This page was created because of
| Jira Legacy | ||||||||
|---|---|---|---|---|---|---|---|---|
|
...
| Endpoint | Error code | Error message |
|---|---|---|
| Initiate | 403 Forbidden | You do not have the following permission to perform this action: REQUISITION_CREATE |
| Update | You do not have the following permission to perform this action: REQUISITION_CREATE/REQUISITION_APPROVE/REQUISITION_AUTHORIZE (depends on requisition status) | |
| Submit | You do not have the following permission to perform this action: REQUISITION_CREATE | |
| Approve | You do not have the following permission to perform this action: REQUISITION_APPROVE | |
| Authorize | You do not have the following permission to perform this action: REQUISITION_AUTHORIZE | |
| Delete | You do not have the following permission to perform this action: REQUISITION_DELETE | |
| View | You do not have the following permission to perform this action: REQUISITION_VIEW |
How to check permission
The most easy way to check if the given user has the given permission is to use /users/{id}/hasRight endpoint. This endpoint returns a small object that contain only one bool property with the result. Also, because we need right ID we should use /rights/search endpoint to retrieve a correct right based on the provided name. In the first approach we could create/extend a service that will use those two endpoints and use it where it is needed (probably in Requisition Controller).
...