This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 13 Next »



Overview

The following operations allow you to work with Access Control List (ACL). Click an operation name to see details on how to use it.

OperationDescription
createAclCreates an access control rule.
deleteAclDeletes an access control rule.
getAclReturns an access control rule.
listAclReturns the rules in the access control list for the calendar.
patchAcl
Updates an access control rule. This method supports patch semantics.
 updateAclUpdates an access control rule.

For a sample proxy service that illustrates how to work with ACL, see  Sample configuration .

Operation details

Following is more information about each of the operations.

Creating an access control rule

To create an access control rule, use googlecalendar.createAcl and specify the relevant properties.

createAcl
<googlecalendar.createAcl>
     <calendarId>{$ctx:calendarId}</calendarId>
     <role>{$ctx:role}</role>
     <scope>{$ctx:scope}</scope>
     <fields>{$ctx:fields}</fields>
     <etag>{$ctx:etag}</etag>
     <id>{$ctx:id}</id>
     <kind>{$ctx:kind}</kind>
</googlecalendar.createAcl>
Properties
  • calendarId: Required - The calendar identifier.
  • role: Required - The role assigned to the scope.
  • scope: Required - The scope of the rule.
  • fields: Selector specifying which fields to include in a partial response.
  • etag: Etag of the resource.
  • id: Identifier of the ACL rule.
  • kind: Type of the resource.
Sample Request

Following is a sample REST request that can be handled by the createAcl operation.

Sample Request for createAcl
{
	"apiUrl":"https://www.googleapis.com",
	"accessToken":"ya29.1.AADtN_U4D7QlpCENTskryzzoFr2WRAVlAkelqHt3MTgwgmtjES3WyyrabumPS9rUGD6mTPIr",
	"calendarId":"os6pbp1aj38ckstg69f6h6ji94@group.calendar.google.com",
	"fields":"etag,id,kind,role,scope",
	"kind": "calendar#aclRule",
	"etag": "ya29.1.AADtN_VTXJqi6S3XJpHi3TqyHe26BXh70i3hJAr-owIp--qk4sEp7iXsyiMi0PrxwgrZN84D",
	"id": "user:amsherihan@gmailcom",
	"scope": {
	    		"type": "user",
	    		"value": "amsherihan@gmailcom"
	  	    },
	"role": "reader"
}

Following is more information about the parameters in the sample request:

  • fields: The values that belong to an ACL resource such as etag, id, kind, role and scope. If the field is an object, a forward slash (/) can be used to access the fields that are within the object. For example, scope/type can be specified to retrieve only the type value of a scope.
  • role: Possible values are as follows:
    • none: Provides no access.
    • freeBusyReader: Provides read access to free/busy information.
    • reader: Provides read access to the calendar. Private events will appear to users with reader access, but event details will be hidden.
    • writer: Provides read and write access to the calendar. Private events will appear to users with writer access, and event details will be visible.
    • owner: Provides ownership of the calendar. This role has all the permissions of the writer role with the additional ability to view and manipulate ACLs.
  • scope: Possible values are as follows:
    • type: Required - The type of the scope. Possible values are:
      • default - The public scope. This is the default value.
      • user - Limits the scope to a single user.
      • group - Limits the scope to a group.
      • domain - Limits the scope to a domain.

    Note

    The permission granted to the default scope type, which is also the public scope, applies to any user, authenticated or not.

    • value: Optional - The email address of a user or group, or the name of a domain, depending on the scope type. Omitted for the type default.
Related Google Calendar documentation

https://developers.google.com/google-apps/calendar/v3/reference/acl/insert

Deleting an access control rule

To deletes an access control rule, use googlecalendar.deleteAcl and specify the relevant properties.

deleteAcl
<googlecalendar.deleteAcl>
 	<calendarId>{$ctx:calendarId}</calendarId>
    <ruleId>{$ctx:ruleId}</ruleId>
</googlecalendar.deleteAcl>
Properties
  • calendarId: Required - The calendar identifier.
  • ruleId: Required - The ACL rule identifier.
Sample request

Following is a sample REST request that can be handled by the deleteAcl operation. 

Sample Request for deleteAcl
{
	"apiUrl":"https://www.googleapis.com",
	"accessToken":"ya29.1.AADtN_XF17wKmZyAKDOgH5IwwVODEun51mHUUaizoU5eM1evo3ntEFp1EODv_K9lmD7g9trH",
	"calendarId":"os6pbp1aj38ckstg69f6h6ji94@group.calendar.google.com",
	"ruleId":"user:amsherihan@gmailcom"
}
Related Google Calendar documentation:

https://developers.google.com/google-apps/calendar/v3/reference/acl/delete

Returning an access control rule

To return an access control rule, use googlecalendar.getAcl and specify the relevant properties.

getAcl
<googlecalendar.getAcl>
	<calendarId>{$ctx:calendarId}</calendarId>
    <ruleId>{$ctx:ruleId}</ruleId>
    <fields>{$ctx:fields}</fields>
</googlecalendar.getAcl>
Properties
  • calendarId: Required - The calendar identifier.
  • ruleId: Required - The ACL rule identifier.
  • fields: Selector specifying which fields to include in a partial response.
Sample request

Following is a sample REST request that can be handled by the getAcl operation.

