Create Permission

POST

api

permissions

Create Permission

curl --request POST \
  --url https://api.example.com/api/v1/permissions \
  --header 'Content-Type: application/json' \
  --data '
{
  "role_id": 123,
  "collection": "<string>",
  "rules": {
    "create": {
      "rule": "<string>",
      "fields": "*"
    },
    "read": {
      "rule": "<string>",
      "fields": "*"
    },
    "update": {
      "rule": "<string>",
      "fields": "*"
    },
    "delete": {
      "rule": "<string>",
      "fields": "*"
    }
  }
}
'

{
  "id": 123,
  "role_id": 123,
  "collection": "<string>",
  "rules": {
    "create": {
      "rule": "<string>",
      "fields": "*"
    },
    "read": {
      "rule": "<string>",
      "fields": "*"
    },
    "update": {
      "rule": "<string>",
      "fields": "*"
    },
    "delete": {
      "rule": "<string>",
      "fields": "*"
    }
  },
  "created_at": "2023-11-07T05:31:56Z",
  "updated_at": "2023-11-07T05:31:56Z"
}

Headers

authorization

string | null

Body

application/json

Request schema for creating a permission.

Attributes: role_id: ID of the role this permission applies to. collection: Collection name (* for all collections). rules: CRUD operation rules.

role_id

integer

required

collection

string

required

rules

PermissionRulesSchema · object

required

Schema for CRUD operation rules.

Each operation is optional - if None, that operation is not permitted.

Attributes: create: Rule for create operations. read: Rule for read operations. update: Rule for update operations. delete: Rule for delete operations.

Show child attributes

Response

Successful Response

Response schema for a permission.

Attributes: id: Permission ID. role_id: Role ID this permission applies to. collection: Collection name. rules: CRUD operation rules. created_at: Timestamp when created. updated_at: Timestamp when last updated.

integer

required

role_id

integer

required

collection

string

required

rules

PermissionRulesSchema · object

required

Schema for CRUD operation rules.

Each operation is optional - if None, that operation is not permitted.

Attributes: create: Rule for create operations. read: Rule for read operations. update: Rule for update operations. delete: Rule for delete operations.

Show child attributes

created_at

string<date-time>

required

updated_at

string<date-time>

required

Get PermissionGet a permission by ID. Only superadmins can view permission details. Args: permission_id: Permission ID. current_user: Authenticated superadmin user. session: Database session. Returns: Permission details.

⌘I

Create Permission

curl --request POST \
  --url https://api.example.com/api/v1/permissions \
  --header 'Content-Type: application/json' \
  --data '
{
  "role_id": 123,
  "collection": "<string>",
  "rules": {
    "create": {
      "rule": "<string>",
      "fields": "*"
    },
    "read": {
      "rule": "<string>",
      "fields": "*"
    },
    "update": {
      "rule": "<string>",
      "fields": "*"
    },
    "delete": {
      "rule": "<string>",
      "fields": "*"
    }
  }
}
'

{
  "id": 123,
  "role_id": 123,
  "collection": "<string>",
  "rules": {
    "create": {
      "rule": "<string>",
      "fields": "*"
    },
    "read": {
      "rule": "<string>",
      "fields": "*"
    },
    "update": {
      "rule": "<string>",
      "fields": "*"
    },
    "delete": {
      "rule": "<string>",
      "fields": "*"
    }
  },
  "created_at": "2023-11-07T05:31:56Z",
  "updated_at": "2023-11-07T05:31:56Z"
}

Overview

Health

Authentication

Collections

Records

Users

Accounts

Invitations

Groups

Permissions

Roles

Macros

Audit Logs

Files

Dashboard

Migrations

Admin

Headers

Body

Response