Skip to content

Implement rest api save user permissions endpoint [#33393] #33426

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 29 commits into
base: main
Choose a base branch
from
Open

Implement rest api save user permissions endpoint [#33393] #33426

wants to merge 29 commits into from

Conversation

@hassandotcms
Copy link
Contributor

@hassandotcms hassandotcms commented Oct 2, 2025
edited
Loading

Proposed Changes

  • Implemented REST API to save/update user permissions on specific assets (hosts/folders)
  • Supports multiple permission scopes (INDIVIDUAL, HOST, FOLDER) and levels (READ, WRITE, PUBLISH, EDIT_PERMISSIONS, CAN_ADD_CHILDREN)
  • Supports cascading permissions to child assets
  • Added integration tests covering success scenarios, validation, and security checks

fixes #33393

@hassandotcms
modernize(users portlet): implement rest api to fetch permissions by …
edd4e72 
…user. (#33345)

- add new response view class.
@hassandotcms
modernize(users portlet): implement rest api to fetch permissions by …
ad5b3af 
…user. (#33345)

- implement helper methods for user permission rest api.
@hassandotcms
modernize(users portlet): implement rest api to fetch permissions by…
c12b104 
… user. (#33345)

 - get api implementation to return user specific permissions by id/email, by hosts/folder.
@hassandotcms
modernize(users portlet): implement rest api to fetch permissions by …
16b12dd 
…user. (#33345)

- integration test added to verify the functionality of get user permissions rest api.
@hassandotcms
modernize(users portlet): implement rest api to fetch permissions by …
ed2b99c 
…user. (#33345)

update api docs.
@hassandotcms
modernize(users portlet): implement rest api to fetch permissions by …
0f7b247 
…user. (#33345)

add postman test.
@hassandotcms
Merge branch 'main' of https://github.com/dotCMS/core into 33345-impl…
8a25c56 
…ement-rest-api-get-user-permissions-endpoint
@hassandotcms
modernize(users portlet): implement rest api to fetch permissions by …
0e2df73 
…user. (#33345)

fix integration tests, response type error.
@hassandotcms
modernize(users portlet): implement rest api to fetch permissions by …
90b0991 
…user. (#33345)

support api classes to be available for injection via CDI.
@hassandotcms
modernize(users portlet): implement rest api to fetch permissions by …
e57b758 
…user. (#33345)

enable CDI for userPermissionHelper, to enable injection.
@hassandotcms
modernize(users portlet): implement rest api to fetch permissions by…
e30c863 
… user. (#33345)

 fix integ tests
@hassandotcms
modernize(users portlet): implement rest api to fetch permissions by…
334af95 
… user. (#33345)

  - Return specific response type instead of generic Response
  - Add better documentation and error messages
  - Split user loading into separate helper method
@hassandotcms
modernize(users portlet): implement rest api to fetch permissions by…
dd74fa2 
… user. (#33345)

 refactoring and cleanup.
@hassandotcms
Merge branch 'main' of https://github.com/dotCMS/core into 33345-impl…
0544da9 
…ement-rest-api-get-user-permissions-endpoint
@hassandotcms
modernize(users portlet): implement rest api to fetch permissions by …
fcd517c 
…user. (#33345)

move helper method to helper class.
@hassandotcms
modernize(users portlet): implement rest api to fetch permissions me…
079c33e 
…tadata. (#33394)

 add view class for permission metadata.
@hassandotcms
modernize(users portlet): implement rest api to fetch permissions met…
36decff 
…adata. (#33394)

implement rest api for permission metadata.
@hassandotcms
modernize(users portlet): implement rest api to fetch permissions met…
5420dec 
…adata. (#33394)

add javadoc, refactoring in helper methods to make them reusable and update api docs.
@hassandotcms
modernize(users portlet): implement rest api to fetch permissions me…
f514ec8 
…tadata. (#33394)

 fix constructor init issue.
@hassandotcms
modernize(users portlet): implement rest api to fetch permissions me…
9e6873a 
…tadata. (#33394)

 add postman test for permission metadata api
@hassandotcms
Merge branch 'main' of https://github.com/dotCMS/core into 33394-impl…
a50e016 
…ement-rest-api-get-permission-metadata
@hassandotcms
modernize(users-portlet) #33394
867b609 
 - Create PermissionMetadata, UserPermissions, and UserPermissionAsset beans for type-safe API responses
 - Update permission endpoints to return ResponseEntityView wrappers instead of generic Response objects
 - Replace Map-based data structures with beans
@hassandotcms
modernize(users-portlet): rest api for saving permissions [#33393]
64ff4cc 
- created rest resource endpoint to save/update user permissions.
- helper methods to validate transform permission data
@hassandotcms
modernize(users-portlet): rest api for saving permissions [#33393]
41aed50 
- write integration tests to validate the user permissions.
  success/validation scenarios.
@hassandotcms
Merge branch 'main' of https://github.com/dotCMS/core into 33393-impl…
77bb2a1 
…ement-rest-api-save-user-permissions-endpoint
@hassandotcms hassandotcms linked an issue Oct 2, 2025 that may be closed by this pull request
Implement REST API: Save User Permissions Endpoint #33393
Open
@github-actions github-actions bot mentioned this pull request Oct 2, 2025
Open
@hassandotcms
Merge branch 'main' of https://github.com/dotCMS/core into 33394-impl…
9aab8a5 
…ement-rest-api-get-permission-metadata
@hassandotcms
Merge branch '33394-implement-rest-api-get-permission-metadata' into …
4106e61 
…33393-implement-rest-api-save-user-permissions-endpoint
@hassandotcms hassandotcms force-pushed the 33393-implement-rest-api-save-user-permissions-endpoint branch from 44c897b to 4106e61 Compare October 10, 2025 14:29
@hassandotcms hassandotcms requested a review from jdotcms October 10, 2025 15:30
jdotcms
jdotcms reviewed Oct 10, 2025
View reviewed changes
dotCMS/src/main/java/com/dotcms/rest/api/v1/user/UserPermissionHelper.java Outdated
* @throws DotDataException if asset resolution fails
* @throws DotSecurityException if security check fails
*/
public Permissionable resolveAsset(final String assetId, final User systemUser)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

should rename system user as a just user

@hassandotcms hassandotcms marked this pull request as ready for review October 13, 2025 15:07
@hassandotcms
modernize(users-portlet): rest api to save user permissions #33393
30efede 
 1. Change List→Set for permission levels to prevent duplicates (PermissionMetadataView, SaveUserPermissionsForm, UserPermissionAsset, UserPermissionHelper)
  2. Rename PermissionMetadata→PermissionMetadataView following dotCMS naming conventions for REST views
  3. Replace switch statement with Function map in convertPermissionNamesToBits(), rename systemUser→user parameter
@hassandotcms
Merge branch 'main' of https://github.com/dotCMS/core into 33393-impl…
02e17db 
…ement-rest-api-save-user-permissions-endpoint
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jdotcms jdotcms jdotcms approved these changes

At least 2 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Implement REST API: Save User Permissions Endpoint

3 participants

@hassandotcms @jdotcms