Overview
The following operations allow you to work with Access Control List (ACL). Click an operation name to see details on how to use it.
Operation | Description |
---|---|
createAcl | Creates an access control rule. |
deleteAcl | Deletes an access control rule. |
getAcl | Returns an access control rule. |
listAcl | Returns the rules in the access control list for the calendar. |
patchAcl | Updates an access control rule. This method supports patch semantics. |
updateAcl | Updates an access control rule. |
For a sample proxy service that illustrates how to work with ACL, see Sample configuration .
Operation details
Following is more information about each of the operations.
Creating an access control rule
To create an access control rule, use googlecalendar.createAcl
and specify the relevant properties.
<googlecalendar.createAcl> <calendarId>{$ctx:calendarId}</calendarId> <role>{$ctx:role}</role> <scope>{$ctx:scope}</scope> <fields>{$ctx:fields}</fields> <etag>{$ctx:etag}</etag> <id>{$ctx:id}</id> <kind>{$ctx:kind}</kind> </googlecalendar.createAcl>
Properties
calendarId
: Required - The calendar identifier.role
: Required - The role assigned to the scope.scope
: Required - The scope of the rule.fields
: Selector specifying which fields to include in a partial response.etag
: Etag of the resource.id
: Identifier of the ACL rule.kind
: Type of the resource.
Sample Request
Following is a sample REST request that can be handled by the createAcl
operation.
{ "apiUrl":"https://www.googleapis.com", "accessToken":"ya29.1.AADtN_U4D7QlpCENTskryzzoFr2WRAVlAkelqHt3MTgwgmtjES3WyyrabumPS9rUGD6mTPIr", "calendarId":"os6pbp1aj38ckstg69f6h6ji94@group.calendar.google.com", "fields":"etag,id,kind,role,scope", "kind": "calendar#aclRule", "etag": "ya29.1.AADtN_VTXJqi6S3XJpHi3TqyHe26BXh70i3hJAr-owIp--qk4sEp7iXsyiMi0PrxwgrZN84D", "id": "user:amsherihan@gmailcom", "scope": { "type": "user", "value": "amsherihan@gmailcom" }, "role": "reader" }
Following is more information about the parameters in the sample request:
fields
: The values that belong to an ACL resource such asetag
,id
,kind
,role
andscope
. If the field is an object, a forward slash (/) can be used to access the fields that are within the object. For example,scope/type
can be specified to retrieve only the type value of a scope.role
: Possible values are as follows:none
: Provides no access.freeBusyReader
: Provides read access to free/busy information.reader
: Provides read access to the calendar. Private events will appear to users with reader access, but event details will be hidden.writer
: Provides read and write access to the calendar. Private events will appear to users with writer access, and event details will be visible.owner
: Provides ownership of the calendar. This role has all the permissions of the writer role with the additional ability to view and manipulate ACLs.
scope
: Possible values are as follows:type
: Required - The type of the scope. Possible values are:default
- The public scope. This is the default value.user
- Limits the scope to a single user.group
- Limits the scope to a group.domain
- Limits the scope to a domain.
Note
The permission granted to the
default
scope type, which is also the public scope, applies to any user, authenticated or not.value
: Optional - The email address of a user or group, or the name of a domain, depending on the scope type. Omitted for the typedefault
.
Related Google Calendar documentation
https://developers.google.com/google-apps/calendar/v3/reference/acl/insert
Deleting an access control rule
To deletes an access control rule, use googlecalendar.deleteAcl
and specify the relevant properties.
<googlecalendar.deleteAcl> <calendarId>{$ctx:calendarId}</calendarId> <ruleId>{$ctx:ruleId}</ruleId> </googlecalendar.deleteAcl>
Properties
calendarId
: Required - The calendar identifier.ruleId
: Required - The ACL rule identifier.
Sample request
Following is a sample REST request that can be handled by the deleteAcl
operation.
{ "apiUrl":"https://www.googleapis.com", "accessToken":"ya29.1.AADtN_XF17wKmZyAKDOgH5IwwVODEun51mHUUaizoU5eM1evo3ntEFp1EODv_K9lmD7g9trH", "calendarId":"os6pbp1aj38ckstg69f6h6ji94@group.calendar.google.com", "ruleId":"user:amsherihan@gmailcom" }
Related Google Calendar documentation:
https://developers.google.com/google-apps/calendar/v3/reference/acl/delete
Returning an access control rule
To return an access control rule, use googlecalendar.getAcl
and specify the relevant properties.
