docs: dashboard and folder permissions http api

2025-02-25 18:55:37 -06:00 · 2018-02-21 13:09:54 +01:00 · 2018-02-21 13:09:54 +01:00 · 7d89f19f6f
commit 7d89f19f6f
parent b5e96f5ec2
2 changed files with 160 additions and 11 deletions
--- a/docs/sources/http_api/dashboard_permissions.md
+++ b/docs/sources/http_api/dashboard_permissions.md
@ -11,7 +11,7 @@ parent = "http_api"

 # Dashboard Permissions API

-This API can be used to update/get the permissions for a dashboard or a folder.
+This API can be used to update/get the permissions for a dashboard.

 Permissions with `dashboardId=-1` are the default permissions for users with the Viewer and Editor roles. Permissions can be set for a user, a team or a role (Viewer or Editor). Permissions cannot be set for Admins - they always have access to everything.

@ -21,16 +21,16 @@ The permission levels for the permission field:
 - 2 = Edit
 - 4 = Admin

-## Get permissions for a dashboard or folder
+## Get permissions for a dashboard

-`GET /api/dashboards/id/:dashboardId/acl`
+`GET /api/dashboards/id/:dashboardId/permissions`

-Gets all existing permissions for the dashboard or folder with the given `dashboardId`.
+Gets all existing permissions for the dashboard with the given `dashboardId`.

 **Example request**:

 ```http
-GET /api/dashboards/id/1/acl HTTP/1.1
+GET /api/dashboards/id/1/permissions HTTP/1.1
 Accept: application/json
 Content-Type: application/json
 Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk
@ -90,18 +90,18 @@ Status Codes:
 - **200** - Ok
 - **401** - Unauthorized
 - **403** - Access denied
- **404** - Dashboard/folder not found
+- **404** - Dashboard not found

-## Update permissions for a dashboard or folder
+## Update permissions for a dashboard

-`POST /api/dashboards/id/:dashboardId/acl`
+`POST /api/dashboards/id/:dashboardId/permissions`

-Updates permissions for a dashboard or folder. This operation will remove existing permissions if they're not included in the request.
+Updates permissions for a dashboard. This operation will remove existing permissions if they're not included in the request.

 **Example request**:

 ```http
-POST /api/dashboards/id/1/acl
+POST /api/dashboards/id/1/permissions
 Accept: application/json
 Content-Type: application/json
 Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk
@ -138,7 +138,7 @@ HTTP/1.1 200 OK
 Content-Type: application/json; charset=UTF-8
 Content-Length: 35

-{"message":"Dashboard acl updated"}
+{"message":"Dashboard permissions updated"}
 ```

 Status Codes:
--- a/docs/sources/http_api/folder_permissions.md
+++ b/docs/sources/http_api/folder_permissions.md
@ -0,0 +1,149 @@
+++
+title = "Folder Permissions HTTP API "
+description = "Grafana Folder Permissions HTTP API"
+keywords = ["grafana", "http", "documentation", "api", "folder", "permission", "permissions", "acl"]
+aliases = ["/http_api/dashboardpermissions/"]
+type = "docs"
+[menu.docs]
+name = "Folder Permissions"
+parent = "http_api"
+++
+
+# Folder Permissions API
+
+This API can be used to update/get the permissions for a folder.
+
+Permissions with `folderId=-1` are the default permissions for users with the Viewer and Editor roles. Permissions can be set for a user, a team or a role (Viewer or Editor). Permissions cannot be set for Admins - they always have access to everything.
+
+The permission levels for the permission field:
+
+- 1 = View
+- 2 = Edit
+- 4 = Admin
+
+## Get permissions for a folder
+
+`GET /api/folders/:uid/permissions`
+
+Gets all existing permissions for the folder with the given `uid`.
+
+**Example request**:
+
+```http
+GET /api/folders/nErXDvCkzz/permissions HTTP/1.1
+Accept: application/json
+Content-Type: application/json
+Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk
+```
+
+**Example Response**
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/json; charset=UTF-8
+Content-Length: 551
+
+[
+  {
+    "id": 1,
+    "folderId": -1,
+    "created": "2017-06-20T02:00:00+02:00",
+    "updated": "2017-06-20T02:00:00+02:00",
+    "userId": 0,
+    "userLogin": "",
+    "userEmail": "",
+    "teamId": 0,
+    "team": "",
+    "role": "Viewer",
+    "permission": 1,
+    "permissionName": "View",
+    "uid": "nErXDvCkzz",
+    "title": "",
+    "slug": "",
+    "isFolder": false,
+    "url": ""
+  },
+  {
+    "id": 2,
+    "dashboardId": -1,
+    "created": "2017-06-20T02:00:00+02:00",
+    "updated": "2017-06-20T02:00:00+02:00",
+    "userId": 0,
+    "userLogin": "",
+    "userEmail": "",
+    "teamId": 0,
+    "team": "",
+    "role": "Editor",
+    "permission": 2,
+    "permissionName": "Edit",
+    "uid": "",
+    "title": "",
+    "slug": "",
+    "isFolder": false,
+    "url": ""
+  }
+]
+```
+
+Status Codes:
+
+- **200** - Ok
+- **401** - Unauthorized
+- **403** - Access denied
+- **404** - Folder not found
+
+## Update permissions for a folder
+
+`POST /api/folders/:uid/permissions`
+
+Updates permissions for a folder. This operation will remove existing permissions if they're not included in the request.
+
+**Example request**:
+
+```http
+POST /api/folders/nErXDvCkzz/permissions
+Accept: application/json
+Content-Type: application/json
+Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk
+
+  "items": [
+    {
+      "role": "Viewer",
+      "permission": 1
+    },
+    {
+      "role": "Editor",
+      "permission": 2
+    },
+    {
+      "teamId": 1,
+      "permission": 1
+    },
+    {
+      "userId": 11,
+      "permission": 4
+    }
+  ]
+}
+```
+
+JSON body schema:
+
+- **items** - The permission items to add/update. Items that are omitted from the list will be removed.
+
+**Example response**:
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/json; charset=UTF-8
+Content-Length: 35
+
+{"message":"Folder permissions updated"}
+```
+
+Status Codes:
+
+- **200** - Ok
+- **401** - Unauthorized
+- **403** - Access denied
+- **404** - Dashboard not found