Forum Discussion

syaguma's avatar
syaguma
Leader
7 years ago

Question about "Make REST API calls with read access" permission

Hi all,   This is probably an obvious question, but I'd just like to get a quick confirmation... If I set the "Make REST API calls with read access" to GRANT for a role at the root node of my comm...
nehaSharma's avatar
nehaSharma
Expert
7 years ago

Hi syaguma

If you set the "Make REST API calls with Read access" to GRANT for a particular role at the root node, then it would be set as GRANT for all the sub nodes by Default. But you change this permission explicitly for a sub-node by changing permissions on that particular node.

A better way to this would be to change permissions only on Sub nodes and not on root level until and unless we want to grant Permissions at the Root level.

 

The Read Access permission is used to set read permissions for categories, boards, posts etc and it would not impact the read access to the API user.

syaguma's avatar
syaguma
Leader
7 years ago

Hi nehaSharma,

 

Thanks for the reply!  

 

I think I understand, but just to be sure... are you saying that the following are true?

  1. Permission settings for a role configured at the root node sets the global defaults for that role throughout the community. [Global defaults can be overridden by explicit Deny, as normal].
  2. Granting "Make REST API calls with Read access" and "Make REST API calls with Modify access" for a user essentially ignores all other permissions settings for that node... as long as the actions are performed via API.

 

Thanks again!

 

  • syaguma's avatar
    syaguma
    Leader
    7 years ago
    Tested #1 and it worked as you described, though I did encounter some odd behavior. If I have time, I'll think through the logic on what I observed.

    Thanks nehaSharma