DE EN EN (Google)

Get information about objects to be created

POST /api/v1/db_info/create?token=<token>

Retrieves information about what kind of objects is the session user allowed to create.

Usually, this call is executed twice:

  1. without parameters, to obtain the list of allowed objecttypes and pools
  2. with an objecttype (and a pool), to obtain the available tags and masks

Query String

token Session token acquired with /api/v1/session

Input

A JSON object with the following attributes

objecttype Object type of the object (string, optional)
pool_id Pool ID the new object will be in (integer, optional), this is ignored if the objecttype was not provided
tag_ids Tag IDs for the new object (array of integers, optional, nullable), this is ignored if the objecttype was not provided

If tag_ids is not given and the objecttype supports tags, the server will use the default tags. In this case, if the objecttype has a pool link the pool_id is required. Otherwise, no tags will be used.

If tag_ids is set to null, tag filters will be ignored.

Output

The output format is described below. The following rules apply:

If the tag_ids parameter is provided, the tag filters will be checked against the given tags. If no tag_ids are provided, the tag filters will be ignored. If the creation is not allowed for the given combination, an error is returned.

The output is a JSON object:

Parameter Description
_available_objecttypes Available objecttypes for which the user has a “create” right (list), optionally filtered (see above)
_id Objecttype ID (integer)
name Objecttype name (string)
pool_ids Pool IDs for which the user has a “create” right (list of integers)
_available_tags Available tags
_id Tag ID (integer)
_is_default Tag is default (boolean)
_available_masks Available masks
_id Mask ID (integer): the mask “_all_fields” has no ID
name Mask name (string)

The _available_masks are sorted by preference, according to the rules stated in mask management.

Permissions

The user has to be authenticated.

HTTP status codes

200 Success
400 API error: something is malformed
400 Not Authenticated: session is not authenticated
400 No Masks For Create: no masks available
500 Server error: internal server error

Get information about objects to be updated

POST /api/v1/db_info/update?token=<token>

Retrieves information about permissions, available masks and available tags for existing objects.

Query String

token Session token acquired with /api/v1/session

Input

A JSON object with the following attributes

objecttype Object type of the object (string)
object_ids Object IDs of existing objects (array of integers)
pool_id New pool for the objects (integer, optional)
tag_ids Tag IDs for the new objects (array of integers, optional)

Output

The output is a JSON object with the following attributes:

_generated_rights Effective rights for the objects (map)
_available_pools Pools the user is allowed to link the objects to (list of integers)
_available_tags Available tags for the objects (array of tag entries): only provided if “write” is in _generated_rights
_available_masks Available masks for the objects (array of entries: see below): only provided if “write” is in _generated_rights

All fields are calculated as the intersection of the values for each object. That means that if only one object in the list does not have the “unlink” right, it will not appear in the list, for instance. Conversely, every right that appears in the _generated_rights is available for each object. The same applies to the other attributes.

The generated rights taken into account are: “read”, “write”, “delete” and “unlink”. If the user has no “write” right, “unlink” will not be tested, since they would not to be able to modify the object anyway. So, the possible values are:

{ [ "read", ["write", ["delete"], ["unlink"]] ] }

The _available_tags are only rendered with the attributes _id and _is_default.

The _available_masks are sorted by preference, according to the rules stated in mask management. Each entry contains the mask name as name (string) and the mask ID as _id (integer). The mask “_all_fields” has no ID.

If the pool_id parameter is provided, the available_tags and available_masks will take into account this ID instead of the current pool IDs of the objects.

If the tag_ids parameter is provided, the available_tags and available_masks will take into account these tags instead of the current tags of the objects.

HTTP status codes

200 Success
400 API error: something is malformed
400 Not Authenticated: session is not authenticated
500 Server error: internal server error