One easy way of settting permissions for Oracle Content and Experience with the REST API
March 23, 2020 | 2 minute readSetting permissions with the REST API
Oracle Content and Experience has a REST API endpoint for setting Permissions or various objects like ContentTypes and Repositories. You can use this endpoint to add or revoke permissions.
To invoke the API you need to send a POST request to https://host.cec.ocp.oraclecloud.com/content/management/api/v1.1/permissionOperations?links=none
As with any POST operation, you have to send a body. The body has to be an JSON document. Therefore, you have to set the Content-Type header to application/json.
The API body is simple. To add or change permissions, send a body with this structure.
{
"operations": {
"share": {
"resource": {
"id": "0E59C237D0054270885122215E6567D0",
"name": "Article",
"type": "type"
},
"roles": [
{
"name": "contributor",
"users": [
{
"name": "EDITORS",
"type": "group",
"groupType": "CEC"
}
]
}
]
}
}
}
With curl
With curl the request will look like this:
curl --location --request POST 'https://host.cec.ocp.oraclecloud.com/content/management/api/v1.1/permissionOperations?links=none' \
--header 'X-Requested-With: XMLHttpRequest' \
--header 'Content-Type: application/json' \
--user <user:secret> \
--data-raw '{
"operations": {
"share": {
"resource": {
"id": "0E59C237D0054270885122215E6567D0",
"name": "Article",
"type": "type"
},
"roles": [
{
"name": "contributor",
"users": [
{
"name": "EDITORS",
"type": "group",
"groupType": "CEC"
}
]
}
]
}
}
}'Operations
In the JSON body, the operation can be "share" or "unshare". Unshare is used to remove a user or group as a member.
Resource types
There are 3 types of Content-as-a-Service objects that can have members and thus permissions. The "type" field under "resource" can have these values.
| Resource | Type |
|---|---|
| ContentType | type |
| Repository | repository |
| Channels | channel |
Roles
The "roles" can have "name" of “manager”, “contributor” or “viewer”.
Groups or individual user
The objects in the array for the "users" field can have a type of “group” or “user” . If is is of type group, the "groupType" can be of “IDP” for an IDCS managed group or “CEC” for an Oracle Content and Experienced managed group.
Unsharing
The body for an unshare operation has this structure:
{
"operations": {
"unshare": {
"resource": {
"id": "E876FBCC753246E7AEF86BD20A6060FC",
"name": "MyRepo",
"type": "repository"
},
"users": [{ "name": "MyGroup", "type": "group", "groupType": "IDP" }]
}
}
}Sharing for the first time
When you share a resource for the first time with a group, you can add an additional message, that can be send out as an email to the user or group members.
{
"operations": {
"share": {
"resource": {
"id": "E876FBCC753246E7AEF86BD20A6060FC",
"name": "MyRepo",
"type": "repository"
},
"roles": [
{
"name": "contributor",
"message": "I added you as a member to repository \"MyRepo.\" It should appear in your list when you sign in to Oracle Content and Experience.",
"users": [
{ "name": "MyGroup", "type": "group", "groupType": "IDP" }
]
}
]
}
}
}Dolf Dijkstra
Cloud Solutions Architect
Previous Post