can get my permissions (!187) · Merge requests · EIP / Metadata Catalogue

Luke Preston requested to merge get-my-permissions into develop May 15, 2018

Problems

the new API can't interpret the cookies to get the user. the new API can hit ther permission end point but has no idea which permission to filter as it does not know what the username is.

Solution

This is to add the param me=true to the /documents/${id}/permission?format=json&me=true which then only adds your permissions. Assumption, user permissions override public permissions e.g. if public can view, but user can not then user can not view.

This also solves the issue around remote-user permissions because the new API does not know who is a valid or invalid remote-user and as such it does not actually care.

can get my permissions

Merge request reports