Ctrlk

/api/v1/collection

Collections can store links to objects. It is possible to link other objects from fylr as well as foreign objects, unknown to fylr. Object links must be unique. Linked objects can be manually sorted.

POST /collection — Create or update a collection.

Create or update a collection.

post
  • The user needs BAG_CREATE in the parent collection to create a collection.
  • The user needs BAG_WRITE to update a collection.
  • The _owner is set to the owner of the parent.
  • To set _private_acl or _acl the user needs BAG_ACL.
  • New ACL items with send_email_notification will sent out and email.
  • An update is performed if the payload contains a _version greater 1.
  • Moving a collection to a new parent requires BAG_CREATE in the new parent and BAG_ACL in the current collection. When moving a collection, the owner is automatically set to the owner of the parent. This includes all child collections.
  • COLLECTION_INSERT / COLLECTION_UPDATE event is written.

Differs from easydb 5: the children_allowed flag is stored but has no effect. easydb 5 enforces it, rejecting an attempt "to create or move a collection under a collection that does not allow children" with the Collection Does Not Allow Children error; fylr raises no such error.

Authorizations
AuthorizationstringRequired

Access token in the Authorization header: Authorization: Bearer <token>.

Query parameters
allow_invalid_aclstring · booleanOptional

Allow storing the collection even if the owner doesn't have the necessary permissions for all objects to share the rights defined in the _acl property of the collection. The _invalid_acl flag will be set, if the user doesn't have sufficient permissions to share all objects of the collection. The user needs the permission BAG_ACL for the collection in order to use this parameter.

Differs from easydb 5: this confirmation is driven by the boolean allow_invalid_acl parameter. easydb 5 instead resolves the 202 confirmation with a collection_rights_policy query parameter; there is no allow_invalid_acl parameter in easydb 5.

background_invalid_aclstring · booleanOptional

If set, the invalid-ACL validity check (whether the collection owner may grant the rights of all linked objects) is not run inline. Instead a queued ACTION_COLLECTION_ACL_CHECK job is scheduled and the request returns immediately, before the check has resolved.

Header parameters
x-fylr-authorizationstringOptional

The access token in form of Bearer <token>. You can also use authorization which does the same. authorization is looked at first.

authorizationstringOptional

The access token in form of Bearer <token>.

Body
_basetypestring · enumOptionalPossible values:
_countnumber · int64Read-onlyOptional

The number of objects in this collection.

_count_recursivenumber · int64Read-onlyOptional

The number of objects in this collection and and all descendant collections (recursive).

_has_aclbooleanRead-onlyOptional

Flag that indicates that this collection has an active _acl (even if inherited).

_has_childrenbooleanRead-onlyOptional

Flag that inidicates if this collection has children. This flag is indpendent of the actual permissions of the user for that collection. So, if the user cannot access the only sub collection of this collection, the _has_children flag will still be set.

_has_remote_objectsbooleanRead-onlyOptional

Flag that inidicates if this collection contains at least one foreign collection object.

_levelbooleanRead-onlyOptional

Starting with 1, _level states the depth of the collection in the collection tree. The top level from the user's perspective is 3. The 1st level is the root collection, the 2nd level the user's top level collection which is a system collection and automatically created to hold all the user's collections underneath.

_private_aclbooleanOptional

Flag which indicates a private ACL. With this setting ACL from the parent are ignored (except for the items which set sticky.

_invalid_aclbooleanRead-onlyOptional

Collection can share permissions to other users. The owner of the collection must carry the grantable permission for each object in the collection in order to share the collection. fylr determines for the whole collection if sharing is allowed or not. If it is not allowed, the collection will be put in _invalid_acl: true state which disables the ACL attached to the collection.

_has_pinbooleanRead-onlyOptional

This flag indicates that the collection has a pin code. The actual pin code is only visible to system.root users and users with the BAG_ACL.

pin_okbooleanRead-onlyOptional

Flag to indicate that the pin was entered correctly for the current user. system.root and all users with the BAG_ACL permission will always see pin_ok.

_created_atstring · RFC3339_dateRead-onlyOptional

Timestamp when this collection was created.

_updated_atstring · RFC3339_dateRead-onlyOptional

Timestamp when this collection was updated.

