Update Catalog ACL (Preview)

oracle_analytics-update_catalog_acl

Input Schema
{
  "$schema": "https://json-schema.org/draft/2020-12/schema",
  "type": "object",
  "properties": {
    "aclList": {
      "type": "array",
      "items": {
        "type": "object",
        "properties": {
          "accountDisplayName": {
            "type": "string"
          },
          "accountGuid": {
            "type": "string"
          },
          "accountType": {
            "type": "string"
          },
          "permissions": {
            "type": "object",
            "properties": {
              "changePermission": {
                "type": "boolean"
              },
              "delete": {
                "type": "boolean"
              },
              "execute": {
                "type": "boolean"
              },
              "list": {
                "type": "boolean"
              },
              "read": {
                "type": "boolean"
              },
              "takeOwnership": {
                "type": "boolean"
              },
              "write": {
                "type": "boolean"
              }
            }
          }
        }
      }
    },
    "id": {
      "type": "string"
    },
    "recursive": {
      "type": "boolean"
    },
    "type": {
      "type": "string"
    },
    "updateMode": {
      "type": "string"
    },
    "userApproved": {
      "type": "boolean"
    }
  }
}

Updates catalog item permissions.

This is a modification tool and requires approval. ACL changes can expose sensitive data or remove access, so confirm the target item and all permission changes before calling it.

Important Parameters
Parameter Type Notes
type string Catalog item type.
id string Catalog item ID.
aclList object[] ACL entries to apply.
updateMode string ReplaceAll, ReplaceMatchingAccounts, or DeleteMatchingAccounts.
recursive boolean Applies to folders.
userApproved boolean Must be true or confirmed through approval.

ACL Entry Shape
{
  "accountDisplayName": "Analytics Authors",
  "accountGuid": "optional-guid",
  "accountType": "group",
  "permissions": {
    "read": true,
    "write": true,
    "delete": false,
    "list": true,
    "execute": true,
    "changePermission": false,
    "takeOwnership": false
  }
}

Example
{
  "jsonrpc": "2.0",
  "id": 110,
  "method": "tools/call",
  "params": {
    "name": "oracle_analytics-update_catalog_acl",
    "arguments": {
      "type": "workbooks",
      "id": "base64url-workbook-id",
      "updateMode": "ReplaceMatchingAccounts",
      "aclList": [
        {
          "accountDisplayName": "Analytics Authors",
          "accountType": "group",
          "permissions": {
            "read": true,
            "write": true,
            "list": true,
            "execute": true,
            "delete": false,
            "changePermission": false,
            "takeOwnership": false
          }
        }
      ],
      "userApproved": true
    }
  }
}

Use Cases
  • Grant a group read access to a generated workbook.
  • Replace permissions for known accounts.
  • Remove matching ACL entries by account.
  • Apply permissions recursively to a folder tree.