Include user rights in REST API endpoint for pages

Last modified by Pierre Jeanjean on 2026/03/23 17:05

Description

Requirements

  • When a user fetches a page through the REST API, include its rights so that a UI displaying the page's content can enable/disable features accordingly
  • Make it optional

Definition

Endpoints

These are existing endpoints, where the only change is the addition of a query parameter to add this feature (in bold).

/wikis/{wikiName}/spaces/{spaceName}[/spaces/{nestedSpaceName}]*/pages/{pageName}[?prettyNames={true,false}&objects={true,false}&class={true,false}&attachments={true,false}&minorRevision={true,false}[&checkRight={rightName}]*]

  • HTTP Method: GET
    • Media types:
      • application/xml (Page element)
    • Query parameters
      • prettyNames: also return the pretty name for various document information (like the author display name, etc). Disabled by default.
      • objects: [since 7.3M1] also return the objects. Disabled by default.
      • class: [since 7.3M1] also return the class. Disabled by default.
      • attachments: [since 7.3M1] also return the attachments metadatas. Disabled by default.
      • checkRight: also return whether the user has the right {rightName} on the page. Multiple checks can be requested. Empty by default.
    • Description: 
    • Status codes:
      • 200: If the request was successful.
      • 401: If the user is not authorized.

Examples

A user with comment rights and without edit rights on the page xwiki:Main.WebHome fetches it with:

GET /wikis/xwiki/spaces/Main/pages/WebHome?checkRight=comment&checkRight=edit

The returned resource would include the following:

<right name="comment">true</right>
<right name="edit">false</right>

 


Get Connected