Sample request for getAcl
 {
	"apiUrl":"https://www.googleapis.com",
	"accessToken":"ya29.1.AADtN_XF17wKmZyAKDOgH5IwwVODEun51mHUUaizoU5eM1evo3ntEFp1EODv_K9lmD7g9trH",
	"calendarId":"os6pbp1aj38ckstg69f6h6ji94@group.calendar.google.com",
	"ruleId":"user:abc@gmailcom",
	"fields":"etag,id,kind,role,scope"
}

Following is more information about the fields parameter in the sample request:

  • fields: The values that belong to an ACL resource such as etag, id, kind, role and scope. If the field is an object, a forward slash (/) can be used to access the fields that are within the object. For example, scope/type can be specified to retrieve only the type value of a scope.
Related Google Calendar documentation

https://developers.google.com/google-apps/calendar/v3/reference/acl/get

Listing access control rules

To return the rules in the access control list for the calendar, use  googlecalendar.listAcl  and specify the relevant properties.

listAcl
<googlecalendar.listAcl>
	<calendarId>{$ctx:calendarId}</calendarId>
    <fields>{$ctx:fields}</fields>
</googlecalendar.listAcl>
Properties
  • calendarId: Required - Calendar identifier.
  • fields: Selector specifying which fields to include in a partial response.
Sample request

Following is a sample REST request that can be handled by the listAcl operation. 

Sample request for listAcl
 {
	"apiUrl":"https://www.googleapis.com",
	"accessToken":"ya29.1.AADtN_XF17wKmZyAKDOgH5IwwVODEun51mHUUaizoU5eM1evo3ntEFp1EODv_K9lmD7g9trH",
	"calendarId":"os6pbp1aj38ckstg69f6h6ji94@group.calendar.google.com",
	"fields":"kind,etag,items"
}

Following is more information about the fields parameter in the sample request:

  • fields: The values that belong to an ACL resource such as etag, id, kind, role and scope. If the field is an object, a forward slash (/) can be used to access the fields that are within the object. For example, scope/type can be specified to retrieve only the type value of a scope.
Related Google Calendar documentation

https://developers.google.com/google-apps/calendar/v3/reference/acl/list

Updating an access control rule (Patch)

To update an access control rule, use  googlecalendar.patchAcl  and specify the relevant properties.

patchAcl
<googlecalendar.patchAcl>
     <calendarId>{$ctx:calendarId}</calendarId>
     <ruleId>{$ctx:ruleId}</ruleId>
     <fields>{$ctx:fields}</fields>
     <role>{$ctx:role}</role>
     <scope>{$ctx:scope}</scope>
     <etag>{$ctx:etag}</etag>
     <id>{$ctx:id}</id>
     <kind>{$ctx:kind}</kind>
</googlecalendar.patchAcl>
Properties
  • calendarId: Required - The calendar identifier.
  • ruleId: Required - The ACL rule identifier.
  • fields: The fields to include in a partial response.
  • role: The role assigned to the scope.
  • scope: The scope of the rule.
  • etag: Etag of the resource.
  • id: Identifier of the ACL rule.
  • kind: Type of the resource.
Sample request

Following is a sample REST request that can be handled by the patchAcl operation. 

Sample request for patchAcl
 {
	"apiUrl":"https://www.googleapis.com",
	"accessToken":"ya29.1.AADtN_U4D7QlpCENTskryzzoFr2WRAVlAkelqHt3MTgwgmtjES3WyyrabumPS9rUGD6mTPIr",
	"calendarId":"os6pbp1aj38ckstg646ji94@group.calendar.google.com",
	"ruleId":"user:abc@gmail.com",
	"fields":"etag,id,kind,role,scope",	
	"etag": "uz4dSMPAwpogj1sIr_PP7Gm-AxY/MDAwMDEzOTUxNDI3NTM2NTEwMD",
	"id": "user:abc@gmailcom",
    "kind": "calendar#aclRule",
    "role": "writer",
	"scope": {
	    		"type": "user",
	    		"value": "abc@gmailcom"
	  	    }	
}

Following is more information about the parameters in the sample request:

  • fields: The values that belong to an ACL resource such as etag, id, kind, role and scope. If the field is an object, a forward slash (/) can be used to access the fields that are within the object. For example, scope/type can be specified to retrieve only the type value of a scope.
  • role: Possible values are as follows:
    • none - Provides no access.
    • freeBusyReader - Provides read access to free/busy information.
    • reader - Provides read access to the calendar. Private events will appear to users with reader access, but event details will be hidden.
    • writer - Provides read and write access to the calendar. Private events will appear to users with writer access, and event details will be visible.
    • owner - Provides ownership of the calendar. This role has all the permissions of the writer role with the additional ability to view and manipulate ACLs.
  • scope: The scope object contains two fields as described below.
    • type: Required - The type of the scope. Possible values are:
      • default - The public scope. This is the default value.
      • user - Limits the scope to a single user.
      • group - Limits the scope to a group.
      • domain - Limits the scope to a domain. 

