Application Programming Interface Guide > Web Services Operations > Operations Reference > updateResourcePrivileges
 
updateResourcePrivileges
Set the privilege information for a list of resources.
Only a user with GRANT privilege on a resource can modify the privileges for that resource. The owner of a resource always has GRANT privilege, as do users with the MODIFY_ALL_RESOURCES right.
When mode is OVERWRITE_APPEND, or is not supplied, privileges are applied by user or by group, so that updating privileges for one user or group does not alter privileges from any other user or group. The privileges applied for a user or group replace the previous value for that user or group. When mode is SET_EXACTLY, all privileges on the resource are made to look exactly like the provided privileges.
When updateRecursively is FALSE, the privileges are applied only to the specified resources. When it is TRUE, the privileges are recursively applied into any CONTAINER or DATA_SOURCE resource specified. When recursively applying privileges, the privilege change is ignored for any resource for which the user lacks owner privileges.
Privileges that are not applicable for a given resource type are automatically reduced to the set that is legal for each resource:
TABLE resources support NONE, READ, WRITE, SELECT, INSERT, UPDATE, and DELETE.
PROCEDURE resources support NONE, READ, WRITE, and EXECUTE.
All other resource types only support NONE, READ, and WRITE.
The combinedPrivs and inheritedPrivs elements on each privilegeEntry are ignored and can be left unset.
Note: Operations Reference, contains an example of how to set the request elements for this operation.
Location
/services/webservices/system/admin/resource/operations/
Request Elements
updateRecursively: If TRUE, all children of the given resources are recursively updated with the privileges assigned to their parent.
updateDependenciesRecursively (optional): If TRUE, all dependencies of the given resources are recursively updated with the privileges assigned to their parent.
privilegeEntries: List of resource names, types, and privileges.
mode (optional): Determines whether to merge privileges with existing ones:
OVERWRITE_APPEND: Merges and does not update privileges for users or groups not mentioned. Default.
SET_EXACTLY: Makes privileges look exactly like those provided in the call.
Response Elements
N/A
Faults
IllegalArgument: If any path is malformed, or any type or privilege entry is illegal, or mode is not one of the legal values.
NotAllowed: If an attempt is made to use this operation with an insufficient license.
NotFound: If a path refers to a resource that does not exist.
NotFound: If an unknown domain is provided.
NotFound: If an unknown user is provided.
NotFound: If an unknown group is provided.
Security: If for a given entry path the user does not have READ access on any item in a path other than the last item, or does not have GRANT access on the last item.
Security: If the user does not have the ACCESS_TOOLS right.