<googlecalendar.getAcl> <calendarId>{$ctx:calendarId}</calendarId> <ruleId>{$ctx:ruleId}</ruleId> <fields>{$ctx:fields}</fields> </googlecalendar.getAcl>
Properties
calendarId
: Required - The calendar identifier.ruleId
: Required - The ACL rule identifier.fields
: Selector specifying which fields to include in a partial response.
Sample request
Following is a sample REST request that can be handled by the getAcl
operation.
{ "apiUrl":"https://www.googleapis.com", "accessToken":"ya29.1.AADtN_XF17wKmZyAKDOgH5IwwVODEun51mHUUaizoU5eM1evo3ntEFp1EODv_K9lmD7g9trH", "calendarId":"os6pbp1aj38ckstg69f6h6ji94@group.calendar.google.com", "ruleId":"user:abc@gmailcom", "fields":"etag,id,kind,role,scope" }
Following is more information about the fields
parameter in the sample request:
fields
: The values that belong to an ACL resource such asetag
,id
,kind
,role
andscope
. If the field is an object, a forward slash (/) can be used to access the fields that are within the object. For example,scope/type
can be specified to retrieve only the type value of a scope.
Related Google Calendar documentation
https://developers.google.com/google-apps/calendar/v3/reference/acl/get
Listing access control rules
To return the rules in the access control list for the calendar, use googlecalendar.listAcl
and specify the relevant properties.
<googlecalendar.listAcl> <calendarId>{$ctx:calendarId}</calendarId> <fields>{$ctx:fields}</fields> </googlecalendar.listAcl>
Properties
calendarId
: Required - Calendar identifier.fields
: Selector specifying which fields to include in a partial response.
Sample request
Following is a sample REST request that can be handled by the listAcl
operation.
{ "apiUrl":"https://www.googleapis.com", "accessToken":"ya29.1.AADtN_XF17wKmZyAKDOgH5IwwVODEun51mHUUaizoU5eM1evo3ntEFp1EODv_K9lmD7g9trH", "calendarId":"os6pbp1aj38ckstg69f6h6ji94@group.calendar.google.com", "fields":"kind,etag,items" }
Following is more information about the fields
parameter in the sample request:
fields
: The values that belong to an ACL resource such asetag
,id
,kind
,role
andscope
. If the field is an object, a forward slash (/) can be used to access the fields that are within the object. For example,scope/type
can be specified to retrieve only the type value of a scope.
Related Google Calendar documentation
https://developers.google.com/google-apps/calendar/v3/reference/acl/list
Updating an access control rule (Patch)
To update an access control rule, use googlecalendar.patchAcl
and specify the relevant properties.
<googlecalendar.patchAcl> <calendarId>{$ctx:calendarId}</calendarId> <ruleId>{$ctx:ruleId}</ruleId> <fields>{$ctx:fields}</fields> <role>{$ctx:role}</role> <scope>{$ctx:scope}</scope> <etag>{$ctx:etag}</etag> <id>{$ctx:id}</id> <kind>{$ctx:kind}</kind> </googlecalendar.patchAcl>
Properties
calendarId
: Required - The calendar identifier.ruleId
: Required - The ACL rule identifier.fields
: The fields to include in a partial response.role
: The role assigned to the scope.scope
: The scope of the rule.etag
: Etag of the resource.id
: Identifier of the ACL rule.kind
: Type of the resource.
Sample request
Following is a sample REST request that can be handled by the patchAcl
operation.
{ "apiUrl":"https://www.googleapis.com", "accessToken":"ya29.1.AADtN_U4D7QlpCENTskryzzoFr2WRAVlAkelqHt3MTgwgmtjES3WyyrabumPS9rUGD6mTPIr", "calendarId":"os6pbp1aj38ckstg646ji94@group.calendar.google.com", "ruleId":"user:abc@gmail.com", "fields":"etag,id,kind,role,scope", "etag": "uz4dSMPAwpogj1sIr_PP7Gm-AxY/MDAwMDEzOTUxNDI3NTM2NTEwMD", "id": "user:abc@gmailcom", "kind": "calendar#aclRule", "role": "writer", "scope": { "type": "user", "value": "abc@gmailcom" } }
Following is more information about the parameters in the sample request:
fields
: The values that belong to an ACL resource such asetag
,id
,kind
,role
andscope
. If the field is an object, a forward slash (/) can be used to access the fields that are within the object. For example,scope/type
can be specified to retrieve only the type value of a scope.role
: Possible values are as follows:none
- Provides no access.freeBusyReader
- Provides read access to free/busy information.reader
- Provides read access to the calendar. Private events will appear to users with reader access, but event details will be hidden.writer
- Provides read and write access to the calendar. Private events will appear to users with writer access, and event details will be visible.owner
- Provides ownership of the calendar. This role has all the permissions of the writer role with the additional ability to view and manipulate ACLs.
scope
: The scope object contains two fields as described below.type
: Required - The type of the scope. Possible values are:default
- The public scope. This is the default value.user
- Limits the scope to a single user.group
- Limits the scope to a group.domain
- Limits the scope to a domain.
