Permissions
Sachet offers a selection of permissions that can be assigned to users, which manage their access to certain endpoints.
Serialization
In Sachet’s JSON API, permissions are serialized as an array of string codes. These codes are documented in Table of permissions.
For instance, here is an example output for GET /users/user:
{
"permissions": [
"CREATE",
"DELETE",
"LIST",
"READ"
],
"register_date": "2023-05-08T18:57:27.982479",
"username": "user"
}
Table of permissions
The following is a table of permissions Sachet offers, and what they do:
Permission |
Code |
Description |
|---|---|---|
Create shares |
|
Allows uploading files to Sachet. |
Modify shares |
|
Allows users to modify their own shares’ contents and metadata. |
Delete shares |
|
Allows users to delete any share. |
Lock shares |
|
Allows users to lock and unlock shares (see Lock API). |
List shares |
|
Allows users to list all shares from all users. |
Read shares |
|
Allows users to read any share. |
Administration |
|
Allows creating users and managing their permissions. |
Whoami API
Information about the current user and their permissions can be obtained through this API.
GET /whoami will return a result like this:
{
"username": "user",
"permissions": ["READ", "CREATE"]
}
permissions will be serialized as in Serialization.
If the user is not currently signed in, username will be null.