|
|
@@ -55,6 +55,8 @@ Call `GET /permissions` with your token to see what you have access to. This sho
|
|
|
}
|
|
|
}
|
|
|
},
|
|
|
+ "max_limit": 1000,
|
|
|
+ "max_where": 20,
|
|
|
"user_settings_access": "read-write-own"
|
|
|
}
|
|
|
```
|
|
|
@@ -73,6 +75,10 @@ Call `GET /permissions` with your token to see what you have access to. This sho
|
|
|
|
|
|
This way a client can see at a glance which toolkits they have access to, what group they are in for each one, what parts of json derulos body they can molest and what column level restrictions exist and by that effectively be able to decide what feature to show or not.
|
|
|
|
|
|
+**`max_limit`** the resolved maximum number of rows the user can request per query. comes from the users power level config (per-group `max_limit` in `jde_groups` or the power level config in security.toml) capped by `default_max_limit` in security config. Clients should use this to cap their own limit inputs and inform the user.
|
|
|
+
|
|
|
+**`max_where`** the resolved maximum number of WHERE conditions the user can use per query. same resolution as `max_limit` per group or per power level, capped by `default_max_where_conditions`. Clients can use this to limit filter complexity in their UI.
|
|
|
+
|
|
|
**`user_settings_access`** tells you what you can do with the [preferences](../admin/preferences.md) endpoint.
|
|
|
|
|
|
## How permissions should be resolved
|
