Skip to content

Rest api to view role permissions [#33917] #33919

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
hassandotcms wants to merge 6 commits into
base: main
Choose a base branch
from
Draft

Rest api to view role permissions [#33917] #33919

hassandotcms wants to merge 6 commits into from
+4,302 −54

Conversation

@hassandotcms
Copy link
Contributor

@hassandotcms hassandotcms commented Nov 25, 2025
edited by github-actions bot
Loading

Proposed Changes

  • Added GET /api/v1/permissions/role/{roleId} endpoint to retrieve all permissions for a role
  • Authorization: admins can view any role, non-admins can only view roles they belong to
  • Added integration tests (6 methods) and Postman tests (5 requests)

Checklist

  • Tests
  • Translations
  • Security Implications Contemplated (add notes if applicable)

Additional Info

** any additional useful context or info **

Screenshots

Original Updated
** original screenshot ** ** updated screenshot **

This PR fixes: #33917

@hassandotcms
modernize(permissions): rest api for get asset permissions (#33835)
0d3efd0 
1. New GET /permissions/{assetId} endpoint - View asset permissions with pagination, supporting all permissionable types (folders, hosts, contentlets, etc.)
2. Permission helper infrastructure - Added AssetPermissionHelper for building responses and ResponseEntityAssetPermissionsView for typed API responses, integrated via CDI
3. Documentation and tests - OpenAPI spec updates and comprehensive Postman test suite covering happy paths, pagination, validation, and error cases
@hassandotcms
Merge branch 'main' of https://github.com/dotCMS/core into 33912-rest…
66a71c4 
…-api-to-update-asset-permissions
@hassandotcms
modernize(permissions): rest api to update asset permission (#33912)
eb4c95b 
- PUT /api/v1/permissions/{assetId} - REST endpoint to save/update asset permissions (admin-only)
- Auto-breaks inheritance when saving on inheriting asset, supports ?cascade=true for async propagation
- Returns message, permissionCount, inheritanceBroken, and updated asset object
@hassandotcms
modernize(permissions): api to reset asset permission (#33914)
23eb435 
- Reset API: PUT /api/v1/permissions/{assetId}/_reset removes individual permissions, making asset inherit from parent
- Idempotency: Returns 409 Conflict if asset already inherits; includes previousPermissionCount in response
- Admin-only: Restricted to admin users for safety
@hassandotcms
Merge branch '33914-rest-api-to-reset-permissions-for-an-asset' into …
5c7cc1e 
…33917-rest-api-to-view-role-permissions
@hassandotcms
modernize(permissions): rest api to get role permissions #33917
907d764 
 - Added GET /api/v1/permissions/role/{roleId} endpoint to retrieve all permissions for a role
 - Authorization: admins can view any role, non-admins can only view roles they belong to
 - Added integration tests (6 methods) and Postman tests (5 requests)
@hassandotcms hassandotcms linked an issue Nov 25, 2025 that may be closed by this pull request
[TASK] Rest API to view role permissions #33917
Open
@github-actions github-actions bot mentioned this pull request Nov 25, 2025
Open
@github-actions
Copy link

github-actions bot commented Dec 26, 2025

This PR is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 7 days.

@github-actions github-actions bot added the stale label Dec 26, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

stale

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[TASK] Rest API to view role permissions

2 participants

@hassandotcms