Security

Security resources represent the permissions, privacy, and roles that manage security for pages, users, files, and other resources.

Further details regarding the management of security, permissions, privacy, and roles can be found in content and site administration topics:

Security Types

Page Security 

<security href="https://{hostname}/@api/deki/pages/{pageid}/security">
    {permissions.effective}
    {permissions.page}        
    <grants>
        <grant>
            {permissions}
            <date.modified>{date.modified}</date.modified>
            {user.modifiedby}
            
            <!-- group is available if a group has been assigned a role on the resource managed by this security node -->
            {group}
           
            <!-- user is available if a user has been assigned a role on the resource managed by this security node -->
            {user}
        </grant>
        
        <!-- multiple user or group permissions (grant nodes) are supported -->
        ...
    </grants>
    {permissions.revoked}
</security>

Permissions

<permissions>
    <operations mask="{mask}">{operations}</operations>
    
    <!-- restriction is available if permissions are calculated by page privacy -->
    <restriction id="{restriction/@id}">{restriction}</restriction>
    
    <!-- role is available if permissions are calculated by assigning a role to a user or group on the resource -->
    <role id="{role/@id}" href="https://{hostname}/@api/deki/site/roles/{role/@id}">{role}</role>
</permissions>

Security Data

Name Type Description
{hostname} string The Expert site hostname
{pageid} int Local page id - if the page is exported and imported into a different Expert site, a new local page id will be assigned
{permissions.effective} Permissions The effective permissions, computed from the page, user, and group permissions
{permissions.page} Permissions The page permissions, computed from the assigned restriction (page privacy)
{permissions} Permissions User and group permissions, computed from roles assigned to users and groups on the resource
{mask} long The operations that are allowed or revoked, represented by a sequence of bits
{operations} string The operations that are allowed or revoked
{restriction/@id} int The restriction (page privacy) id
{restriction} {Public, Private, Semi-Public, Semi-Private} The restriction (page privacy) type
{role/@id} int The role id
{role} string The role name
{date.modified} datetime ISO 8601 representation of the last security modification timestamp
{user} User The user that is assigned a role on the resource
{group} Group The group that is assigned a role on the resource