The API supports GET, POST, and DELETE calls. All the endpoints take the “id” parameter, which takes the form of a number. Ex.77411856592.
Read Permissions (ACLs)
Request:
GET /repo/(connectorId)/acls?id=(id)&isFolder=(isFolder)
Description:
Retrieves a list of in the format of [“UserName(UserId):Role”,….. ] You will need to extract the UserId or Name from each item for use in POST/DELETE request.
Path Parameters:
connectorId: The connector ID of your content service connector
Query Parameters:
id: The repository id of the item.
Optional Parameters:
isFolder: Is the item a folder? Default is false.
GET repo/box/acls?id=77411856592&isFolder=true
Returns:
{
"results": [ "M Lugert(77567866603):EDITOR", "JLipton(77422856603):VIEWER" ],
"success": true
}
Example With CURL
curl -u admin:admin "localhost:8081/3sixty-admin/api/repo/**box/acls?id=77411856592
&isFolder=true**" | json_pp
Write Permssions (ACLs)
Request:
POST /repo/(connectorid)/acls?id=(id)&acls=(acls)&isFolder=(isFolder)&viewPath=(viewPath)¬ify=(notify)&isGroup=(isGroup)
Description:
Adds acls to the selected document. It is important to note that Box collaborations are inherited from the parents. The parent of the item must also have the collaboration being added or a 403 response will occur.
Path Parameters:
connectorid: The connector id of your content service connector
Query Parameters:
id: The repository id of the item. acls: A JSON Object in the format {“User1”:”Permission1”,”User2”:”Permission2”} Optional Parameters: Applied for each pair in acls isFolder: Is the item a folder? Default is false. viewPath: Dictates whether the collaborator can view the parent path of the item. Default true. notify: If true, will send a notification for each collaboration created. Default false. isGroup: If true, will attempt use the supplied id to add collaboration for a group. Default false
This will not work with an email address as groups don’t have them
Example from Postman
POST repo/box/acls?id=77411856592&acls={“testuser@box.com”:”EDITOR”}¬ify=true&isFolder=true
Returns:
{
"results": [
"M Lugert(77567866603):EDITOR",
"J Lipton(77422856603):VIEWER",
"testuser@box.com(77427777603):EDITOR"
],
"success": true
}
Example With CURL
curl -u admin:admin -X POST
"localhost:8081/3sixty-admin/api/repo/**box/acls?id=77411856592&acls={"testuser@box.com":"EDITOR"}¬ify=true&isFolder=true**"
| json_pp
Delete Permissions (ACLs)
Request:
DELETE /repo/(connectorid)/acls?id=(id)&aclId=(aclId)&isFolder=(isFolder)
Description:
Removes the permissions for the supplied User or Group IDs from and item.
Path Parameters:
connectorid: The connector id of your content service connector
Query Parameters:
id: The repository id of the item.
aclId: A comma delimited list of User or Group Ids to remove from the item
Optional Parameters:
isFolder: Is the item a folder? Default is false. DELETE repo/box/acls?id=77411856592&isFolder=true&aclId=testuser@box.com,77422856603
Returns:
{
"success": true
}
The following GET call should produce:
{
"results": [
"M Lugert(77567866603):EDITOR"
],
"success": true
}
Example With CURL
curl -u admin:admin
"localhost:8081/3sixty-admin/repo/box/acls?id=77411856592&isFolder=true&aclId=testuser@box.com,77422856603"
| json_pp