    Note

    The permission granted to the default scope type, which is also the public scope, applies to any user, authenticated or not.

    • value: Optional - The email address of a user or group, or the name of a domain, depending on the scope type. Omitted for type "default".
Related Google Calendar documentation:

https://developers.google.com/google-apps/calendar/v3/reference/acl/patch

Updating an access control rule

To update an access control rule, use  googlecalendar.updateAcl  and specify the relevant properties.

updateAcl
<googlecalendar.updateAcl>
     <calendarId>{$ctx:calendarId}</calendarId>
     <ruleId>{$ctx:ruleId}</ruleId>
     <fields>{$ctx:fields}</fields>
     <role>{$ctx:role}</role>
     <scope>{$ctx:scope}</scope>
     <etag>{$ctx:etag}</etag>
     <id>{$ctx:id}</id>
     <kind>{$ctx:kind}</kind>
</googlecalendar.updateAcl>
Properties
  • calendarId: Required - The calendar identifier.
  • ruleId: Required - The ACL rule identifier.
  • fields: The fields to include in a partial response.
  • role: The role assigned to the scope.
  • scope: The scope of the rule.
  • etag: Etag of the resource.
  • id: Identifier of the ACL rule.
  • kind: Type of the resource.
Sample request

Following is a sample REST request that can be handled by the updateAcl operation.

Sample request for updateAcl
 {
    "apiUrl":"https://www.googleapis.com",
    "accessToken":"ya29.1.AADtN_U4D7QlpCENTskryzzoFr2WRAVlAkelqHt3MTgwgmtjES3WyyrabumPS9rUGD6mTPIr",
    "calendarId":"os6pbp1aj38ckstg646ji94@group.calendar.google.com",
    "ruleId":"user:abc@gmail.com",
    "fields":"etag,id,kind,role,scope", 
    "etag": "uz4dSMPAwpogj1sIr_PP7Gm-AxY/MDAwMDEzOTUxNDI3NTM2NTEwMD",
    "id": "user:abc@gmailcom",
    "kind": "calendar#aclRule",
    "role": "writer",
    "scope": {
                "type": "user",
                "value": "abc@gmailcom"
            }   
}
Related Google Calendar documentation:

https://developers.google.com/google-apps/calendar/v3/reference/acl/update

Sample configuration

Following is a sample proxy service that illustrates how to connect to Google Calendar with the init operation as well as how to use the createAcl operation to create an access control rule.

To view the sample request for this proxy, see sample request for the createAcl operation . You can use this sample as a template for using other operations in this category.

As a best practice, create a separate sequence for handling the response payload for errors. In the following sample, this sequence is faultHandlerSeq.

Sample Proxy
<proxy xmlns="http://ws.apache.org/ns/synapse"
       name="googlecalendar_createAcl"
       transports="https,http"
       statistics="disable"
       trace="disable"
       startOnLoad="true">
   <target>
      <inSequence onError="faultHandlerSeq">
         <property name="apiUrl" expression="json-eval($.apiUrl)"/>
         <property name="accessToken" expression="json-eval($.accessToken)"/>
         <property name="calendarId" expression="json-eval($.calendarId)"/>
         <property name="role" expression="json-eval($.role)"/>
         <property name="scope" expression="json-eval($.scope)"/>
         <property name="fields" expression="json-eval($.fields)"/>
         <property name="etag" expression="json-eval($.etag)"/>
         <property name="id" expression="json-eval($.id)"/>
         <property name="kind" expression="json-eval($.kind)"/>
         <googlecalendar.init>
            <apiUrl>{$ctx:apiUrl}</apiUrl>
            <accessToken>{$ctx:accessToken}</accessToken>
         </googlecalendar.init>
         <googlecalendar.createAcl>
            <calendarId>{$ctx:calendarId}</calendarId>
            <role>{$ctx:role}</role>
            <scope>{$ctx:scope}</scope>
            <fields>{$ctx:fields}</fields>
            <etag>{$ctx:etag}</etag>
            <id>{$ctx:id}</id>
            <kind>{$ctx:kind}</kind>
         </googlecalendar.createAcl>
         <respond/>
      </inSequence>
      <outSequence>
        <send/>
      </outSequence>
   </target>
   <description/>
</proxy>                           
  • No labels