/projects/{project_owner}/{project}/members/{username}/permissions
For general information on the API, including formatting, parameters, and pagination, please see the API Overview.
This call changes a project member's permissions for a specified project.
Users may have the following permissions on CAVATICA:
- Read
- Write
- Copy
- Execute
- Admin
For more information, see the documentation on setting project member permissions. Note that some user permissions imply others: for example, if you give a user admin permission, then they automatically receive read, write, copy and execute permissions.
PUT and PATCH
The CAVATICA API has two method to modify project members' permissions. This method uses the HTTP verb
PUT
, and the other uses the HTTP verbPATCH
.The difference between the two concerns the way that they update the information stored about the user.
PATCH
allows you to update just one part of the user's information --- for instance, just the value stored for the user'scopy
permission. On the other hand, aPUT
request will fully overwrite the user's permission information. This means that when issuing aPUT
request you must enter values for every key required to describe the user, even if the values for some keys are unchanged.
https://cavatica-api.sbgenomics.com/v2/projects/{project_owner}/{project}/members/{username}/permissions
Request
Example request
PUT /v2/projects/rfranklin/my-project/members/crick/permissions HTTP/1.1
Host: cavatica-api.sbgenomics.com
X-SBG-Auth-Token: 3259c50e1ac5426ea8f1273259740f74
curl -X PUT --data-binary "@permissions-for-crick.json" -H "X-SBG-Auth-Token: ce7ae5ab85e946599298e88a3430fba0" 'http://cavatica-api.sbgenomics.com/v2/projects/rfranklin/my-project/members/crick/permissions'
Header Fields
Name | Description |
---|---|
X-SBG-Auth-Token required | Your CAVATICA authentication token. |
Path parameters
Name | Description |
---|---|
project | The short name of the project containing the project member. |
project_owner | The owner of the project containing the project member. |
username | The CAVATICA username of the user whose permissions you are overwriting. |
Query parameters
Name | Data type | Description |
---|---|---|
fields | string | Selector specifying a subset of fields to include in the response. |
Request body
In the body, you should enter a list of key-value pairs. The keys, and the values they take, are described in the following table.
Key | Data type of value | Description of value |
---|---|---|
"read" | Boolean: true or false | User can view file names, metadata, and workflows. They cannot view file contents. All members of a project have read permissions by default. Even if you try setting read permissions to false , they will still default to true . |
"write" | Boolean: true or false | User can add, modify, and remove files and workflows in a project. Set value to true to assign the user copy permission. Set to false to remove copy permission. |
"copy" | Boolean: true or false | User can view file content, copy, and download files from a project. Set value to true to assign the user copy permission. Set to false to remove copy permission. |
"execute" | Boolean: true or false | User can execute workflows and abort tasks in a project. Set value to true to assign the user copy permission. Set to false to remove copy permission. |
"admin" | Boolean: true or false | User can modify another user's permissions on a project, add or remove people from the project and manage funding sources. They also have all of the above permissions. Set value to true to assign the user copy permission. Set to false to remove copy permission. |
Example request body
{
"read": true,
"write": true,
"copy": true,
"execute": true,
"admin": false
}
Response
See a list of CAVATICA-specific response codes that may be contained in the body of the response.
Example response body
{
"write": true,
"read": true,
"copy": true,
"execute": true,
"admin": false
}