Content+Permission REST improvements #22993

wezell · 2022-09-14T18:29:12Z

Make the permissions work on every action

I found some details using System Workflow and this endpoint PUT localhost:8080/api/v1/workflow/actions/fire:

The endpoint only works with Publish action.
This works:

{
    "actionName": "publish",
    "comments": "publish content",
    "contentlet": {
      "contentType":"MyType",
      "title": "Content 1",
      "identifier": "db982967e39ffaf6262f00be12679728"
    },
    "individualPermissions": {
          "EDIT_PERMISSIONS":["02ae46fa-cb67-4ed8-82d5-f1f9a5e1d744"],
          "CAN_ADD_CHILDREN": ["e37accbd-6a67-4ff4-adfe-cff423030a0b"],
          "READ": ["9ad24203-ae6a-4e5e-aa10-a8c38fd11f17"],
          "WRITE":["b9236d3a-41d4-4efd-a695-cb0f758cbf86"],
          "PUBLISH":["d8beb217-1889-40dd-99ad-fbd3cab7c426", "d3e78673-044a-4e1e-a38a-56f48cc6d5a5", "9ad24203-ae6a-4e5e-aa10-a8c38fd11f17"]
    }
}

but the other actions, like Save doesn't work:

{
    "actionName": "save",
    "comments": "save content",
    "contentlet": {
      "contentType":"MyType",
      "title": "Content 1",
      "identifier": "db982967e39ffaf6262f00be12679728"
    },
    "individualPermissions": {
          "EDIT_PERMISSIONS":["02ae46fa-cb67-4ed8-82d5-f1f9a5e1d744"],
          "CAN_ADD_CHILDREN": ["e37accbd-6a67-4ff4-adfe-cff423030a0b"],
          "READ": ["9ad24203-ae6a-4e5e-aa10-a8c38fd11f17"],
          "WRITE":["b9236d3a-41d4-4efd-a695-cb0f758cbf86"],
          "PUBLISH":["d8beb217-1889-40dd-99ad-fbd3cab7c426", "d3e78673-044a-4e1e-a38a-56f48cc6d5a5", "9ad24203-ae6a-4e5e-aa10-a8c38fd11f17"]
    }
}

If one permission fails to save, just write an error and continue with the rest

If I type an invalid roleId, the response is 200 (OK) and all the permissions added after the invalid one are ignored:

{
    "actionName": "publish",
    "comments": "publish content",
    "contentlet": {
      "contentType":"MyType",
      "title": "Content 1",
      "identifier": "db982967e39ffaf6262f00be12679728"
    },
    "individualPermissions": {
          "EDIT_PERMISSIONS":["02ae46fa-cb67-4ed8-82d5-f1f9a5e1d744"],
          "CAN_ADD_CHILDREN": ["e37accbd-6a67-4ff4-adfe-cff423030a0b"],
          "READ": ["dfgdgdfgdfg"], --> Invalid one
          "WRITE":["b9236d3a-41d4-4efd-a695-cb0f758cbf86"], --> Ignored
          "PUBLISH":["d8beb217-1889-40dd-99ad-fbd3cab7c426", "d3e78673-044a-4e1e-a38a-56f48cc6d5a5", "9ad24203-ae6a-4e5e-aa10-a8c38fd11f17"] --> Ignored
    }
}

When passing the roles to permission, allow roles to be specified by Role Key (which for users is a userId) OR Role ID

You should be able to pass either a role's UUID or the Role Key for any role

Follow the Null, Empty Collection, Collection rule of our other dependencies

if the individualPermissions is not specified (null) we should not do anything with permissions
if the individualPermissions is an empty map, we should wipe out all permissions
if the individualPermissions are specified, we replace all the permissions with the new list

Originally posted by @nollymar in #22418 (comment)

The text was updated successfully, but these errors were encountered:

bryanboza · 2022-09-15T20:56:31Z

We need to catch the exception in case you send an incorrect id, we are getting 500 error code instead the 404

The message is ok, but the error code need some work

… next

…ns are better handled on rest

…vior on test

… the same name

jdotcms · 2022-11-09T15:13:22Z

PR

#23272) * #22993 sending the PR again since the previous is having a weird behavior on test * #22993 seems to exists a conflict since an unit test and it test have the same name * #22993 seems to exists a conflict since an unit test and it test have the same name * #22993 fixing an unit test issue * #22993 fixing save draft * #22993 adding fixes for curl test * #22993 adding fixes for curl test * #22993 adding fixes for curl test * #22993 adding fixes for curl test

josemejias11 · 2023-04-13T17:49:59Z

Failed QA - Tested on 23.05_3650a5d0_SNAPSHOT // Docker // macOS 13.0 // FF v111.0

Passing the following test

If I type an invalid roleId, the response is 200 (OK) and all the permissions added after the invalid one are ignored
if the individualPermissions is not specified (null) we should not do anything with permissions
if the individualPermissions is an empty map, we should wipe out all permissions
if the individualPermissions are specified, we replace all the permissions with the new list

bryanboza · 2023-04-13T20:08:59Z

For this issue we are ok with the specific scenarions, we will move the failing case to a new card in order to test the correct response codes in all the resource. #24627

josemejias11 · 2023-04-13T21:37:42Z

Approved QA - Tested on 23.05_3650a5d0_SNAPSHOT // Docker // macOS 13.0 // FF v111.0

