List ACL by User and Role

Overview

This operation returns all of the permissions for all named resources for specified lists of users and roles. The response contains the named resources and respective permissions applied to them.

  • For named tables, the permissions can be EXECUTE, CREATE, MODIFY, or DELETE
  • For repository folders, the permissions can be READ or WRITE
  • For other names resources, the permissions can be EXECUTE

ACL Authorization Flow

The user making this request will only be able to list permissions on resources within the repository folders (or subfolders) on which they have WRITE permissions.

HTTP POST URL Format

The following format is used for HTTP POST requests:

HTTP POST: /acl/users-roles
POST DATA: {
   "users":[
      "user1"
   ],
   "roles":[
      "role1"
   ],
   "resourceType":[
      "NamedTile"
   ]
}
POST HEADER: Content-Type:application/json

The optional resourceType parameter specifies the type of name resource to filter the response. This can be one or more of NamedTable, NamedFeatureLayer, NamedLabelLayer, NamedGroupLayer, NamedPieLayer, NamedBarLayer, NamedGraduatedSymbolLayer, NamedLineChartLayer, NamedLineLinkageLayer, NamedFeatureLabelSource, NamedMapAndView, NamedTile, NamedWMTSLayer, or RepositoryFolder.

Returns

Returns permissions for all resources for each of the specified users or roles.

Example for POST

Request URL

http://<server>:<port>/rest/Spatial/AccessControlService/acl/users-roles

Request Body

{
   "users":[
      "user1"
   ],
   "roles":[
      "role1"
   ],
   "resourceType":[
      "NamedTile"
   ]
}

Response

{
   "usersRolesAclList":[
      {
         "usersACL":[
            {
               "name":"user1",
               "resources":[
                  {
                     "name":"/Samples/NamedTiles/WorldTile",
                     "permissions":[
                        "EXECUTE"
                     ],
                     "resourceType":"NamedTile"
                  }
               ]
            }
         ],
         "rolesACL":[
            {
               "name":"role1",
               "resources":[
                  {
                     "name":"/Samples/NamedTiles/WorldTile",
                     "permissions":[
                        "EXECUTE"
                     ],
                     "resourceType":"NamedTile"
                  }
               ]
            }
         ]
      }
   ]
}