Organization Permissions

The MANAGE Organization permission gives the access to actions and resources across the entire GoodData.CN deployment. This permission should be reserved for administrators.

Note

Permissions are a beta feature. Please note that the implementation of these features is not finalized, and the behavior or interface of these features is subject to change.

Supported Permissions

The following permissions are applicable to the Organization object type:

MANAGE
User has access to any protected action or resource.

Set Permissions For an Organization

Permissions for an organization are set using the /api/layout/organization declarative API endpoint.

Steps:

Make the following API call to fetch an up-to-date json definition of your organization layout:

curl -H "Authorization: Bearer <your_bearer_token>" \
    -H "Content-Type: application/json" \
    -X GET \
    <your_hostname>/api/layout/organization

In the organization layout json file, update the permissions definition:

{
  "organization": {
    ...,
    "permissions": [
        {
            "assignee": {
                "id": "<user_id_or_user_group_id>",
                "type": "<user_or_userGroup>"
            },
            "name": "MANAGE"
        }
    ]
  }
}

Update the organization using your updated json in the following API call:

curl -H "Authorization: Bearer <your_bearer_token>" \
  -H "Content-Type: application/json" \
  -X PUT \
  <your_hostname>/api/layout/organization -d @<your_updated_organization_layout>.json

Data Source Permissions