Responses
200

The response contains the collection created, including the issued _id.

application/json
_basetypestring · enumOptionalPossible values:
_countnumber · int64Read-onlyOptional

The number of objects in this collection.

_count_recursivenumber · int64Read-onlyOptional

The number of objects in this collection and and all descendant collections (recursive).

_has_aclbooleanRead-onlyOptional

Flag that indicates that this collection has an active _acl (even if inherited).

_has_childrenbooleanRead-onlyOptional

Flag that inidicates if this collection has children. This flag is indpendent of the actual permissions of the user for that collection. So, if the user cannot access the only sub collection of this collection, the _has_children flag will still be set.

_has_remote_objectsbooleanRead-onlyOptional

Flag that inidicates if this collection contains at least one foreign collection object.

_levelbooleanRead-onlyOptional

Starting with 1, _level states the depth of the collection in the collection tree. The top level from the user's perspective is 3. The 1st level is the root collection, the 2nd level the user's top level collection which is a system collection and automatically created to hold all the user's collections underneath.

_private_aclbooleanOptional

Flag which indicates a private ACL. With this setting ACL from the parent are ignored (except for the items which set sticky.

_invalid_aclbooleanRead-onlyOptional

Collection can share permissions to other users. The owner of the collection must carry the grantable permission for each object in the collection in order to share the collection. fylr determines for the whole collection if sharing is allowed or not. If it is not allowed, the collection will be put in _invalid_acl: true state which disables the ACL attached to the collection.

_has_pinbooleanRead-onlyOptional

This flag indicates that the collection has a pin code. The actual pin code is only visible to system.root users and users with the BAG_ACL.

pin_okbooleanRead-onlyOptional

Flag to indicate that the pin was entered correctly for the current user. system.root and all users with the BAG_ACL permission will always see pin_ok.

_created_atstring · RFC3339_dateRead-onlyOptional

Timestamp when this collection was created.

_updated_atstring · RFC3339_dateRead-onlyOptional

Timestamp when this collection was updated.

PUT /collection — Create or update a collection.

Create or update a collection.

put
  • The user needs BAG_CREATE in the parent collection to create a collection.
  • The user needs BAG_WRITE to update a collection.
  • The _owner is set to the owner of the parent.
  • To set _private_acl or _acl the user needs BAG_ACL.
  • New ACL items with send_email_notification will sent out and email.
  • An update is performed if the payload contains a _version greater 1.
  • Moving a collection to a new parent requires BAG_CREATE in the new parent and BAG_ACL in the current collection. When moving a collection, the owner is automatically set to the owner of the parent. This includes all child collections.
  • COLLECTION_INSERT / COLLECTION_UPDATE event is written.

Differs from easydb 5: the children_allowed flag is stored but has no effect. easydb 5 enforces it, rejecting an attempt "to create or move a collection under a collection that does not allow children" with the Collection Does Not Allow Children error; fylr raises no such error.

Authorizations
AuthorizationstringRequired

Access token in the Authorization header: Authorization: Bearer <token>.

Query parameters
allow_invalid_aclstring · booleanOptional

Allow storing the collection even if the owner doesn't have the necessary permissions for all objects to share the rights defined in the _acl property of the collection. The _invalid_acl flag will be set, if the user doesn't have sufficient permissions to share all objects of the collection. The user needs the permission BAG_ACL for the collection in order to use this parameter.

Differs from easydb 5: this confirmation is driven by the boolean allow_invalid_acl parameter. easydb 5 instead resolves the 202 confirmation with a collection_rights_policy query parameter; there is no allow_invalid_acl parameter in easydb 5.

background_invalid_aclstring · booleanOptional

If set, the invalid-ACL validity check (whether the collection owner may grant the rights of all linked objects) is not run inline. Instead a queued ACTION_COLLECTION_ACL_CHECK job is scheduled and the request returns immediately, before the check has resolved.

Header parameters
x-fylr-authorizationstringOptional

The access token in form of Bearer <token>. You can also use authorization which does the same. authorization is looked at first.

authorizationstringOptional

The access token in form of Bearer <token>.

Body
_basetypestring · enumOptionalPossible values:
_countnumber · int64Read-onlyOptional

The number of objects in this collection.

