Yes | Ctx | Context, such as authorization token requirements, namespaces, or session storage. |
String - ok:204 response
const response = IafPermission.deleteDatasourcePermission(perm._id);deleteFilePermission#
Deletes a permission for a FileItem when you pass its id.
| Parameter | Required | Type | Description |
|---|---|---|---|
| id | Yes | String | The Permission object's id. |
| ctx | Yes | Ctx | Context, such as authorization token requirements, namespaces, or session storage. |
Promise<String> - ok:204 response
const response = IafPermission.deleteFilePermission(permission._id);deleteGraphicsPermission#
Deletes a graphics permission by ID.
| Parameter | Required | Type | Description |
|---|---|---|---|
| id | Yes | String | Permission document ID. |
| ctx | Yes | Ctx | Authorization context. |
String - HTTP 204 (No Content) if successful.
const result = IafPermission.deleteGraphicsPermission("perm-object-id", ctx);deleteItemPermission#
Deletes a permission for a NamedUserItem when you pass its id.
| Parameter | Required | Type | Description |
|---|---|---|---|
| id | Yes | String | The Permission object's id |
| ctx | No | Ctx | Context, such as authorization token requirements, namespaces, or session storage. |
String - ok:204 response
const response = IafPermission.deleteItemPermission(perm._id);deleteObjectModelPermission#
Deletes an object model permission when you pass its id.
| Parameter | Required | Type | Description |
|---|---|---|---|
| id | Yes | String | The permission's id. |
| ctx | Yes | Ctx | Context, such as authorization token requirements, namespaces, or session storage. |
String - ok:204 response
const response = IafPermission.deleteObjectModelPermission(id);deletePassPermission#
Deletes a permission when you pass its id.
| Parameter | Required | Type | Description |
|---|---|---|---|
| id | Yes | String | The Permission's id |
| ctx | No | Ctx | Context, such as authorization token requirements, namespaces, or session storage. |
Promise<String> - ok:204 response
const response = IafPermission.deletePassPermission(perm._id);determinePermissions#
A utility function that creates a consolidated PermissionOperation object based on Permission objects you pass.
| Parameter | Required | Type | Description |
|---|---|---|---|
| permObjs | Yes | Array<Permission> | Array of permission objects |
PermissionOperation - Permission operation
const perms = IafPermission.determinePermissions(permObjs);FileIrnAll#
Irn constant to specify all files in the namespace. The value is filesvc:file:*
FileSvc#
ItemSvc FileSvc used in Irn.
getAiPermissions#
Gets permissions for AISvc resources.
| Parameter | Required | Type | Description |
|---|---|---|---|
| criteria | Yes | PermissionCriteria | Pass a PermissionCriteria object with the properties and values you want to filter your search. |
| ctx | No | Ctx | Context, such as authorization token requirements, namespaces, or session storage. |
Promise<Page<Permission>> - A Page object with the Permission objects you want.
getDatasourcePermissions#
Gets permissions for Datasource Service resources.
| Parameter | Required | Type | Description |
|---|---|---|---|
| criteria | Yes | PermissionCriteria | Pass a PermissionCriteria object with the properties and values you want to filter your search. |
| ctx | Yes | Ctx | Context, such as authorization token requirements, namespaces, or session storage. |
Page<Permission> - A Page object with the Permission objects you want.
const criteria = { _namespace: "ProjA_HEpftR8X" _resourceDesc._irn: "datasourcesvc:orchestrator:7600fe2a-5044-11ed-bdc3-0242ac120002" };
const permissions = IafPermission.getDatasourcePermissions(criteria);getFilePermissions#
Gets permissions for File Service resources.
| Parameter | Required | Type | Description |
|---|---|---|---|
| criteria | Yes | PermissionCriteria | Pass a PermissionCriteria JSON object with the properties and value you want to filter the search |
| ctx | Yes | Ctx | Context, such as authorization token requirements, namespaces, or session storage |
Promise<Page<Permission>> - A Promise object with a Page object that contains the Permission objects that match your criteria.
