Authorization API
Centralized permission checks for resources.
Endpoints Overview
| Method | Endpoint | Description |
|---|---|---|
| POST | /authorization/check | Check single permission |
| POST | /authorization/check-batch | Check multiple permissions |
| GET | /authorization/permissions/{resource_type}/{resource_id} | Get all permissions for a resource |
check Permission
POST /authorization/check
Check if the current user can perform a specific action on a resource.
Request Body
{
"resource_type": "product",
"resource_id": "uuid-of-resource",
"action": "edit",
"space_id": "uuid-of-space",
"context": {
"additional_info": "value"
}
}
resource_type: e.g.,product,comment,ticket,meeting,requestaction: e.g.,view,edit,delete,create,approveresource_id: Optional for create actionsspace_id: Required for create actions
Response
{
"allowed": true,
"reason": "User is owner"
}
Batch Check
POST /authorization/check-batch
Perform multiple permission checks in a single request.
Request Body
{
"checks": [
{
"resource_type": "product",
"resource_id": "uuid-1",
"action": "view"
},
{
"resource_type": "product",
"resource_id": "uuid-1",
"action": "edit"
}
]
}
Response
{
"results": [
{
"allowed": true,
"reason": "Public product"
},
{
"allowed": false,
"reason": "Insufficient permissions"
}
]
}
Get Resource Permissions
GET /authorization/permissions/{resource_type}/{resource_id}
Get a complete list of permissions for a specific resource.
Query Parameters
| Parameter | Type | Description |
|---|---|---|
space_id | uuid | Optional space context |
Response
{
"allowed": true,
"reason": "Access granted",
"permissions": {
"view": true,
"edit": false,
"delete": false,
"approve": false
}
}