Failing test will be addressed in card #24627

wezell added the Team : Scout label Sep 14, 2022

bryanboza mentioned this issue Sep 15, 2022

Update WorkflowAPI to accept a list of permissions with a content submission #22418

Closed

wezell assigned wezell and jdotcms and unassigned wezell Sep 27, 2022

jdotcms added the Release : 22.12 label Sep 29, 2022

jdotcms added a commit that referenced this issue Sep 29, 2022

#22993 adding permissions on save draft

8d6b790

jdotcms added a commit that referenced this issue Sep 30, 2022

#22993 now when permission is wrong, just skips and continue with the…

b02ba85

… next

jdotcms added a commit that referenced this issue Oct 3, 2022

#22993 now supports permissions by role id + user id and the exceptio…

56e2de4

…ns are better handled on rest

jdotcms added a commit that referenced this issue Oct 5, 2022

#22993 adding unit test

9215122

jdotcms added a commit that referenced this issue Oct 5, 2022

#22993 merge master

a3437c7

nollymar mentioned this issue Oct 6, 2022

#22993 adding permissions on save draft #23065

Closed

wezell added QA : Needs Internal dotCMS : Rest API Doc : Needs Doc labels Oct 18, 2022

jdotcms added a commit that referenced this issue Oct 19, 2022

#22993 merging master done

b34c947

jdotcms added a commit that referenced this issue Oct 19, 2022

#22993 adding more it test

30f63e5

jdotcms added a commit that referenced this issue Oct 21, 2022

#22993 adding feedback

32ac492

jdotcms added a commit that referenced this issue Oct 31, 2022

#22993 sending the PR again since the previous is having a weird beha…

3bf5fca

…vior on test

jdotcms added a commit that referenced this issue Nov 2, 2022

#22993 seems to exists a conflict since an unit test and it test have…

f942206

… the same name

jdotcms added a commit that referenced this issue Nov 2, 2022

#22993 seems to exists a conflict since an unit test and it test have…

5939bea

… the same name

jdotcms added a commit that referenced this issue Nov 2, 2022

#22993 fixing an unit test issue

ffc0496

jdotcms added a commit that referenced this issue Nov 15, 2022

#22993 merge master done

2663075

jdotcms added a commit that referenced this issue Nov 21, 2022

#22993 merge master done

86d76d4

jdotcms added a commit that referenced this issue Nov 21, 2022

#22993 merge master done

d3310f6

jdotcms added a commit that referenced this issue Nov 23, 2022

#22993 merge master done again

88eaae0

erickgonzalez added Release : 23.01 and removed Release : 22.12 labels Dec 7, 2022

dsilvam removed the Release : 23.01 label Jan 27, 2023

nollymar added Merged Release : 23.03 labels Feb 21, 2023

nollymar unassigned jdotcms Feb 21, 2023

jdotcms added a commit that referenced this issue Mar 10, 2023

#22993 merge master done

0a5d1a6

jdotcms added a commit that referenced this issue Mar 13, 2023

#22993 fixing save draft

f99d7be

jdotcms added a commit that referenced this issue Mar 13, 2023

#22993 adding fixes for curl test

c739d17

jdotcms added a commit that referenced this issue Mar 14, 2023

#22993 adding fixes for curl test

5a830ba

jdotcms added a commit that referenced this issue Mar 14, 2023

#22993 adding fixes for curl test

3c1c420

jdotcms added a commit that referenced this issue Mar 14, 2023

#22993 adding fixes for curl test

2906e5e

nollymar linked a pull request Mar 14, 2023 that will close this issue

#22993 sending the PR again since the previous is having a weird beha… #23272

Merged

nollymar added QA : Passed Internal Release : 23.05 Needs QA and removed Release : 23.03 labels Mar 20, 2023

dsilvam removed the Needs QA label Mar 21, 2023

nollymar removed the QA : Needs Internal label Mar 27, 2023

josemejias11 added the Needs Work label Apr 13, 2023

bryanboza mentioned this issue Apr 13, 2023

Standardize response codes on fire endpoint in the Workflow API #24627

Closed

josemejias11 added QA : Approved and removed Needs Work labels Apr 13, 2023

nollymar closed this as completed Aug 28, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Content+Permission REST improvements #22993

Content+Permission REST improvements #22993

wezell commented Sep 14, 2022 •

edited

Loading

bryanboza commented Sep 15, 2022

jdotcms commented Nov 9, 2022

josemejias11 commented Apr 13, 2023 •

edited by bryanboza

Loading

bryanboza commented Apr 13, 2023

josemejias11 commented Apr 13, 2023

Content+Permission REST improvements #22993

Content+Permission REST improvements #22993

Comments

wezell commented Sep 14, 2022 • edited Loading

Make the permissions work on every action

If one permission fails to save, just write an error and continue with the rest

When passing the roles to permission, allow roles to be specified by Role Key (which for users is a userId) OR Role ID

Follow the Null, Empty Collection, Collection rule of our other dependencies

bryanboza commented Sep 15, 2022

jdotcms commented Nov 9, 2022

josemejias11 commented Apr 13, 2023 • edited by bryanboza Loading

bryanboza commented Apr 13, 2023

josemejias11 commented Apr 13, 2023

wezell commented Sep 14, 2022 •

edited

Loading

josemejias11 commented Apr 13, 2023 •

edited by bryanboza

Loading