Open AshleySetter opened 3 years ago
Hi
- If I have read and write access I can't add read access.
This is probably because the access you have is via a group membership ("grp": "a",
). I can't recall the reason off the top of my head (if there is one) but permissions as a result of group membership aren't transitive, as it were. I'll look into why this might be and update the documentation.
You should however be able to add other people to the group and subsequently remove them.
- If I additionally have a separate read access to a resource I can add access to others, but I can't revoke that access.
I think this will work if you specify the full addedBy
path, e.g. "ivan@nquiringminds.com/tdx.nqm-2.com,r1eFXRroHw,ash@nquiringminds.com/tdx.nqm-2.com"
Ok, thanks for the explanation.
Your right, I can remove access if I specify the full addedBy path like so:
api.removeResourceAccess("B1eP_5Q4vw", "anthony@nquiringminds.com/tdx.nqm-2.com", "ivan@nquiringminds.com/tdx.nqm-2.com,r1eFXRroHw,ash@nquiringminds.com/tdx.nqm-2.com", "B1eP_5Q4vw", ['r'])
.
Should it not require just one of the identities in the added by path to remove access?
I've found a couple of issues with adding/removing resource access.
1) If I have read and write access I can't add read access.
2) If I additionally have a separate read access to a resource I can add access to others, but I can't revoke that access.