List Dataset Permissions

Overview

This operation returns the permissions on a named table for the user (or their roles). It takes the full path of one or more named tables for which the user wants to list permissions. Permissions can be EXECUTE, CREATE, MODIFY, or DELETE.

The returned permissions include those granted directly to the user or any of their roles. The EXECUTE permissions can also be inherited from permissions that a user or their roles have on parent folders.

The following business rules can help you understand a particular response:

  • If the permissions are empty for the resource, there can be one or more reasons including:
    • The user does not have an EXECUTE permission on a named table
    • A different resource type is specified
    • A non-existent resource is specified
  • If table list is omitted, then all the named tables that the specified user token has EXECUTE, CREATE, MODIFY or DELETE permission on are returned
  • If the user has no permissions on any tables, an empty response is returned

ACL Authorization Flow

The user making this request will get permissions only on those resources on which user has at least EXECUTE permission.

HTTP GET URL Format

The following format is used for HTTP GET request for all tables:

HTTP GET http://<server>:<port>/rest/Spatial/AccessControlService/permissions/tables

The following format is used for HTTP GET request for the specified table:

HTTP GET http://<server>:<port>/rest/Spatial/AccessControlService/permissions/tables/namedTablePath

Parameters

Parameter Type Required Description
namedTablePath String No Specifies the path of the named table for which the dataset permissions are to be returned.

HTTP POST URL Format

The following format is used for HTTP POST requests:

HTTP POST URL: /permissions/tables
POST BODY: {
   "resources":[
      "/Samples/NamedTables/WorldTable",
      "/Samples/NamedTables/USA"
   ]
}
POST HEADER: Content-Type:application/json

Returns

Returns a list of tables with the permissions a user has.

Example for GET

This example requests all the permissions the user has on the "/Samples/NamedTables/WorldTable".

Request URL

http://<server>:<port>/rest/Spatial/AccessControlService/permissions/tables/Samples/NamedTables/WorldTable

Response

{
   "name":"/Samples/NamedTables/WorldTable",
   "permissions":[
      "EXECUTE",
      "CREATE",
      "MODIFY",
      "DELETE"
   ]
}

Example for POST

This request returns a list of permissions the user has on the tables specified in the request body:

Request URL

http://<server>:<port>/rest/Spatial/AccessControlService/permissions/tables

Request Body

{
   "resources":[
      "/Samples/NamedTables/USA",
      "/Samples/NamedTables/WorldTable"
   ]
}

Response

{
   "resourcePermissions":[
      {
         "name":"/Samples/NamedTables/USA",
         "permissions":[
            "EXECUTE",
            "CREATE",
            "MODIFY",
            "DELETE"
         ]
      },
      {
         "name":"/Samples/NamedTables/WorldTable",
         "permissions":[
            "EXECUTE",
            "CREATE",
            "MODIFY",
            "DELETE"
         ]
      }
   ]
}