This call changes a project member's permissions for a specified project.

Users may have the following permissions on CAVATICA:

Read
Write
Copy
Execute
Admin

For more information, see the documentation on setting project member permissions. Note that some user permissions imply others: for example, if you give a user admin permission, then they automatically receive read, write, copy and execute permissions.

👍
PUT and PATCH
The CAVATICA API has two method to modify project members' permissions. This method uses the HTTP verb PUT, and the other uses the HTTP verb PATCH.
The difference between the two concerns the way that they update the information stored about the user. PATCH allows you to update just one part of the user's information --- for instance, just the value stored for the user's copy permission. On the other hand, a PUT request will fully overwrite the user's permission information. This means that when issuing a PUT request you must enter values for every key required to describe the user, even if the values for some keys are unchanged.

https://cavatica-api.sbgenomics.com/v2/projects/{project_owner}/{project}/members/{username}/permissions

Request

Example request

PUT /v2/projects/rfranklin/my-project/members/crick/permissions HTTP/1.1
Host: cavatica-api.sbgenomics.com
X-SBG-Auth-Token: 3259c50e1ac5426ea8f1273259740f74

curl -X PUT --data-binary "@permissions-for-crick.json" -H "X-SBG-Auth-Token: ce7ae5ab85e946599298e88a3430fba0" 'http://cavatica-api.sbgenomics.com/v2/projects/rfranklin/my-project/members/crick/permissions'

Header Fields

Name	Description
`X-SBG-Auth-Token` required	Your CAVATICA authentication token.

Path parameters

Name	Description
`project`	The short name of the project containing the project member.
`project_owner`	The owner of the project containing the project member.
`username`	The CAVATICA username of the user whose permissions you are overwriting.

Query parameters

Name	Data type	Description
`fields`	string	Selector specifying a subset of fields to include in the response.

Request body

In the body, you should enter a list of key-value pairs. The keys, and the values they take, are described in the following table.

Key	Data type of value	Description of value
`"read"`	Boolean: `true` or `false`	User can view file names, metadata, and workflows. They cannot view file contents. All members of a project have `read` permissions by default. Even if you try setting `read` permissions to `false`, they will still default to `true`.
`"write"`	Boolean: `true` or `false`	User can add, modify, and remove files and workflows in a project. Set value to `true` to assign the user copy permission. Set to `false` to remove copy permission.
`"copy"`	Boolean: `true` or `false`	User can view file content, copy, and download files from a project. Set value to `true` to assign the user copy permission. Set to `false` to remove copy permission.
`"execute"`	Boolean: `true` or `false`	User can execute workflows and abort tasks in a project. Set value to `true` to assign the user copy permission. Set to `false` to remove copy permission.
`"admin"`	Boolean: `true` or `false`	User can modify another user's permissions on a project, add or remove people from the project and manage funding sources. They also have all of the above permissions. Set value to `true` to assign the user copy permission. Set to `false` to remove copy permission.

Example request body

{
  "read": true,
  "write": true,
  "copy": true,
  "execute": true,
  "admin": false
}

Response

See a list of CAVATICA-specific response codes that may be contained in the body of the response.

Example response body

{
  "write": true,
  "read": true,
  "copy": true,
  "execute": true,
  "admin": false
}