_count_recursivenumber · int64Read-onlyOptional

The number of objects in this collection and and all descendant collections (recursive).

_has_aclbooleanRead-onlyOptional

Flag that indicates that this collection has an active _acl (even if inherited).

_has_childrenbooleanRead-onlyOptional

Flag that inidicates if this collection has children. This flag is indpendent of the actual permissions of the user for that collection. So, if the user cannot access the only sub collection of this collection, the _has_children flag will still be set.

_has_remote_objectsbooleanRead-onlyOptional

Flag that inidicates if this collection contains at least one foreign collection object.

_levelbooleanRead-onlyOptional

Starting with 1, _level states the depth of the collection in the collection tree. The top level from the user's perspective is 3. The 1st level is the root collection, the 2nd level the user's top level collection which is a system collection and automatically created to hold all the user's collections underneath.

_private_aclbooleanOptional

Flag which indicates a private ACL. With this setting ACL from the parent are ignored (except for the items which set sticky.

_invalid_aclbooleanRead-onlyOptional

Collection can share permissions to other users. The owner of the collection must carry the grantable permission for each object in the collection in order to share the collection. fylr determines for the whole collection if sharing is allowed or not. If it is not allowed, the collection will be put in _invalid_acl: true state which disables the ACL attached to the collection.

_has_pinbooleanRead-onlyOptional

This flag indicates that the collection has a pin code. The actual pin code is only visible to system.root users and users with the BAG_ACL.

pin_okbooleanRead-onlyOptional

Flag to indicate that the pin was entered correctly for the current user. system.root and all users with the BAG_ACL permission will always see pin_ok.

_created_atstring · RFC3339_dateRead-onlyOptional

Timestamp when this collection was created.

_updated_atstring · RFC3339_dateRead-onlyOptional

Timestamp when this collection was updated.

Responses
200

The response contains the collection created, including the issued _id.

application/json
_basetypestring · enumOptionalPossible values:
_countnumber · int64Read-onlyOptional

The number of objects in this collection.

_count_recursivenumber · int64Read-onlyOptional

The number of objects in this collection and and all descendant collections (recursive).

_has_aclbooleanRead-onlyOptional

Flag that indicates that this collection has an active _acl (even if inherited).

_has_childrenbooleanRead-onlyOptional

Flag that inidicates if this collection has children. This flag is indpendent of the actual permissions of the user for that collection. So, if the user cannot access the only sub collection of this collection, the _has_children flag will still be set.

_has_remote_objectsbooleanRead-onlyOptional

Flag that inidicates if this collection contains at least one foreign collection object.

_levelbooleanRead-onlyOptional

Starting with 1, _level states the depth of the collection in the collection tree. The top level from the user's perspective is 3. The 1st level is the root collection, the 2nd level the user's top level collection which is a system collection and automatically created to hold all the user's collections underneath.

_private_aclbooleanOptional

Flag which indicates a private ACL. With this setting ACL from the parent are ignored (except for the items which set sticky.

_invalid_aclbooleanRead-onlyOptional

Collection can share permissions to other users. The owner of the collection must carry the grantable permission for each object in the collection in order to share the collection. fylr determines for the whole collection if sharing is allowed or not. If it is not allowed, the collection will be put in _invalid_acl: true state which disables the ACL attached to the collection.

_has_pinbooleanRead-onlyOptional

This flag indicates that the collection has a pin code. The actual pin code is only visible to system.root users and users with the BAG_ACL.

pin_okbooleanRead-onlyOptional

Flag to indicate that the pin was entered correctly for the current user. system.root and all users with the BAG_ACL permission will always see pin_ok.

_created_atstring · RFC3339_dateRead-onlyOptional

Timestamp when this collection was created.

_updated_atstring · RFC3339_dateRead-onlyOptional

Timestamp when this collection was updated.

GET /collection/{collection_id} — Retrieve a collection.

Retrieve a collection.

get
  • The user needs BAG_READ to retrieve a collection.
Authorizations
AuthorizationstringRequired

Access token in the Authorization header: Authorization: Bearer <token>.

Path parameters
collection_idintegerRequired

The collection id of the collection to access.

Header parameters
x-fylr-authorizationstringOptional

The access token in form of Bearer <token>. You can also use authorization which does the same. authorization is looked at first.

authorizationstringOptional

The access token in form of Bearer <token>.

