Resource Access Grants

Search
Feedback

Any resource in Structr can be accessed via REST in the common JSON format. Each type automatically defines a REST endpoint.

In order to protect these endpoint URLs, Structr has a built-in access control engine which lets administrators control the specific access rights for each type endpoint.

Example

In the following screenshot the resource access grants table has been filtered to only show grants whose signature contains “Sample”.

Resource Access Grants Table

We can see the following settings:

  • Non-authenticated (public) users are allowed to perform GET-operations on /structr/rest/SampleApplication which will load the public view
  • Non-authenticated (public) users are allowed to perform GET-operations on /structr/rest/SampleApplication/CustomView which will load the CustomView view
  • Authenticated users are allowed to perform both GET-operations as well
  • Authenticated users are allowed to perform POST operations on /structr/rest/SampleApplication which allows them to create instances of SampleApplication
  • Authenticated users are allowed to perform POSToperations on /structr/rest/SampleApplication/SampleMethod which allows them to call the custom method SampleMethod on instances of type SampleApplication.

Graph-Browser

Related Articles
About this article
Last change 2017-05-08
Topics RESTStructr 2.0