WebDAV Client Permissions

WebDav client permissions enable you to configure which API clients can access your WebDAV files. These permissions also give you fine-grained control over which directories each client can access. You configure these permissions in Business Manager by creating a JSON configuration document that conforms to the format described below.

Configuring WebDAV Client Permissions in Business Manager

To configure WebDAV client permissions:

  1. Select Administration > Organization > WebDAV Client Permissions.
  2. In the large text field, edit the JSON document configuration as described below.
  3. Click Save.

JSON Document Format

The following example shows the format of the JSON configuration document:

{  
   "clients":[  
      {  
         "client_id":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
         "permissions":[  
            {  
               "path":"/impex/src/foo",
               "operations":[  
                  "read_write"
               ]
            },
            {  
               "path":"/impex/src/logs",
               "operations":[  
                  "read"
               ]
            },
            {  
               "path":"/catalogs",
               "operations":[  
                  "read"
               ]
            }
         ]
      },
      {  
         "client_id":"aaaaaaaaaaaaaaaaaaaaaaaaaaaaab",
         "permissions":[  
            {  
               "path":"/impex/",
               "operations":[  
                  "read_write"
               ]
            }
         ]
      }
   ]
}

Configuration Document

Use this document to configure WebDAV client permissions for multiple client applications in the context of your organization.

Property Type Constraints Description
clients [Client] N/A Array of client-specific permission documents.

Client Document

Use this document to define WebDAV permissions for a client application.

Property Type Constraints Description
client_id String mandatory=true, nullable=false The client ID indicating the API client for which the permissions are configured.
permissions [Permissions] mandatory=true, nullable=false Array of directory-based permissions documents. Multiple permissions paths can't intersect each other; for example, the following two paths intersect and are therefore invalid: /impex/src and /impex/src/foo.

Permissions Document

Use this document to configure WebDAV permissions.

Property Type Constraints Description
path String mandatory=true, nullable=false. The path must begin with /impex, /catalogs, /dynamic, /libraries, /logs, or /static Directory for which the WebDav permission is granted, including all subdirectories. File-specific permissions are not permitted.
operation [String] mandatory=true, nullable=false, minItems=1

Array of operations granted on this directory. Possible values are read and read_write.

Read-only WebDAV commands are GET, OPTIONS, PROPFIND.

Read-write WebDAV commands are COPY, MOVE, DELETE, MKCOL, PUT, POST, PROPPATCH, ZIP, and UNZIP.

To use the COPY command, the client needs read permissions for the source directory and read_write permissions for the target directory. To use the MOVE command, the client needs read_write permissions for both the source and target directories.

Staging

You can replicate WebDAV client permissions to Production instances using the Global > WebDAV Client Permission option within the replication tasks (select Administration > Replication > Data Replication).

Import/Export

WebDAV client permissions can be exported by selecting Global Data > WebDAV Client Permissions in the import/export tree (select Administration > Site Development > Site Import & Export). The configuration file location within the generated .zip file is webdav/client_permissions.json.

Change History

Auditing will be turned on if Change History is enabled and Sites & Preferences is being audited. Change entries are tracked as organization type within the sites scope.