Responses
200

The response contains the collection.

application/json
_basetypestring · enumOptionalPossible values:
_countnumber · int64Read-onlyOptional

The number of objects in this collection.

_count_recursivenumber · int64Read-onlyOptional

The number of objects in this collection and and all descendant collections (recursive).

_has_aclbooleanRead-onlyOptional

Flag that indicates that this collection has an active _acl (even if inherited).

_has_childrenbooleanRead-onlyOptional

Flag that inidicates if this collection has children. This flag is indpendent of the actual permissions of the user for that collection. So, if the user cannot access the only sub collection of this collection, the _has_children flag will still be set.

_has_remote_objectsbooleanRead-onlyOptional

Flag that inidicates if this collection contains at least one foreign collection object.

_levelbooleanRead-onlyOptional

Starting with 1, _level states the depth of the collection in the collection tree. The top level from the user's perspective is 3. The 1st level is the root collection, the 2nd level the user's top level collection which is a system collection and automatically created to hold all the user's collections underneath.

_private_aclbooleanOptional

Flag which indicates a private ACL. With this setting ACL from the parent are ignored (except for the items which set sticky.

_invalid_aclbooleanRead-onlyOptional

Collection can share permissions to other users. The owner of the collection must carry the grantable permission for each object in the collection in order to share the collection. fylr determines for the whole collection if sharing is allowed or not. If it is not allowed, the collection will be put in _invalid_acl: true state which disables the ACL attached to the collection.

_has_pinbooleanRead-onlyOptional

This flag indicates that the collection has a pin code. The actual pin code is only visible to system.root users and users with the BAG_ACL.

pin_okbooleanRead-onlyOptional

Flag to indicate that the pin was entered correctly for the current user. system.root and all users with the BAG_ACL permission will always see pin_ok.

_created_atstring · RFC3339_dateRead-onlyOptional

Timestamp when this collection was created.

_updated_atstring · RFC3339_dateRead-onlyOptional

Timestamp when this collection was updated.

POST /collection/{collection_id} — Update collection.

Update collection.

post
  • The user needs BAG_WRITE to update a collection.
  • Moving a collection to a new parent requires BAG_CREATE in the new parent and BAG_ACL in the current collection. When moving a collection, the owner is automatically set to the owner of the parent. This includes all child collections.
  • New ACL items with send_email_notification will sent out and email.
  • To set _private_acl or _aclthe user needs BAG_ACL.
  • COLLECTION_UPDATE event is written.
Authorizations
AuthorizationstringRequired

Access token in the Authorization header: Authorization: Bearer <token>.

Path parameters
collection_idintegerRequired

The collection id of the collection to access.

Query parameters
allow_invalid_aclstring · booleanOptional

Allow storing the collection even if the owner doesn't have the necessary permissions for all objects to share the rights defined in the _acl property of the collection. The _invalid_acl flag will be set, if the user doesn't have sufficient permissions to share all objects of the collection. The user needs the permission BAG_ACL for the collection in order to use this parameter.

Differs from easydb 5: this confirmation is driven by the boolean allow_invalid_acl parameter. easydb 5 instead resolves the 202 confirmation with a collection_rights_policy query parameter; there is no allow_invalid_acl parameter in easydb 5.

background_invalid_aclstring · booleanOptional

If set, the invalid-ACL validity check (whether the collection owner may grant the rights of all linked objects) is not run inline. Instead a queued ACTION_COLLECTION_ACL_CHECK job is scheduled and the request returns immediately, before the check has resolved.

Header parameters
x-fylr-authorizationstringOptional

The access token in form of Bearer <token>. You can also use authorization which does the same. authorization is looked at first.

authorizationstringOptional

The access token in form of Bearer <token>.

Body
_basetypestring · enumOptionalPossible values:
_countnumber · int64Read-onlyOptional

The number of objects in this collection.

_count_recursivenumber · int64Read-onlyOptional

The number of objects in this collection and and all descendant collections (recursive).

_has_aclbooleanRead-onlyOptional

Flag that indicates that this collection has an active _acl (even if inherited).

