Permissions
This module implements local permissions and adds endpoints for modifying and getting permissions
Default Access Levels
The MMS includes 3 hierarchical levels of permissions in the default implementation. Permissions are inherited from the parent level.
- Organization level
Permissions on this level are inherited by the Project and Branch level by default.
- Project level
Permissions on this level are inherited by the Branch level by default.
- Branch level
Permissions on this level are not inherited.
From these levels, 3 levels of access permissions are provided by default:
- Admin
Can read and write all elements. Can also access admin level operations.
- Write
Can read and write all elements on this level.
- Read
Can read all elements on this level.
Setting Permissions
The Permissions module provides several REST endpoints for managing permissions.
- /orgs/{orgId}/permissions
Update permissions for organizations.
- /projects/{projectId}/permissions
Update permissions for projects.
- /projects/{projectId}/refs/{refId}/permissions
Update permissions for branches.
For each of these endpoints, a payload must be sent with acceptable values
Permissions acceptable values
{
"users / groups": {
"action": "MODIFY / REPLACE / REMOVE",
"permissions": [
{
"name": "USERNAME",
"role": "ADMIN / WRITER / READER"
}
]
},
"inherit": true,
"public": true
}
More Information
For more information, see the OpenAPI Documentation.