From ef853643a7dbbe0be0820b78d04d733234ad9061 Mon Sep 17 00:00:00 2001 From: Steven Winship <39765413+stevenwinship@users.noreply.github.com> Date: Mon, 7 Oct 2024 15:43:36 -0400 Subject: [PATCH] updated docs --- .../6467-optimize-permission-lookups-for-a-user.md | 2 +- doc/sphinx-guides/source/api/native-api.rst | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/release-notes/6467-optimize-permission-lookups-for-a-user.md b/doc/release-notes/6467-optimize-permission-lookups-for-a-user.md index 7cc3f56d762..f0f01089870 100644 --- a/doc/release-notes/6467-optimize-permission-lookups-for-a-user.md +++ b/doc/release-notes/6467-optimize-permission-lookups-for-a-user.md @@ -4,6 +4,6 @@ The following API have been added: This API lists the dataverses/collections that the user has access to via the permission passed. By passing "any" as the permission the list will return all dataverse/collections that the user can access regardless of which permission is used. -This API can be executed only by superusers. +This API can be executed only by the User requesting their own list of accessible collections or by Administrators. Valid Permissions are: AddDataverse, AddDataset, ViewUnpublishedDataverse, ViewUnpublishedDataset, DownloadFile, EditDataverse, EditDataset, ManageDataversePermissions, ManageDatasetPermissions, ManageFilePermissions, PublishDataverse, PublishDataset, DeleteDataverse, DeleteDatasetDraft, and "any" as a wildcard option. diff --git a/doc/sphinx-guides/source/api/native-api.rst b/doc/sphinx-guides/source/api/native-api.rst index da9823d81c2..8e9a9bf4be1 100644 --- a/doc/sphinx-guides/source/api/native-api.rst +++ b/doc/sphinx-guides/source/api/native-api.rst @@ -6019,7 +6019,7 @@ List Dataverse collections a user can act on based on a particular permission :: GET http://$SERVER/api/users/$identifier/allowedCollections/$permission -.. note:: This API can only be called by an Administrator +.. note:: This API can only be called by an Administrator or by a User requesting their own list of accessible collections. The ``$identifier`` is the username of the requested user. The ``$permission`` is the permission (tied to the roles) that gives the user access to the collection.