const criteria = { _namespace: "ProjA_HEpftR8X", _resourceDesc._irn: "filesvc:file:7600fe2a-5044-11ed-bdc3-0242ac120002" };
const permissions = IafPermission.getFilePermissions(criteria);getGraphicsPermissions#
Retrieves permissions for Graphics resources.
| Parameter | Required | Type | Description |
|---|---|---|---|
| criteria | Yes | PermissionCriteria | Filter object to query permissions. |
| ctx | Yes | Ctx | Authorization context. |
Page<Permission> -
const criteria = { _namespace: "ProjX_ExampleNamespace", "_resourceDesc._irn": "graphicssvc:graphicsdata:some-resource-id"};
const permissions = IafPermission.getGraphicsPermissions(criteria, ctx);getItemPermissions#
Gets permissions for Item Service resources, such as NamedUserItem, NamedUserCollections, NamedCompositeItem, Script, and UserConfig classes objects.
| Parameter | Required | Type | Description |
|---|---|---|---|
| criteria | Yes | PermissionCriteria | Pass a PermissionCriteria object with the properties and values you want to filter the search. |
| ctx | Yes | Ctx | Context, such as authorization token requirements, namespaces, or session storage |
any - Page - A Page object with the Permission objects you want
const criteria = { _namespace: project._namespaces[0] _resourceDesc._irn: "itemsvc:nameduseritem:5cee7fef6505d6286dbca46a" };
const permissions = IafPermission.getItemPermissions(criteria);getObjectModelPermissions#
Gets permissions for Object Model API Service resources, such as ApiConfigDef.
| Parameter | Required | Type | Description |
|---|---|---|---|
| criteria | Yes | PermissionCriteria | Pass a PermissionCriteria object with the properties and values you want to filter your search. |
| ctx | Yes | Ctx | Context, such as authorization token requirements, namespaces, or session storage. |
Page<Permission> - A Page object with the Permission object you want.
const criteria = { _resourceDesc._irn: "objectmodelsvc: apiconfigdef:600fe2a-5044-11ed-bdc3-0242ac120002", _namespace: userGroupA._namespaces[0] };
const objectModelPermissions = getObjectModelPermissions(criteria);getPassPermissions#
Gets permissions for Passport Service resources, such as Workspace, UserGroup, or Application class resource types.
| Parameter | Required | Type | Description |
|---|---|---|---|
| criteria | Yes | PermissionCriteria | Pass a PermissionCriteria object with the properties and values you want to filter your search. |
| ctx | No | Ctx | Context, such as authorization token requirements, namespaces, or session storage. |
Promise<Page<Permission>> - A Page object with the Permission objects you want
cosnt criteria = { _namespace: "ProjA_HEpftR8X", _resourceDesc._irn: "passportsvc:workspace:7600fe2a-5044-11ed-bdc3-0242ac120002" };const permissions = IafPermission.getPassPermissions(criteria);GraphicsDataIrnAll#
Irn constant to specify all graphics data in the namespace. The value is graphicssvc:graphicsdata:*
GraphicsSvc#
GraphicsSvc used in Irn.
hasAccess#
A utility function that checks if any permission action in a PermissionOperation object is true.
| Parameter | Required | Type | Description |
|---|---|---|---|
| operations | Yes | PermissionOperation | Pass a PermissionOperation object you want to check for access permissions. |
boolean - Returns true if at least one action can perform.
ItemSvc#
ItemSvc constant used in Irn.
NamedUserItemIrnAll#
Irn constant to specify all named user items in the namespace. The value is itemsvc:nameduseritem:*
ObjectModelSvc#
ObjectModelSvc constant used in Irn.
ObjectModelSvcIrnAll#
Irn constant to specify all apiConfigs in the namespace. The value is objectmodelsvc:apiconfigdef:*
OrchestratorIrnAll#
Irn constant to specify all orechestrators in the namespace. The value is datasourcesvc:orchestrator:*
PassportSvc#
PassportSvc constant used in Irn.
PermConst#
PermConst has valid constants for _actions and _user._type fields in Permission object
Resources#
Valid resource type constants on which permissions are created, which are used in irn.
