Skip to main content

Content Service REST Permission Management

Currently, only the following connectors are supported.

SharePoint REST

Box

FileNet

DocuShare

Documentum

CMIS

(Added in 3.1.1)

MSGraph SharePoint

Amazon S3

Google Drive

The following are the general form of these calls, using CMIS as an example. For specifics on permissions, please refer to the Content Service Connector page for your repository.

GET ACLS

Request:

GET /api/repo/<connectorid>/acls?id=<id>

Description:

  • Retrieves a list of in the format of

    ["principalID:permission1,permissions2",..... ]

Path Parameters:

connectorid : The connector id of your content service connector

Query Parameters:

id: The repository id of the item

Example:

GET /api/repo/cmis/acls?id=5dba1525-44a6-45ed-a42e-4a155a3f0539

Returns

 {
"results": [
"user@alfresco.com:cmis:all"
],
"success": true
}

Example With CURL

curl -u admin:admin "localhost:8081/simflofy-admin/api/repo/fn/acls?id=5dba1525-44a6-45ed-a42e-4a155a3f0539" | json_pp`

POST ACLS

Request:

POST /api/repo/<connectorid>/acls?id=<id>

Description:

  • Adds a principal to an object with the specified permissions. If the object exists, replace its permissions with those supplied.

Path Parameters:

connectorid : The connector id of your content service connector

Query Parameters:

id: The repository id of the item.

Request Body:

A JSON in the format of

{
"principal1": "permission1,permission2",
"principal2": "permission2"
}

Example:

POST /api/repo/cmis/acls?id=5dba1525-44a6-45ed-a42e-4a155a3f0539

with the body

{
"newuser2@alfresco.com": "cmis:read",
"newuser@alfresco.com": "cmis:read,cmis:write"
}

Returns

{
"results": [
"user@alfresco.com:cmis:all",
"newuser@alfresco.com:cmis:read,cmis:write",
"newuser2@alfresco.com:cmis:read"
],
"success": true
}

Example With CURL

curl -u admin:admin -X POST "localhost:8081/simflofy-admin/api/repo/fn/acls?id=5dba1525-44a6-45ed-a42e-4a155a3f0539"
-d '{"newuser2@alfresco.com": "cmis:read","newuser@alfresco.com": "cmis:read,cmis:write"}'
| json_pp

DELETE ACLS

Request:

DELETE /api/repo/<connectorid>/acls?id=<id>&acls=<acls>

Description:

  • Remove a principle from an object.

Path Parameters:

connectorid : The connector id of your content service connector

Query Parameters:

id: The repository id of the item.

aclId: a comma delimited link of principal IDs to remove from the target document.

Example:

DELETE /api/repo/cmis/acls?id=5dba1525-44a6-45ed-a42e-4a155a3f0539&aclId=newuser@alfresco.com,newuser2@alfresco.com

Returns

{
"success": true,
"results": "newuser@alfresco.com,newuser2@alfresco.com"
}

And the following GET call should return:

{
"results": [
"user@alfresco.com:cmis:all"
],
"success": true
}

Example With CURL

curl -u admin:admin -X DELETE "localhost:8081/simflofy-admin/api/repo/fn/acls?id=5dba1525-44a6-45ed-a42e-4a155a3f0539&aclId=newuser@alfresco.com,newuser2@alfresco.com"| json_pp