mirror of
https://github.com/grafana/grafana.git
synced 2025-07-28 01:42:07 +08:00
13cf67de53
* manually replce all shared relrefs * relref replace - grafana next * Merge branch 'master' into robbymilo/relref-replace-grafana-next * manual fixes * remove ref shortcode * Merge branch 'master' into robbymilo/relref-replace-grafana-next * prettier * fix test * update readme
179 lines
3.9 KiB
Markdown
179 lines
3.9 KiB
Markdown
---
|
|
aliases:
|
|
- ../../http_api/dashboardpermissions/
|
|
- ../../http_api/folder_permissions/
|
|
canonical: /docs/grafana/latest/developers/http_api/folder_permissions/
|
|
description: Grafana Folder Permissions HTTP API
|
|
keywords:
|
|
- grafana
|
|
- http
|
|
- documentation
|
|
- api
|
|
- folder
|
|
- permission
|
|
- permissions
|
|
- acl
|
|
labels:
|
|
products:
|
|
- enterprise
|
|
- oss
|
|
title: Folder Permissions HTTP API
|
|
---
|
|
|
|
# Folder Permissions API
|
|
|
|
This API can be used to update/get the permissions for a folder.
|
|
|
|
Permissions with `folderId=-1` are the default permissions for users with the Viewer and Editor roles. Permissions can be set for a user, a team or a role (Viewer or Editor). Permissions cannot be set for Admins - they always have access to everything.
|
|
|
|
The permission levels for the permission field:
|
|
|
|
- 1 = View
|
|
- 2 = Edit
|
|
- 4 = Admin
|
|
|
|
> If you are running Grafana Enterprise, for some endpoints you'll need to have specific permissions. Refer to [Role-based access control permissions](/docs/grafana/latest/administration/roles-and-permissions/access-control/custom-role-actions-scopes/) for more information.
|
|
|
|
## Get permissions for a folder
|
|
|
|
`GET /api/folders/:uid/permissions`
|
|
|
|
Gets all existing permissions for the folder with the given `uid`.
|
|
|
|
**Required permissions**
|
|
|
|
See note in the [introduction](#folder-permission-api) for an explanation.
|
|
|
|
| Action | Scope |
|
|
| -------------------------- | ----------- |
|
|
| `folders.permissions:read` | `folders:*` |
|
|
|
|
**Example request**:
|
|
|
|
```http
|
|
GET /api/folders/nErXDvCkzz/permissions HTTP/1.1
|
|
Accept: application/json
|
|
Content-Type: application/json
|
|
Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk
|
|
```
|
|
|
|
**Example Response**
|
|
|
|
```http
|
|
HTTP/1.1 200 OK
|
|
Content-Type: application/json; charset=UTF-8
|
|
Content-Length: 551
|
|
|
|
```
|
|
|
|
Status Codes:
|
|
|
|
- **200** - Ok
|
|
- **401** - Unauthorized
|
|
- **403** - Access denied
|
|
- **404** - Folder not found
|
|
|
|
## Update permissions for a folder
|
|
|
|
`POST /api/folders/:uid/permissions`
|
|
|
|
Updates permissions for a folder. This operation will remove existing permissions if they're not included in the request.
|
|
|
|
**Required permissions**
|
|
|
|
See note in the [introduction](#folder-permission-api) for an explanation.
|
|
|
|
| Action | Scope |
|
|
| --------------------------- | ----------- |
|
|
| `folders.permissions:write` | `folders:*` |
|
|
|
|
**Example request**:
|
|
|
|
```http
|
|
POST /api/folders/nErXDvCkzz/permissions
|
|
Accept: application/json
|
|
Content-Type: application/json
|
|
Authorization: Bearer eyJrIjoiT0tTcG1pUlY2RnVKZTFVaDFsNFZXdE9ZWmNrMkZYbk
|
|
{
|
|
"items": [
|
|
{
|
|
"role": "Viewer",
|
|
"permission": 1
|
|
},
|
|
{
|
|
"role": "Editor",
|
|
"permission": 2
|
|
},
|
|
{
|
|
"teamId": 1,
|
|
"permission": 1
|
|
},
|
|
{
|
|
"userId": 11,
|
|
"permission": 4
|
|
}
|
|
]
|
|
}
|
|
```
|
|
|
|
JSON body schema:
|
|
|
|
- **items** - The permission items to add/update. Items that are omitted from the list will be removed.
|
|
|
|
**Example response**:
|
|
|
|
```http
|
|
HTTP/1.1 200 OK
|
|
Content-Type: application/json; charset=UTF-8
|
|
Content-Length: 35
|
|
|
|
```
|
|
|
|
Status Codes:
|
|
|
|
- **200** - Ok
|
|
- **401** - Unauthorized
|
|
- **403** - Access denied
|
|
- **404** - Dashboard not found
|