Remote ACL | risscore

For drafts, reviews and page planning, it is possible to delegate printformer access control to the external system. To do this, the remoteAcl flag must be set to true during creation.

For example, if the user with the UserIdentifier CBDAajZb tries to open the draft with the DraftId 2c0b3d4664350f2ff5a2ac539aeacf0e, the printformer executes a request to the URL stored in the admin (Integrations > API-Keys > Client selection > API > Remote ACL URL) according to the following scheme:

Request

JSON-RequestBody printformer > external system

{
  "actions": [
    {
      "action": "editorView",
      "entityType": "draft",
      "entityIdentifier": "2c0b3d4664350f2ff5a2ac539aeacf0e",
      "userIdentifier": "CBDAajZb"
    }
  ]
}

Response

JSON-ResponseBody external system > printformer

{
  "actions": [
    {
      "action": "editorView",
      "entityType": "draft",
      "entityIdentifier": "2c0b3d4664350f2ff5a2ac539aeacf0e",
      "userIdentifier": "CBDAajZb",
      "allowAction": true
    }
  ]
}

The request is sent with the HTTP method POST and the Content-Type header application/json
The difference between request and response should only be the addition of the allowAction value to the actions
A request-response cycle can be used to check the access rights of different users to different entities
If the allowAction value is missing in the response or an error occurs, the check is always evaluated negatively.

Actions per EntityType

EntityType	Action
`draft`	`editorView`	Opening a draft in the editor
`draft`	`editorUpdate`	Changing a draft in the editor
`review`	`view`	Opening a review
`review`	`finish`	Reviewer marks review as finished
`review`	`end`	Finishing a review