Oracle Content and Experience has a REST API endpoint for setting Permissions or various objects like ContentTypes and Repositories. You can use this endpoint to add or revoke permissions.
To invoke the API you need to send a POST request to https://host.cec.ocp.oraclecloud.com/content/management/api/v1.1/permissionOperations?links=none
As with any POST operation, you have to send a body. The body has to be an JSON document. Therefore, you have to set the Content-Type
header to application/json
.
The API body is simple. To add or change permissions, send a body with this structure.
{
"operations": {
"share": {
"resource": {
"id": "0E59C237D0054270885122215E6567D0",
"name": "Article",
"type": "type"
},
"roles": [
{
"name": "contributor",
"users": [
{
"name": "EDITORS",
"type": "group",
"groupType": "CEC"
}
]
}
]
}
}
}
With curl the request will look like this:
curl --location --request POST 'https://host.cec.ocp.oraclecloud.com/content/management/api/v1.1/permissionOperations?links=none' \
--header 'X-Requested-With: XMLHttpRequest' \
--header 'Content-Type: application/json' \
--user <user:secret> \
--data-raw '{
"operations": {
"share": {
"resource": {
"id": "0E59C237D0054270885122215E6567D0",
"name": "Article",
"type": "type"
},
"roles": [
{
"name": "contributor",
"users": [
{
"name": "EDITORS",
"type": "group",
"groupType": "CEC"
}
]
}
]
}
}
}'
In the JSON body, the operation can be "share"
or "unshare"
. Unshare is used to remove a user or group as a member.
There are 3 types of Content-as-a-Service objects that can have members and thus permissions. The "type"
field under "resource"
can have these values.
Resource | Type |
---|---|
ContentType | type |
Repository | repository |
Channels | channel |
The "roles"
can have "name"
of “manager”, “contributor” or “viewer”.
The objects in the array for the "users"
field can have a type of “group” or “user” . If is is of type group, the "groupType"
can be of “IDP” for an IDCS managed group or “CEC” for an Oracle Content and Experienced managed group.
The body for an unshare operation has this structure:
{
"operations": {
"unshare": {
"resource": {
"id": "E876FBCC753246E7AEF86BD20A6060FC",
"name": "MyRepo",
"type": "repository"
},
"users": [{ "name": "MyGroup", "type": "group", "groupType": "IDP" }]
}
}
}
When you share a resource for the first time with a group, you can add an additional message, that can be send out as an email to the user or group members.
{
"operations": {
"share": {
"resource": {
"id": "E876FBCC753246E7AEF86BD20A6060FC",
"name": "MyRepo",
"type": "repository"
},
"roles": [
{
"name": "contributor",
"message": "I added you as a member to repository \"MyRepo.\" It should appear in your list when you sign in to Oracle Content and Experience.",
"users": [
{ "name": "MyGroup", "type": "group", "groupType": "IDP" }
]
}
]
}
}
}
Previous Post