Help Center/ CodeArts Repo/ API Reference/ APIs/ V4/ Project/ Obtaining the Permission Matrix of a Specified Permission Resource in the Code Group

Updated on 2026-01-27 GMT+08:00

View PDF

Obtaining the Permission Matrix of a Specified Permission Resource in the Code Group

Function

This API is used to obtain the permission matrix of a specified permission resource in the code group.

Note:

(a) Permission resource: an object that requires authentication in CodeArts Repo. Permission resources at the code group level: code group, repository, code, member, tag, MR and CR, and label. <Action + Permission resource > is a permission point. For example, create a repository, download code, and add a member. Permission point is the basic unit of CodeArts Repo authentication.

(b) Permission matrix: records the association between a role and permission points, that is, both the permissions a role has and those it lacks.

Debugging

You can debug this API through automatic authentication in API Explorer or use the SDK sample code generated by API Explorer.

Authorization Information

Each account root user has all the permissions required to call all APIs, but IAM users must be assigned the following required identity policy-based permissions. For details about the required permissions, see Permissions Policies and Supported Actions.

Action	Access Level	Resource Type (*: required)	Condition Key	Alias	Dependencies
codeartsrepo:group:getGroup	Read	-	-	-	-

URI

GET https://{hostURL}/v4/groups/{group_id}/permissions-resources/{resource_id}

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
group_id	Yes	Integer	Definition Repository group ID, which is the numeric ID next to Group ID on the repository group homepage. Default Value N/A Value range: 1~2147483647
resource_id	Yes	Integer	Definition Resource ID, which is the ID in the data obtained from the API for obtaining the repository group permission resource point list. Default Value N/A Value range: 1~2147483647

**Table 2** Query Parameters
Parameter	Mandatory	Type	Description
offset	No	Integer	Definition Offset, which starts from 0. Value range: 0~2147483647 Default value: 0
limit	No	Integer	Definition Number of returned records. Value range: 1~100 Default value: 20

Request Parameters

**Table 3** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	Definition User token. Obtain one by calling the IAM API Obtaining a User Token. The value of X-Subject-Token in the response header is a token. Constraints N/A Range 1–100,000 characters. Default Value N/A

Response Parameters

Status code: 200

**Table 4** Response body parameters
Parameter	Type	Description
[items]	Array of PermissionDto objects	Definition Resource permission list.

**Table 5** PermissionDto
Parameter	Type	Description
order	Integer	Definition Order ID. Value range: 1~2147483647
role_id	String	Definition Role ID. Range 1–1,000 characters.
role_name	String	Definition Role name. Range 1–1,000 characters.
role_name_cn	String	Definition Role name in Chinese. Range 1–1,000 characters.
resource_permissions	PermissionMap object	Definition Association between a role and permission points. Whether a role can perform operations on permission points.

**Table 6** PermissionMap
Parameter	Type	Description
{User defined key}	Map<String,ResourcePermissionDto>	Definition Resource permission object. This API is used to record the permission point ID, name, and whether the role can perform operations on the permission point.

**Table 7** ResourcePermissionDto
Parameter	Type	Description
permission_id	Integer	Definition Record ID. Value range: 1~2147483647
action	String	Definition Operation. Range 1–1,000 characters.
display_name	String	Definition Operation name. Range 1–1,000 characters.
display_name_cn	String	Definition Operation name in Chinese. Range 1–1,000 characters.
enabled	Boolean	Definition Whether a role can perform operations on the permission point. Range Select true or false.
editable	Boolean	Definition Whether the role can edit the permission point. Range Select true or false.

Status code: 401

**Table 8** Response body parameters
Parameter	Type	Description
error_code	String	Definition Error code.
error_msg	String	Definition Error message.

Status code: 403

**Table 9** Response body parameters
Parameter	Type	Description
error_code	String	Definition Error code.
error_msg	String	Definition Error message.

Example Requests

GET https://{endpoint}/v4/groups/{group_id}/permissions-resources/{resource_id}?offset=0&limit=20

Example Responses

Status code: 200

This API is used to obtain the permission matrix of a specified permission resource in the code group.

[ {
  "order" : 1,
  "role_id" : "d4b6fd9af7e34b168de2fef683058f13",
  "role_name" : "Project manager",
  "role_name_cn" : "Project manager",
  "resource_permissions" : {
    "fork" : {
      "permission_id" : 2,
      "action" : "fork",
      "display_name" : "fork",
      "display_name_cn" : "fork",
      "enabled" : true,
      "editable" : true
    },
    "create" : {
      "permission_id" : 1,
      "action" : "create",
      "display_name" : "create",
      "display_name_cn" : "Create",
      "enabled" : true,
      "editable" : true
    },
    "delete" : {
      "permission_id" : 3,
      "action" : "delete",
      "display_name" : "delete",
      "display_name_cn" : "Delete",
      "enabled" : true,
      "editable" : true
    },
    "setting" : {
      "permission_id" : 30,
      "action" : "setting",
      "display_name" : "setting",
      "display_name_cn" : "Setting",
      "enabled" : true,
      "editable" : true
    }
  }
} ]

Status code: 401

Unauthorized

{
  "error_code" : "DEV.00000003",
  "error_msg" : "Authentication information expired."
}

Status code: 403

Bad Request

{
  "error_code" : "CH.004403",
  "error_msg" : "Insufficient permissions. Apply for the required permissions and try again."
}

Status Codes

Status Code	Description
200	This API is used to obtain the permission matrix of a specified permission resource in the code group.
401	Unauthorized
403	Bad Request

Error Codes

See Error Codes.

Parent topic: Project

Previous topic: Obtaining the List of Repository Groups and Repositories in a Project

Next topic: Obtaining Project Inheritance Settings

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot