List ACL by User and Role
Overview
This operation returns all of the permissions for all named resources for specified lists of users and roles. The response contains the named resources and respective permissions applied to them.
- For named tables, the permissions can be EXECUTE, CREATE, MODIFY, or DELETE
- For repository folders, the permissions can be READ or WRITE
- For other names resources, the permissions can be EXECUTE
ACL Authorization Flow
The user making this request will only be able to list permissions on resources within the repository folders (or subfolders) on which they have WRITE permissions.
HTTP POST URL Format
The following format is used for HTTP POST requests:
HTTP POST: /acl/users-roles
POST DATA: {
"users":[
"user1"
],
"roles":[
"role1"
],
"resourceType":[
"NamedTile"
]
}
POST HEADER: Content-Type:application/json
The optional resourceType parameter specifies the type of name resource to filter the response. This can be one or more of NamedTable, NamedFeatureLayer, NamedLabelLayer, NamedGroupLayer, NamedPieLayer, NamedBarLayer, NamedGraduatedSymbolLayer, NamedLineChartLayer, NamedLineLinkageLayer, NamedFeatureLabelSource, NamedMapAndView, NamedTile, NamedWMTSLayer, or RepositoryFolder.
Returns
Returns permissions for all resources for each of the specified users or roles.
Example for POST
Request URL
http://<server>:<port>/rest/Spatial/AccessControlService/acl/users-roles
Request Body
{ "users":[ "user1" ], "roles":[ "role1" ], "resourceType":[ "NamedTile" ] }
Response
{ "usersRolesAclList":[ { "usersACL":[ { "name":"user1", "resources":[ { "name":"/Samples/NamedTiles/WorldTile", "permissions":[ "EXECUTE" ], "resourceType":"NamedTile" } ] } ], "rolesACL":[ { "name":"role1", "resources":[ { "name":"/Samples/NamedTiles/WorldTile", "permissions":[ "EXECUTE" ], "resourceType":"NamedTile" } ] } ] } ] }