All of the endpoints in the ACL REST API are inherited from the PersistedModel REST API.  The reference is provided here for convenience.

By default, the ACL REST API is not exposed. To expose it, add the following to models.json:

"acl": {
    "public": true,
    "options": {
      "base": "ACL"
    },
    "dataSource": "db"
  },

Quick reference

URI Pattern

HTTP VerbDefault PermissionDescriptionArguments

/acls

 

POSTAllow

Add ACL instance and persist to data source. Inherited from generic model API.

JSON object (in request body)
/aclsGETDenyFind all instances of ACLs that match specified filter. Inherited from generic model API .

One or more filters in query parameters:

  • where
  • include
  • order
  • limit
  • skip / offset
  • fields
/aclsPUTDenyUpdate / insert ACL instance and persist to data source. Inherited from generic model API .JSON object (in request body)
/acls/idGETDenyFind ACLs by ID: Return data for the specified acls instance ID. Inherited from generic model API .id, the ACL instance ID (in URI path)
/acls/idPUTDenyUpdate attributes for specified acls ID and persist. Inherited from generic model API .

Query parameters:

  • data - An object containing property name/value pairs
  • id - The model id
/acls/idDELETEDenyDelete ACLs with specified instance ID. Inherited from generic model API .id, acls ID (in URI path)
/acls/id/existsGETDeny

Check instance existence: Return true if specified acls ID exists. Inherited from generic model API .

URI path:

  • id - Model instance ID
/acls/countGETDeny

Return the number of ACL instances that matches specified where clause. Inherited from generic model API.

Where filter specified in query parameter
/acls/findOneGETDeny

Find first ACL instance that matches specified filter. Inherited from generic model API .

Same as Find matching instances.