Skip to main content

 

MindTouch Success Center

pages/{pageid}/security (GET)

Overview

Retrieve page security info

  • REST Method: GET
  • Method Access: public

Uri Parameters

Name Type Description
pageid string either an integer page ID, "home", or "=" followed by a double uri-encoded page title

Query Parameters

Name Type Description
export bool? Exclude site specific information (default: false)
authenticate bool? Force authentication for request (default: false)
redirects int? If zero, do not follow page redirects.

Return Codes

Name Value Description
OK 200 The request completed successfully
Bad Request 400 Invalid input parameter or request body
Forbidden 403 Browse access to the page is required
Not Found 404 Requested page could not be found

Message Format

Output:

<security href="{uri}">
    <permissions.effective>
        <operations mask="{int}">{text}</operations> 
    </permissions.effective>
    <permissions.page>
        <operations mask="{int}">{text}</operations> 
        <restriction>{text}</restriction> 
    </permissions.page>
    <grants>
        <grant>
            <permissions>
                <operations mask="{int}">{text}</operations> 
                <role id="{int}" href="{uri}">{text}</role> 
            </permissions>
            <user id="{int}" href="{uri}">
                <nick>{text}</nick> 
                <username>{text}</username> 
                <email>{text}</email> 
            </user>
            <date.expires>{date}</date.expires> 
            <date.modified>{date}</date.modified> 
            <user.modifiedby id="{int}" href="{uri}">
                <nick>{text}</nick> 
                <username>{text}</username> 
                <email>{text}</email> 
            </user.modifiedby>
        </grant>
        <grant>
            <permissions>
                <operations mask="{int}">{text}</operations> 
                <role id="{int}" href="{uri}">{text}</role> 
            </permissions>
            <group id="{int}" href="{uri}">
                <name>{text}</name> 
            </group>
            <date.expires>{date}</date.expires> 
            <date.modified>{date}</date.modified> 
            <user.modifiedby id="{int}" href="{uri}">
                <nick>{text}</nick> 
                <username>{text}</username> 
                <email>{text}</email> 
            </user.modifiedby>
        </grant>
        ...
    </grants>
</security>

Implementation Notes

the permissions.page element indicates if there is a restriction on the page.  The grants section indicates permissions that have been granted to particular users or groups.  The permissions.effective element describes the page permissions effective for the current caller, which takes both page restriction and grants into account.

Currently defined page restrictions are:

  • Public: All users can read and edit
  • Semi-Public: All users can read, but only selected users can edit
  • Private: Only selected users can read and edit

C# Code Sample: Retrieve Page Security Info

The following code example retrieves the security info of the home page for the anonymous user:

Sample Code

Plug p = Plug.New("http://deki-hayes/@api/deki");
p.At("pages", "home", "security").Get();

Sample Response from executing Code

Sample response indicating that a page restriction and grants have not been set on the home page.  The anonymous user can read the page, but not modify it:

<security href="http://deki-hayes/@api/deki/pages/29/security">
    <permissions.effective>
        <operations mask="15">LOGIN,BROWSE,READ,SUBSCRIBE</operations>
    </permissions.effective>
    <permissions.page>
        <operations mask="0"></operations>
    </permissions.page>
    <grants />
</security>

Curl Code Sample: Retrieve Page Security Info

The following command retrieves security information associated with page "foo":

Sample Code

curl -u username:password -i http://mindtouch.address/@api/deki/pages/=foo/security

Sample Response from executing Code

A response of a page with no security settings associated with it. The <permissions.effective> element contains the permissions of the user making the request.

Content-Type: application/xml

<security href="http://192.168.59.128/@api/deki/pages/21/security">
  <permissions.effective>
    <operations mask="1343">LOGIN,BROWSE,READ,SUBSCRIBE,UPDATE,CREATE,DELETE,CHANGEPERMISSIONS</operations>
  </permissions.effective>
  <permissions.page>
    <operations mask="0"/>
  </permissions.page>
  <grants/>
</security>

Implementation notes 

curl flags

-u
Provides external user authentication. Note that if anonymous access is available and authentication is not forced, this flag may be omitted.
-i
Outputs the HTTP response headers. Useful for debugging.

Pages

To view a list of all pages, follow the instructions here.
  • Was this article helpful?