Permissions API Documentation

Table of Contents

Retrieving Room Permissions
Related API

GET /api/v1/room-permissions/${roomId}

Purpose

Retrieves the permission set for the current user in a specific room. Permissions determine what actions the user is allowed to perform in the room (messaging, file uploads, intercom features, UI visibility, etc.).

Authentication

Required: Secure, HTTP-only session cookie
Unauthorized access returns a 401 error.

Request

Method: GET
URL Format: /api/v1/room-permissions/${roomId}
- roomId: Unique identifier of the room for which permissions are requested
Headers: None required
Cookies: Valid session cookie must be present

Response

Success (200 OK)

JSON response example:

{
    "httpStatusCode": 200,
    "roomPermissions": {
        "permissions": {
            "canAttachOrDeleteFilesInOwnMessagesInDiscussion": true,
            "canAttachOrDeleteFilesInOwnMessagesInMainThread": true,
            "canChangePropertiesOfUnrelatedIssues": true,
            "canCreateIssues": true,
            "canCreateMeetings": true,
            "canEditOrDeleteOwnMessagesInDiscussion": true,
            "canEditOrDeleteOwnMessagesInMainThread": true,
            "canIntercomListen": true,
            "canIntercomStreamVideo": true,
            "canIntercomTalk": true,
            "canIntercomWatchVideo": true,
            "canReactToMessagesWithEmojiInDiscussion": true,
            "canReactToMessagesWithEmojiInMainThread": true,
            "canRecordMeetings": true,
            "canSendFilesIntoRoomInDiscussion": true,
            "canSendFilesIntoRoomInMainThread": true,
            "canSendMessagesInDiscussion": true,
            "canSendMessagesInMainThread": true,
            "canSendNudge": true,
            "canShareScreen": true,
            "canUseIntercom": true,
            "uiCanSeeRoomSidebar": true,
            "uiCanSeeWhoReadMessageInDiscussion": true,
            "uiCanSeeWhoReadMessageInMainThread": true
        },
        "roomId": 3
    }
}

Explanation:

roomPermissions: Contains the permissions data for the room
- roomId: The unique identifier of the room
- permissions: An object listing various permission flags (true/false) indicating what actions the user can perform in the room

Permission Flags:

Messaging & Reactions:
- canSendMessagesInDiscussion: Whether the user can send messages within discussion threads
- canSendMessagesInMainThread: Whether the user can send messages in the main thread
- canEditOrDeleteOwnMessagesInDiscussion: Whether the user can edit or delete their own messages within discussion threads
- canEditOrDeleteOwnMessagesInMainThread: Whether the user can edit or delete their own messages in the main thread
- canReactToMessagesWithEmojiInDiscussion: Whether the user can react to messages with emojis in discussion threads
- canReactToMessagesWithEmojiInMainThread: Whether the user can react to messages with emojis in the main thread
Files & Attachments:
- canAttachOrDeleteFilesInOwnMessagesInDiscussion: Whether the user can attach or delete files in their own messages within discussion threads
- canAttachOrDeleteFilesInOwnMessagesInMainThread: Whether the user can attach or delete files in their own messages in the main thread
- canSendFilesIntoRoomInDiscussion: Whether the user can send files into the room within discussion threads
- canSendFilesIntoRoomInMainThread: Whether the user can send files into the room in the main thread
Intercom / Audio-Video:
- canUseIntercom: Whether the user can use intercom features in the room
- canIntercomListen: Whether the user can listen to intercom audio in the room
- canIntercomStreamVideo: Whether the user can stream video via intercom in the room
- canIntercomTalk: Whether the user can talk via intercom in the room
- canIntercomWatchVideo: Whether the user can watch intercom video in the room
- canShareScreen: Whether the user can share their screen in the room
Issue & Meeting Management:
- canCreateIssues: Whether the user can create new issues in the room
- canCreateMeetings: Whether the user can create meetings in the room
- canChangePropertiesOfUnrelatedIssues: Whether the user can change properties of issues they are not directly involved with
- canRecordMeetings: Whether the user can record meetings in the room
UI Permissions:
- uiCanSeeRoomSidebar: Whether the user can see the room sidebar in the UI
- uiCanSeeWhoReadMessageInDiscussion: Whether the user can see who has read messages in discussion threads
- uiCanSeeWhoReadMessageInMainThread: Whether the user can see who has read messages in the main thread
Other:
- canSendNudge: Whether the user can send nudges to other users in the room

Error (any HTTP error code)

JSON response example:

{
    "errorText": "Wrong Bearer, please renew Web API Access Token",
    "httpStatusCode": 401
}

Explanation:

errorText: Contains a description of the failure
httpStatusCode: HTTP status code reflects the error type (e.g., 401 for unauthorized, 500 for internal error)

Related API

Room API - retrieve room information
User API - retrieve user information
Messages API - retrieve and send messages
Comments API - retrieve and send comments on messages
Attachments API - manage message attachments

All available Web API calls

Authentication with token – suitable for individual requests
Authentication with a username and password – suitable for maintaining a session to send multiple requests
Login with username and password – suitable for individual requests
Logout the current user – terminate the current session
Getting user status – check the current user's authentication and session status
Users API – retrieve user information
Rooms API – retrieve room information
Messages API – retrieve and send messages
Comments API – retrieve and send comments on messages
Attachments API – manage message attachments
Events API – receive real-time updates about changes on the server
Permissions API – retrieve user permissions in rooms
Server Health API – check the health status of the Virola Server