RESTAPI permission
Hi,
I want to make rest api call with an admin user to verify if a specified user has access to a category, a board or a discussion.
Example: With an admin user, I want to know if user1 can see discussion1 and than if user2 can see discussion1.
Hi MLachapelle,
If you search the REST API documentation for "allowed", you'll find numerous methods which can tell you whether a particular action is allowed. For example:
However, these methods apply for the current user. Since you're logged in as an admin user, you'll essentially have access to everything. To determine whether "user1" or "user2" are allowed to perform an action, you would instead need to authenticate to the REST API as those respective users.
Since you're already an admin user, it's pretty easy to "switch" to another user via the REST API. You can make a call to login (http://lithosphere.lithium.com/t5/rest-api/bd-p/developers-rest-api?leaf-id=AuthenticationManager.sessions.login#AuthenticationManager.sessions.login) and pass in the desired user's login name (i.e. "user1") and the admin user's session key. This will return a session key for "user1". Then, you can make the necessary calls to the various "allowed" methods mentioned previously.
I hope this helps!