_has_childrenbooleanRead-onlyOptional

Flag that inidicates if this collection has children. This flag is indpendent of the actual permissions of the user for that collection. So, if the user cannot access the only sub collection of this collection, the _has_children flag will still be set.

_has_remote_objectsbooleanRead-onlyOptional

Flag that inidicates if this collection contains at least one foreign collection object.

_levelbooleanRead-onlyOptional

Starting with 1, _level states the depth of the collection in the collection tree. The top level from the user's perspective is 3. The 1st level is the root collection, the 2nd level the user's top level collection which is a system collection and automatically created to hold all the user's collections underneath.

_private_aclbooleanOptional

Flag which indicates a private ACL. With this setting ACL from the parent are ignored (except for the items which set sticky.

_invalid_aclbooleanRead-onlyOptional

Collection can share permissions to other users. The owner of the collection must carry the grantable permission for each object in the collection in order to share the collection. fylr determines for the whole collection if sharing is allowed or not. If it is not allowed, the collection will be put in _invalid_acl: true state which disables the ACL attached to the collection.

_has_pinbooleanRead-onlyOptional

This flag indicates that the collection has a pin code. The actual pin code is only visible to system.root users and users with the BAG_ACL.

pin_okbooleanRead-onlyOptional

Flag to indicate that the pin was entered correctly for the current user. system.root and all users with the BAG_ACL permission will always see pin_ok.

_created_atstring · RFC3339_dateRead-onlyOptional

Timestamp when this collection was created.

_updated_atstring · RFC3339_dateRead-onlyOptional

Timestamp when this collection was updated.

Responses
200

The response contains the collection created, including the issued _id.

application/json
_basetypestring · enumOptionalPossible values:
_countnumber · int64Read-onlyOptional

The number of objects in this collection.

_count_recursivenumber · int64Read-onlyOptional

The number of objects in this collection and and all descendant collections (recursive).

_has_aclbooleanRead-onlyOptional

Flag that indicates that this collection has an active _acl (even if inherited).

_has_childrenbooleanRead-onlyOptional

Flag that inidicates if this collection has children. This flag is indpendent of the actual permissions of the user for that collection. So, if the user cannot access the only sub collection of this collection, the _has_children flag will still be set.

_has_remote_objectsbooleanRead-onlyOptional

Flag that inidicates if this collection contains at least one foreign collection object.

_levelbooleanRead-onlyOptional

Starting with 1, _level states the depth of the collection in the collection tree. The top level from the user's perspective is 3. The 1st level is the root collection, the 2nd level the user's top level collection which is a system collection and automatically created to hold all the user's collections underneath.

_private_aclbooleanOptional

Flag which indicates a private ACL. With this setting ACL from the parent are ignored (except for the items which set sticky.

_invalid_aclbooleanRead-onlyOptional

Collection can share permissions to other users. The owner of the collection must carry the grantable permission for each object in the collection in order to share the collection. fylr determines for the whole collection if sharing is allowed or not. If it is not allowed, the collection will be put in _invalid_acl: true state which disables the ACL attached to the collection.

_has_pinbooleanRead-onlyOptional

This flag indicates that the collection has a pin code. The actual pin code is only visible to system.root users and users with the BAG_ACL.

pin_okbooleanRead-onlyOptional

Flag to indicate that the pin was entered correctly for the current user. system.root and all users with the BAG_ACL permission will always see pin_ok.

_created_atstring · RFC3339_dateRead-onlyOptional

Timestamp when this collection was created.

_updated_atstring · RFC3339_dateRead-onlyOptional

Timestamp when this collection was updated.

DELETE /collection/{collection_id} — Delete collection. All child collections will be deleted too.

Delete collection. All child collections will be deleted too.

delete
  • The user needs BAG_DELETE for each collection to be deleted.
  • COLLECTION_DELETE event is written for each collection.
Authorizations
AuthorizationstringRequired

Access token in the Authorization header: Authorization: Bearer <token>.

Path parameters
collection_idintegerRequired

The collection id of the collection to access.

Header parameters
x-fylr-authorizationstringOptional

The access token in form of Bearer <token>. You can also use authorization which does the same. authorization is looked at first.

authorizationstringOptional

The access token in form of Bearer <token>.

Responses
200

Delete was successful.

application/json
PreviousEndpointsNext/list

Last updated