User ID

Location /api/apps/{appID}/users/me/topics/{topicID}/acl/{ACLVerb}/UserID:{subjectUserID}
This resource represents a user that acts as a subject.

Request Headers (Applies to all methods)

Authorization
header
Required: Yes

GET

/api/apps/{appID}/users/me/topics/{topicID}/acl/{ACLVerb}/UserID:{subjectUserID}

Description

Check if the user has the permission to perform the specified verb on the taget resource.

Security

The administrator can always perform this action.
For other users, actors who can perform this action depends on the target resource:

  • User scope: the user.
  • Group scope: the group owner.
  • Thing scope: the thing or a thing owner.
  • Bucket: the scope owner.
  • Object: the scope owner and the object owner.
  • Topic: the scope owner and the topic creator.

Headers
Name Required? type Description
Authorization Yes string Authorization header. OAuth2 Bearer token
URL Params
Name Required? type Description
subjectUserID Yes string The userID
Responses
200

Content-Type application/vnd.kii.ACLSubjectRetrievalResponse+json

The user has the permission granted. The response is a JSON object containing the userID of this subject.
404

Content-Type application/vnd.kii.UserNotFoundException+json

The user was not found.
Contents
Name Type Description
errorCode string Error code "USER_NOT_FOUND".
message string The error message.
field string The field used for searching the user. This can be the userID or address field.
value string The field value used for searching the user.
appID string The ID of the application.
404

Content-Type application/vnd.kii.TopicNotFoundException+json

The topic was not found.
Contents
Name Type Description
errorCode string Error code "TOPIC_NOT_FOUND".
message string The error message.
topicID string The ID of the topic that is not found
objectScope ObjectScope The scope of the topic
appID string The ID of the application.
userID string The ID of the user. Only provided for a user-scope bucket.
groupID string The ID of the group. Only provided for a group-scope bucket.
thingID string The ID of the thing. Only provided for a thing-scope bucket.
type string One of "APP", "APP_AND_USER", "APP_AND_GROUP", or "APP_AND_THING".
401

Content-Type application/vnd.kii.UnauthorizedAccessException+json

Not authorized to read the ACL of the target resource.
Contents
Name Type Description
errorCode string Error code "UNAUTHORIZED".
message string The error message.
authenticatedAppID string The authenticated appID.
authenticatedPrincipalID string The authenticated principal ID (userID or thingID).

PUT

/api/apps/{appID}/users/me/topics/{topicID}/acl/{ACLVerb}/UserID:{subjectUserID}

Description

Grant the permission to perform the specified verb on the target resource to the user.

Security

The administrator can always perform this action.
For other users, actors who can perform this action depends on the target resource:

  • User scope: the user.
  • Group scope: the group owner.
  • Thing scope: the thing or a thing owner.
  • Bucket: the scope owner.
  • Object: the scope owner and the object owner.
  • Topic: the scope owner and the topic creator.

Note

This request requires empty body.

Headers
Name Required? type Description
Authorization Yes string Authorization header. OAuth2 Bearer token
URL Params
Name Required? type Description
subjectUserID Yes string The userID
Responses
204

Content-Type (None)

The permission has been granted successfully to the user.
Note This response has no contents.
404

Content-Type application/vnd.kii.UserNotFoundException+json

The user was not found.
Contents
Name Type Description
errorCode string Error code "USER_NOT_FOUND".
message string The error message.
field string The field used for searching the user. This can be the userID or address field.
value string The field value used for searching the user.
appID string The ID of the application.
404

Content-Type application/vnd.kii.TopicNotFoundException+json

The topic was not found.
Contents
Name Type Description
errorCode string Error code "TOPIC_NOT_FOUND".
message string The error message.
topicID string The ID of the topic that is not found
objectScope ObjectScope The scope of the topic
appID string The ID of the application.
userID string The ID of the user. Only provided for a user-scope bucket.
groupID string The ID of the group. Only provided for a group-scope bucket.
thingID string The ID of the thing. Only provided for a thing-scope bucket.
type string One of "APP", "APP_AND_USER", "APP_AND_GROUP", or "APP_AND_THING".
401

Content-Type application/vnd.kii.UnauthorizedAccessException+json

Not authorized to modify the ACL of the target resource.
Contents
Name Type Description
errorCode string Error code "UNAUTHORIZED".
message string The error message.
authenticatedAppID string The authenticated appID.
authenticatedPrincipalID string The authenticated principal ID (userID or thingID).
409

Content-Type application/vnd.kii.ACLAlreadyExistsException+json

Th user already has the permission granted.
Contents
Name Type Description
errorCode string Error code "ACL_ALREADY_EXISTS".
message string The error message.

DELETE

/api/apps/{appID}/users/me/topics/{topicID}/acl/{ACLVerb}/UserID:{subjectUserID}

Description

Revoke the permission to perform the specified verb on the target resource from the user.

Security

The administrator can always perform this action.
For other users, actors who can perform this action depends on the target resource:

  • User scope: the user.
  • Group scope: the group owner.
  • Thing scope: the thing or a thing owner.
  • Bucket: the scope owner.
  • Object: the scope owner and the object owner.
  • Topic: the scope owner and the topic creator.

Headers
Name Required? type Description
Authorization Yes string Authorization header. OAuth2 Bearer token
URL Params
Name Required? type Description
subjectUserID Yes string The userID
Responses
204

Content-Type (None)

The permission has been revoked successfully from the user.
Note This response has no contents.
404

Content-Type application/vnd.kii.UserNotFoundException+json

The user was not found.
Contents
Name Type Description
errorCode string Error code "USER_NOT_FOUND".
message string The error message.
field string The field used for searching the user. This can be the userID or address field.
value string The field value used for searching the user.
appID string The ID of the application.
404

Content-Type application/vnd.kii.TopicNotFoundException+json

The topic was not found.
Contents
Name Type Description
errorCode string Error code "TOPIC_NOT_FOUND".
message string The error message.
topicID string The ID of the topic that is not found
objectScope ObjectScope The scope of the topic
appID string The ID of the application.
userID string The ID of the user. Only provided for a user-scope bucket.
groupID string The ID of the group. Only provided for a group-scope bucket.
thingID string The ID of the thing. Only provided for a thing-scope bucket.
type string One of "APP", "APP_AND_USER", "APP_AND_GROUP", or "APP_AND_THING".
401

Content-Type application/vnd.kii.UnauthorizedAccessException+json

Not authorized to modify the ACL of the target resource.
Contents
Name Type Description
errorCode string Error code "UNAUTHORIZED".
message string The error message.
authenticatedAppID string The authenticated appID.
authenticatedPrincipalID string The authenticated principal ID (userID or thingID).
404

Content-Type application/vnd.kii.ACLNotFoundException+json

Failed to revoke because the user did not have the permission granted.
Contents
Name Type Description
errorCode string Error code "ACL_NOT_FOUND".
message string The error message.
409

Content-Type application/vnd.kii.OperationNotAllowedException+json

Cannot revoke an implicit ACL entry.
Contents
Name Type Description
errorCode string Error code "OPERATION_NOT_ALLOWED".
message string The error message.