URL: http://GPUDB_IP_ADDRESS:GPUDB_PORT/has/permission

Checks if the specified user has the specified permission on the specified object.

Input Parameter Description

Name Type Description
principal string Name of the user for which the permission is being checked. Must be an existing user. If blank, will use the current user. The default value is ''.
object string Name of object to check for the requested permission. It is recommended to use a fully-qualified name when possible.
object_type string

The type of object being checked

Supported Values Description
credential Credential
datasink Data Sink
datasource Data Source
directory KiFS File Directory
graph A Graph object
proc UDF Procedure
schema Schema
sql_proc SQL Procedure
system System-level access
table Database Table
table_monitor Table monitor
permission string

Permission to check for.

Supported Values Description
admin Full read/write and administrative access on the object.
connect Connect access on the given data source or data sink.
delete Delete rows from tables.
execute Ability to Execute the Procedure object.
insert Insert access to tables.
read Ability to read, list and use the object.
update Update access to the table.
user_admin Access to administer users and roles that do not have system_admin permission.
write Access to write, change and delete objects.
options map of string to strings

Optional parameters. The default value is an empty map ( {} ).

Supported Parameters (keys) Parameter Description

If false will return an error if the provided input parameter object does not exist or is blank. If true then it will return false for output parameter has_permission. The default value is false. The supported values are:

  • true
  • false

Output Parameter Description

The GPUdb server embeds the endpoint response inside a standard response structure which contains status information and the actual response to the query. Here is a description of the various fields of the wrapper:

Name Type Description
status String 'OK' or 'ERROR'
message String Empty if success or an error message
data_type String 'has_permission_response' or 'none' in case of an error
data String Empty string
data_str JSON or String

This embedded JSON represents the result of the /has/permission endpoint:

Name Type Description
principal string Value of input parameter principal
object string Fully-qualified value of input parameter object
object_type string Value of input parameter object_type
permission string Value of input parameter permission
has_permission boolean

Indicates whether the specified user has the specified permission on the specified target.

Possible Values Description
true User has the effective queried permission
false User does not have the queried permission
filters map of string to strings Map of column/filters that have been granted.
info map of string to strings Additional information.

Empty string in case of an error.