// To construct IRN value,let userGroupId = 'e56fc1ca-fbc3-11e9-8f0b-362b9e155667';let irn = IafPermission.Resources.UserGroup.Irn+userGroupId; // passportsvc:usergroup:e56fc1ca-fbc3-11e9-8f0b-362b9e155667updateAiPermissions#
Updates permissions for AISvc resources. If a permission you pass doesn't exist, the method creates the permission.
| Parameter | Required | Type | Description |
|---|---|---|---|
| permissions | Yes | Array<Permission> | Pass an array of Permission objects with your updates. |
| ctx | No | Ctx | Context, such as authorization token requirements, namespaces, or session storage. |
Promise<CreatePermissionsResponse> - A CreatePermissionsResponse object that contains the successful and failed permissions in separate arrays.
updateDatasourcePermissions#
Updates permissions for Datasource Service Orchestrator resource. If a permission you pass doesn't exist, the method creates the permission. To identify if a permission exists, the method checks the following Permission object property values: _resourceDesc, _namespace, and _user.
| Parameter | Required | Type | Description |
|---|---|---|---|
| permissions | Yes | Array<Permission> | Pass an array of Permission objects with the properties and values you want to update. |
| ctx | No | Ctx | Context, such as authorization token requirements, namespaces, or session storage. |
CreatePermissionsResponse - A CreatePermissionsResponse object that contains the successful and failed permissions in separate arrays.
const response = updateDatasourcePermissions(permissions, ctx);updateFilePermissions#
Updates permissions for File Service resources. Note: If a permission you pass doesn't exist, the method creates the permission. To identify if a permission exists, the method checks the following Permission object property values: "_resourceDesc", "_namespace", and "_user".
| Parameter | Required | Type | Description |
|---|---|---|---|
| permissions | Yes | Array<Permission> | Pass an array of Permission objects with the properties and values you want to update |
| ctx | No | Ctx | Context, such as authorization token requirements, namespaces, or session storage. |
Promise<CreatePermissionsResponse> - A CreatePermissionsResponse object that contains the successful and failed permissions in separate arrays.
const permissions = [ { _actions: [ IafPermission.PermConst.Action.Read, IafPermission.PermConst.Action.SHARE, IafPermission.PermConst.Action.Delete, IafPermission.PermConst.Action.EDIT], _namespace: "ProjA_HEpftR8X", _resourceDesc: { _irn: "filesvc:file:*" }, _user:{ _id: "75b2a3d6-a3e8-498d-99dc-23538bc9a389", // Either user or usergroup, specify respective _type _type: IafPermission.PermConst.UserType.User // Either user or usergroup, specify respective _id }, { _actions: [ IafPermission.PermConst.Action.Read, IafPermission.PermConst.Action.SHARE, IafPermission.PermConst.Action.Delete, IafPermission.PermConst.Action.EDIT], _namespace: "ProjB_TEterY8X", _resourceDesc:{ _irn: "filesvc:file:*" }, _user: { _id: "87b9a9d6-a5e4-357d-95dc-37654bc9a987", // Either user or usergroup, specify respective _type _type: IafPermission.PermConst.UserType.User // Either user or usergroup, specify respective _id } }];
const response = IafPermission.updateItemPermissions(permissions);updateGraphicsPermissions#
Updates (or creates) permissions for Graphics resources.
| Parameter | Required | Type | Description |
|---|---|---|---|
| permissions | Yes | Array<Permission> | Permissions to update or insert. |
| ctx | Yes | Ctx | Authorization context. |
const result = IafPermission.updateGraphicsPermissions(permissions, ctx);updateItemPermissions#
Updates Permission class objects for Item Service resources, such as NamedUserItem, NamedUserCollections, NamedCompositeItem, Script, and UserConfig classes objects. If a permission you pass doesn't exist, the method creates the permission. To identify if a permission exists, the method checks the following Permission object property values:"_resourceDesc", "_namespace", and "_user".
| Parameter | Required | Type | Description |
|---|---|---|---|
| permissions | Yes | Array<Permission> | Pass an array of your updated Permission objects |
| ctx | No | Ctx | Context, such as authorization token requirements, namespaces, or session storage |
CreatePermissionsResponse - A CreatePermissionsResponse object that contains the successful and failed permissions in separate arrays.
