Previous
Next


Setting Permissions  Locate

This section describes the configuration of permissions. The setting of permissions is written from the administrator's point of view.

There are three basic ways to set permissions for a user:

The PermissionApi contains several methods for managing permissions. These methods are described below:

get_permission

Used for obtaining all of a user's permissions. A user possessing the ApiManagerPermission can obtain permissions of other users. A user with only ApiUserPermission, can only discover his or her own permissions.

Note that users who have neither ApiUserPermission nor ApiManagerPermission for a method on PermissionApi, cannot call this method.

set_permission

Provides users the ability to set permissions for other users. It is necessary to possess ApiManagerPermission for this call.

get_permissionDetail

Similar to get_permission, this method can be called for more than one user at a time.

get_permission takes a principal as the input parameter. On the other hand, get_permissionDetail takes an array of principals as the input parameter. If you want to find out the permissions of three users, you can call get_permission three times or you can call get_permissionDetail once.

who_hasPermission

Enables a user to find out who owns a given permission.

[Important]Important

It is not recommended to change permissions directly in the configuration file. However, if the administrator wants to change default permissions for new users (meaning changing permissions for the group system#everyone), there is no other possibility. Before making any changes to these permissions, we strongly recommend making a reserve copy of the configuration. The permissions for special users or groups are stored in the file permission_list.xml.



Previous
Next