Retrieve page security info
Name | Type | Description |
pageid | string | either an integer page ID, "home", or "=" followed by a double uri-encoded page path |
Name | Type | Description |
export | bool? | Exclude site specific information (default: false) |
authenticate | bool? | Force authentication for request (default: false) |
redirects | int? | If zero, do not follow page redirects. |
Name | Value | Description |
OK | 200 | The request completed successfully |
Bad Request | 400 | Invalid input parameter or request body |
Forbidden | 403 | Browse access to the page is required |
Not Found | 404 | Requested page could not be found |
Output:
<security href="{uri}"> <permissions.effective> <operations mask="{int}">{text}</operations> </permissions.effective> <permissions.page> <operations mask="{int}">{text}</operations> <restriction>{text}</restriction> </permissions.page> <grants> <grant> <permissions> <operations mask="{int}">{text}</operations> <role id="{int}" href="{uri}">{text}</role> </permissions> <user id="{int}" href="{uri}"> <nick>{text}</nick> <username>{text}</username> <email>{text}</email> </user> <date.expires>{date}</date.expires> <date.modified>{date}</date.modified> <user.modifiedby id="{int}" href="{uri}"> <nick>{text}</nick> <username>{text}</username> <email>{text}</email> </user.modifiedby> </grant> <grant> <permissions> <operations mask="{int}">{text}</operations> <role id="{int}" href="{uri}">{text}</role> </permissions> <group id="{int}" href="{uri}"> <name>{text}</name> </group> <date.expires>{date}</date.expires> <date.modified>{date}</date.modified> <user.modifiedby id="{int}" href="{uri}"> <nick>{text}</nick> <username>{text}</username> <email>{text}</email> </user.modifiedby> </grant> ... </grants> </security>
the permissions.page element indicates if there is a restriction on the page. The grants section indicates permissions that have been granted to particular users or groups. The permissions.effective element describes the page permissions effective for the current caller, which takes both page restriction and grants into account.
Currently defined page restrictions are:
The following code example retrieves the security info of the home page for the anonymous user:
Plug p = Plug.New("http://deki-hayes/@api/deki"); p.At("pages", "home", "security").Get();
Sample response indicating that a page restriction and grants have not been set on the home page. The anonymous user can read the page, but not modify it:
<security href="http://deki-hayes/@api/deki/pages/29/security"> <permissions.effective> <operations mask="15">LOGIN,BROWSE,READ,SUBSCRIBE</operations> </permissions.effective> <permissions.page> <operations mask="0"></operations> </permissions.page> <grants /> </security>
The following command retrieves security information associated with page "foo":
curl -u username:password -i http://mindtouch.address/@api/deki/pages/=foo/security
A response of a page with no security settings associated with it. The <permissions.effective> element contains the permissions of the user making the request.
Content-Type: application/xml
<security href="http://192.168.59.128/@api/deki/pages/21/security"> <permissions.effective> <operations mask="1343">LOGIN,BROWSE,READ,SUBSCRIBE,UPDATE,CREATE,DELETE,CHANGEPERMISSIONS</operations> </permissions.effective> <permissions.page> <operations mask="0"/> </permissions.page> <grants/> </security>