rest api AML

Is it possible to send body with AML to rest api and get aml response?

I could create a method that accepts string and parse the aml and reply but not sure how that would apply on the rights (trying to get only the items the logged in user can see, not the items that the user under which the method will be called - assuming "credentials" are not forwarded)

  • You can pass in the AML and the IdentityName of that user and use the following code:

    var identityName = "Administrators";
    var identity = Aras.Server.Security.Identity.GetByName(identityName);
    bool permissionWasSet = false;
    try
    {
      permissionWasSet = Aras.Server.Security.Permissions.GrantIdentity(identity);
      return item.apply();
    }
    finally
    {
    if (permissionWasSet)
    {
      Aras.Server.Security.Permissions.RevokeIdentity(identity);
    }

  • hey thank you for the help! I was thinking more in the lines of having identity "persisted" since i need to execute code as the user calling it. We have requirement of keeping stuff secure as in ...users can only see what they can actually see. Strict rules:)