Personal tools
You are here: Home CinnamonServer API Permissions
Log in


Forgot your password?
 

Permissions

An overview of which permissions are required by individual commands

The permissions listed refer to the name of the constants in the class server.Permission.

Commands which requre no permissions

  • clearIndex
  • clearMessage
  • createRelation
  • connect
  • createWorkflow
  • deleteRelation
  • disconnect
  • executeXmlQuery ( to view objects, you need: BROWSE_OBJECT )
  • getAclEntry
  • getAcls
  • getExtension
  • getFolderTypes
  • getFormats
  • getGroupsOfUser
  • getIndexGroup
  • getObjectTypes
  • getPermission
  • getRelations
  • getRelationTypes
  • getUser
  • getUserByName
  • getUsers
  • getUsersAcls
  • getUsersPermissions
  • getWorkflowTemplateList
  • initializeDatabase ( can be called by anybody as long as there are no user accounts in the database)
  • listAclEntries
  • listAclMembers
  • listGroups
  • listIndexGroups
  • listIndexItems
  • listLanguages
  • listMessages
  • listPermissions
  • readMesssage
  • reindex

 

Commands that require Superuser permissions

  • AddGroupToAcl
  • AddPermissionToAclEntry
  • AddUserToGroup
  • createAcl
  • createFolderType
  • createFormat
  • createGroup
  • createObjectType
  • createPermission
  • createRelationType
  • createUser
  • deleteAcl
  • deleteFolderType
  • deleteFormat
  • deleteGroup
  • deleteObjectType
  • deletePermission
  • deleteRelationType
  • deleteUser
  • editAcl
  • removeGroupFromAcl
  • removePermissionFromAcl
  • removeUserFromGroup

 

Commands that require permissions

  • copy
    READ_OBJECT_CONTENT
    READ_OBJECT_CUSTOM_METADATA
    READ_OBJECT_SYS_METADATA
    CREATE_OBJECT
  • create
    CREATE_OBJECT
  • createFolder
    CREATE_FOLDER
  • delete
    DELETE_OBJECT
  • deleteFolder
    DELETE_FOLDER
  • getContent
    READ_OBJECT_CONTENT
  • getFolder
    BROWSE_FOLDER
  • getFolderByPath
    BROWSE_FOLDER (for each individual folder in the path, else this folder will be filtered)
  • getFolderMeta
    READ_OBJECT_CUSTOM_METADATA
  • getMeta
    READ_OBJECT_CUSTOM_METADATA
  • getObject
    BROWSE_OBJECT
  • getObjects
    BROWSE_OBJECT
  • getObjectsById
    BROWSE_OBJECT
  • getObjectsWithCustomMetadata
    READ_OBJECT_CUSTOM_METADATA
    BROWSE_OBJECT
  • getSubfolders
    BROWSE_FOLDER for each subfolder
  • getSysMeta
    READ_OBJECT_SYS_META or BROWSE_FOLDER, depending on type
  • lock
    LOCK
  • queryCustomTable
    QUERY_CUSTOM_TABLE
  • queryFolders
    BROWSE_FOLDER
  • queryObjects
    BROWSE_OBJECT
  • search
    BROWSE_OBJECT or BROWSE_FOLDER (tested for each item found)
  • searchFolders
    BROWSE_FOLDER (tested for each folder found)
  • searchObjects
    BROWSE_OBJECT (tested for each object found)
  • setContent
    WRITE_OBJECT_CONTENT
  • setMeta
    WRITE_OBJECT_CUSTOM_METADATA
  • setSysMeta
    LOCK and one of (WRITE_OBJECT_SYS_METADATA or  EDIT_FOLDER)
    with parameter aclId: SET_ACL instead of WRITE_OBJECT_SYS_METADATA
    with parameter parent_id: MOVE instead of WRITE_OBJECT_SYS_METADATA
Document Actions