let permissions = [ { _actions: [ IafPermission.PermConst.Action.Read, IafPermission.PermConst.Action.SHARE, IafPermission.PermConst.Action.Delete, IafPermission.PermConst.Action.EDIT], _namespace: "ProjA_HEpftR8X", _resourceDesc:{ _irn: "itemsvc:nameduseritems:63246b6cc6b43b33ef3d5e2a" }, _user:{ _id: "75b2a3d6-a3e8-498d-99dc-23538bc9a389", // Either user or usergroup, specify respective _type _type: IafPermission.PermConst.UserType.User // Either user or usergroup, specify respective _id }, { _actions: [ IafPermission.PermConst.Action.Read, IafPermission.PermConst.Action.SHARE, IafPermission.PermConst.Action.Delete, IafPermission.PermConst.Action.EDIT], _namespace: "ProjB_TEterY8X", _resourceDesc:{ _irn: "itemsvc:nameduseritems:95872b6cc6b97b36ef9d5e1a" }, _user:{ _id: "87b9a9d6-a5e4-357d-95dc-37654bc9a987", // Either user or usergroup, specify respective _type _type: IafPermission.PermConst.UserType.User // Either user or usergroup, specify respective _id }];
const permResponse = IafPermission.updateItemPermissions(permissions);updateObjectModelPermissions#
Updates permissions for an Object Model API Service resource, such as ApiConfigDef. If a permission you pass doesn't exist, the method creates the permission. To identify if a permission exists, the method checks the following Permission object property values: "_resourceDesc", "_namespace", and "_user".
| Parameter | Required | Type | Description |
|---|---|---|---|
| permissions | Yes | Array<Permission> | Pass an array of Permission objects with the properties and values you want to update. |
| ctx | Yes | Ctx | Context, such as authorization token requirements, namespaces, or session storage. |
CreatePermissionsResponse - A CreatePermissionsResponse object that contains the successful and failed permissions in separate arrays.
permissions.forEach( perm => { perm._namespace = newNamespace;});
const response = updateObjectModelPermissions(permissions, ctx);updatePassPermissions#
Updates permissions for Passport Service resources. If a permission you pass doesn't exist, the method creates the permission. To identify if a permission exists, the method checks the following Permission object property values: "_resourceDesc", "_namespace", and "_user".
| Parameter | Required | Type | Description |
|---|---|---|---|
| permissions | Yes | Array<Permission> | Pass an array of Permission objects with the properties and values you want to update. |
| ctx | Yes | Ctx | Context, such as authorization token requirements, namespaces, or session storage. |
Promise<CreatePermissionsResponse> - A CreatePermissionsResponse object that contains the successful and failed permissions in separate arrays.
const permissions = [ { _actions: [ IafPermission.PermConst.Action.Read, IafPermission.PermConst.Action.SHARE, IafPermission.PermConst.Action.Delete, IafPermission.PermConst.Action.EDIT], _namespace: "ProjA_HEpftR8X", _resourceDesc:{ _irn: "passportsvc:workspace:fffa0317-6c42-4564-9c36-39b94db2148b" }, _user:{ _id: "75b2a3d6-a3e8-498d-99dc-23538bc9a389", // Either user or usergroup, specify respective _type _type: IafPermission.PermConst.UserType.User // Either user or usergroup, specify respective _id } }, { _actions: [ IafPermission.PermConst.Action.Read, IafPermission.PermConst.Action.SHARE, IafPermission.PermConst.Action.Delete, IafPermission.PermConst.Action.EDIT], _namespace: "ProjB_TEterY8X", _resourceDesc:{ _irn: "passportsvc:workspace:fhte4689-6c34-9785-9c36-46b94db9462b" }, _user:{ _id: "87b9a9d6-a5e4-357d-95dc-37654bc9a987", // Either user or usergroup, specify respective _type _type: IafPermission.PermConst.UserType.User // Either user or usergroup, specify respective _id } }];
const updatedPerm = IafPermission.updateItemPermissions(permissions);