Note
The permission granted to the
default
scope type, which is also the public scope, applies to any user, authenticated or not.- value: Optional - The email address of a user or group, or the name of a domain, depending on the scope type. Omitted for type "default".
Related Google Calendar documentation:
https://developers.google.com/google-apps/calendar/v3/reference/acl/patch
Updating an access control rule
To update an access control rule, use googlecalendar.updateAcl
and specify the relevant properties.
<googlecalendar.updateAcl> <calendarId>{$ctx:calendarId}</calendarId> <ruleId>{$ctx:ruleId}</ruleId> <fields>{$ctx:fields}</fields> <role>{$ctx:role}</role> <scope>{$ctx:scope}</scope> <etag>{$ctx:etag}</etag> <id>{$ctx:id}</id> <kind>{$ctx:kind}</kind> </googlecalendar.updateAcl>
Properties
calendarId
: Required - The calendar identifier.ruleId
: Required - The ACL rule identifier.fields
: The fields to include in a partial response.role
: The role assigned to the scope.scope
: The scope of the rule.etag
: Etag of the resource.id
: Identifier of the ACL rule.kind
: Type of the resource.
Sample request
Following is a sample REST request that can be handled by the updateAcl
operation.
{ "apiUrl":"https://www.googleapis.com", "accessToken":"ya29.1.AADtN_U4D7QlpCENTskryzzoFr2WRAVlAkelqHt3MTgwgmtjES3WyyrabumPS9rUGD6mTPIr", "calendarId":"os6pbp1aj38ckstg646ji94@group.calendar.google.com", "ruleId":"user:abc@gmail.com", "fields":"etag,id,kind,role,scope", "etag": "uz4dSMPAwpogj1sIr_PP7Gm-AxY/MDAwMDEzOTUxNDI3NTM2NTEwMD", "id": "user:abc@gmailcom", "kind": "calendar#aclRule", "role": "writer", "scope": { "type": "user", "value": "abc@gmailcom" } }
Related Google Calendar documentation:
https://developers.google.com/google-apps/calendar/v3/reference/acl/update
Sample configuration
Following is a sample proxy service that illustrates how to connect to Google Calendar with the init
operation as well as how to use the createAcl
operation to create an access control rule.
To view the sample request for this proxy, see sample request for the createAcl operation . You can use this sample as a template for using other operations in this category.
As a best practice, create a separate sequence for handling the response payload for errors. In the following sample, this sequence is faultHandlerSeq
.
<proxy xmlns="http://ws.apache.org/ns/synapse" name="googlecalendar_createAcl" transports="https,http" statistics="disable" trace="disable" startOnLoad="true"> <target> <inSequence onError="faultHandlerSeq"> <property name="apiUrl" expression="json-eval($.apiUrl)"/> <property name="accessToken" expression="json-eval($.accessToken)"/> <property name="calendarId" expression="json-eval($.calendarId)"/> <property name="role" expression="json-eval($.role)"/> <property name="scope" expression="json-eval($.scope)"/> <property name="fields" expression="json-eval($.fields)"/> <property name="etag" expression="json-eval($.etag)"/> <property name="id" expression="json-eval($.id)"/> <property name="kind" expression="json-eval($.kind)"/> <googlecalendar.init> <apiUrl>{$ctx:apiUrl}</apiUrl> <accessToken>{$ctx:accessToken}</accessToken> </googlecalendar.init> <googlecalendar.createAcl> <calendarId>{$ctx:calendarId}</calendarId> <role>{$ctx:role}</role> <scope>{$ctx:scope}</scope> <fields>{$ctx:fields}</fields> <etag>{$ctx:etag}</etag> <id>{$ctx:id}</id> <kind>{$ctx:kind}</kind> </googlecalendar.createAcl> <respond/> </inSequence> <outSequence> <send/> </outSequence> </target> <description/> </proxy>