Patches the security policies for the repository.
Base Request
PATCH /api/repository/security/policies
Query Parameters
Parameter | Description | Type | Required | Notes |
---|---|---|---|---|
validateOnly | True/false indicator of only validating security policy changes without applying them. | Boolean | Optional | Default is false. |
Headers
Header Name | Description | Required | Values |
---|---|---|---|
Authorization | The access token | Required |
Bearer [access_token]
where [access_token] is a string generated when you complete authentication (see Getting Started) |
User-Agent | Identity of the client making the request to the server | Required |
[product]/[version]
where [product] is the name of the software you are using to make the request and [version] is the numbered version of the software (for example, MyCompanyProduct/1.0). For information on other types of values commonly included in user-agent request headers, see the User-Agent HTTP header reference section on the Mozilla developer documentation website. |
HXCS-REPOSITORY | The repository ID | Optional | Any contributed repository name. Default is default. |
Accept | The format of the data to be returned | Optional | application/vnd.hxcs.v1+json |
Content-Type | The format of the data to be posted | Optional | application/json-patch+json |
Request Body
Element | Description | Type | Required | Notes |
---|---|---|---|---|
op | Operation to take to patch the security policies. | string | Required | Values include add, remove, replace, move, and test. |
path | Path to the object in the content model on which to perform the patching operation. | string | Required | None |
Sample Request
PATCH /api/repository/security/policies?validateOnly=true
Authorization: Bearer [access_token]
User-Agent: MyCompanyProduct/1.0
HXCS-REPOSITORY: default
Accept: application/vnd.hxcs.v1+json
Content-Type: application/json-patch+json
[
{
"op": "add",
"path": "/organisational_clearance",
"value": {
"engine": "securitylevel",
"contentTypes": [
"Invoice"
],
"mixin": "Organisation",
"userAttribute": "rank"
}
},
{
"op": "replace",
"path": "/security_clearance/userAttribute",
"value": "user_clearance"
},
{
"op": "test",
"path": "/security_clearance/userAttribute",
"value": "user_clearance"
}
]
Response Body
See Security for more information on the common elements listed in the body of the following sample response.
Sample Response
{ "organisational_clearance": { "engine": "securitylevel", "contentTypes": [ "Invoice" ], "mixin": "Organisation", "userAttribute": "rank" }, "security_clearance": { "engine": "securitylevel", "contentTypes": [ "Contract" ], "mixin": "Clearance", "userAttribute": "user_clearance" } }
Status Codes and Errors
The following table lists the returned status codes.
Code | Description | Notes |
---|---|---|
200 | OK | Patches and returns the security policies for the repository. |
204 | No Content | The provided security policies are valid and can be applied. |
401 | Not Authorized | Authentication has failed or was not provided. |
403 | Not Allowed | Access permissions are invalid or missing. |
404 | Not Found | The repository could not be found. |
422 | Unprocessable Entity | Updates to the security policies have failed due to a validation error. |