Describes the permissions levels that a user has for permissioned features. When the client sends this, Permissions.read and Permissions.write are the additional permissions granted to a user on top of what they have via their roles. When the server sends this, Permissions.read and Permissions.write are the complete (merged) set of permissions the user has, and Permissions.roles is just for display purposes.
| Field | Type | Required | Description |
|---|---|---|---|
can_admin_search |
Optional[bool] | ➖ | TODO--deprecate in favor of the read and write properties. True if the user has access to /adminsearch |
can_admin_client_api_global_tokens |
Optional[bool] | ➖ | TODO--deprecate in favor of the read and write properties. True if the user can administrate client API tokens with global scope |
can_dlp |
Optional[bool] | ➖ | TODO--deprecate in favor of the read and write properties. True if the user has access to data loss prevention (DLP) features |
read |
Dict[str, List[models.ReadPermission]] | ➖ | Describes the read permission levels that a user has for permissioned features. Key must be PermissionedFeatureOrObject |
write |
Dict[str, List[models.WritePermission]] | ➖ | Describes the write permissions levels that a user has for permissioned features. Key must be PermissionedFeatureOrObject |
grant |
Dict[str, List[models.GrantPermission]] | ➖ | Describes the grant permission levels that a user has for permissioned features. Key must be PermissionedFeatureOrObject |
role |
Optional[str] | ➖ | The roleId of the canonical role a user has. The displayName is equal to the roleId. |
roles |
List[str] | ➖ | The roleIds of the roles a user has. |