Acl
"ACL request" response
An ACL request object can be describe by the following fields:
| Name | Type | Comment |
|---|---|---|
| id | int | the id of the request |
| transaction | Transaction object | the transaction related to the request |
| requester | User object | the transaction related to the request |
| receiver | User object | the transaction related to the request |
| resource | array | description of the resource involved |
| comment | string | comment to the receiver |
| status | string | current status of the request: pending, accepted, rejected |
| created_at | string | date of the creation |
| updated_at | string | last update |
Create ACL request
- Endpoint:
POST /transactions/{id}/acl
- Allowed for:
users that has right transaction.update (admin or user assigned to the transaction only)
| Name | Type | Mandatory | Comment |
|---|---|---|---|
| resource | string | yes | the type of resource on the one we want to request access lead, owner or property |
| comment | string | yes | a comment to the receiver |
- JSON request example:
{
"acl": {
"resource": {
"type": "lead"
},
"comment": "foo"
}
}
- JSON response:
This endpoint will return a Transaction ACL request object.
Update ACL request
- Endpoint:
PATCH /transactions/acl/{id}
- Allowed for:
User marked as receiver of the related ACL request.
| Name | Type | Mandatory | Comment |
|---|---|---|---|
| op | string | yes | Operation to execute (replace) |
| path | string | yes | Path status to update the status |
| value | object | yes | status value (accepted or rejected) + the reason (optional) |
- JSON request example:
{
"operations": [
{"op": "replace", "path": "/status", "value": {"status":"accepted", "reason":"ok but give me 5%"}}
]
}
Delete ACL request
- Endpoint:
DELETE /transactions/acl/{id}
- Allowed for:
User marked as requester of the related ACL request.
API will return code 204 if the resource has been deleted with success.