Object Ownership

Last Edit: Feb 02 2020

If applicable, ownership of the entity is taken into account. This parameter allows you to grant users the ability to edit their own messages while denying editing others’ messages. Permission policies are organized as list ordered by priority. A permission policy has the following fields:

Channel Type

The channel the policy applies to.

Name

The unique name for the policy (eg. "Channel member permissions").

Resources

The list of API resources the policy applies to. Policies can match one or more resources via their name or any resource by using the wildcard resource value “*”.

Roles

The list of roles the policy applies to. This value can be empty in the case the user role is not going to be taken into account.

Owner

Whether the policy should be applied to requested that alter an object owned by the requesting user. This field is either true or false.

Action

The action to apply to the API request once resources, roles, and action fields are matching. The two allowed values are: Allow and Deny.

Priority

The priority of the policy. Policies are evaluated ordered by their priority, this field allows you to create a stable order.