Magnolia 5.6 reached end of life on June 25, 2020. This branch is no longer supported, see End-of-life policy.
...
HTTP method | URI security required | JCR access security | Specific role based security | |
---|---|---|---|---|
delivery | GET | /.rest/delivery/v1/{workspace}/{path} | read access for a path on a workspace | - |
nodes | GET | /.rest/nodes/v1/{workspace}/{path} | read access for a path on a workspace | - |
PUT | /.rest/nodes/v1/{workspace}/{path} | read&write access for a path on a workspace | - | |
POST | /.rest/nodes/v1/{workspace}/{path} | read&write access for a path on a workspace | - | |
DELETE | /.rest/nodes/v1/{workspace}/{path} | read&write access for a path on a workspace | - | |
properties | GET | /.rest/nodes/v1/{workspace}/{path} | read access for a path on a workspace | - |
PUT | /.rest/nodes/v1/{workspace}/{path} | read&write access for a path on a workspace | - | |
POST | /.rest/nodes/v1/{workspace}/{path} | read&write access for a path on a workspace | - | |
DELETE | /.rest/nodes/v1/{workspace}/{path} | read&write access for a path on a workspace | - | |
commands | POST | /.rest/commands/v2/{catalogName}/{command} | - | required |
<EOF: note from chm>
...
The REST module installs a rest
role which has the permission to issue requests to the nodes
and properties
endpoints by default.<I recommend describing the purpose of the 3 rest roles below.>four default roles with the following permissions:
Multiexcerpt include | ||||||
---|---|---|---|---|---|---|
|
The superuser
account The superuser account has the rest-admin
role by default so you can use superuser to test your requests. However, for production use you should create a dedicated account for custom REST role. The anonymous
account role is specifically denied access to the REST endpoints.
We recommend to Magnolia recommends you create custom rest REST roles which grant granting specific access for specific use cases - but not more..
Todo | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
To be further specified into
|
...
|
Include Page | ||||
---|---|---|---|---|
|
Note |
---|
...
You can make sweeping changes with commands, such as bypassing approval and deleting the whole site. Commands are therefore subject to a special security restrictions. |
To enable the use of commands through REST:
rest-admin
role a permission to the issue to issue requests to the commands
endpoint. Permission to the endpoint is denied by default. Add a new rule./modules/rest-services/rest-endpoints/commands/enabledCommands
....