The Space Role Object

An object that represents a space role. You can manage custom roles, and set permissions to stories, blocks, assets, and more.

Properties

• id number

  Numeric ID of a space role.

• allowed_paths number[]

  An array of story IDs that the role can access. If none is selected, all stories are accessible.

• blocked_paths number[]

  An array of story IDs that the role cannot access. If none is selected, all stories are accessible.

• resolved_allowed_paths string[]

  Slugs of the stories listed in allowed_paths.

• resolved_blocked_paths string[]

  Slugs of the stories listed in blocked_paths.

• allowed_field_permissions string[]

  An array of fields visible to this role (based on the block schema). If none is selected, all fields are visible.

• field_permissions string[]

  An array of fields hidden from this role (based on the block schema). If none is selected, all fields are visible.

• readonly_field_permissions string[]

  An array of read-only fields for this role (based on the block schema). If none is selected, users associated with this role can update all fields.

• permissions enum[]

  An array of strings that define the role’s permissions. The following table includes all supported parameters.

  Permission	Description
  read_stories	Read-only access to stories
  save_stories	Edit and save stories
  publish_stories	Publish stories
  unpublish_stories	Unpublish stories
  publish_folders	Publish folders (including stories contained within)
  unpublish_folders	Unpublish folders (including stories contained within)
  deploy_stories	Deploy pipeline stories
  delete_stories	Permanently delete stories
  allow_space_duplication	Can duplicate the space (learn more in the Duplicate space reference page)
  edit_image	Edit images in the Image Editor
  view_composer	Use the Visual Editor
  change_alternate_group	Change alternate content groupings (for internationalization or variants)
  move_story	Move stories between folders
  edit_story_slug	Edit a story URL
  force_release	A story must be part of a release (requires the Releases App)
  private_releases_full_access	Grant full access to any private release (requires the Releases App)
  view_content	If checked, hides all stories except those defined in allowed_paths (Permissions → Content → Folder/Content item permissions)
  view_folders	If checked, hides all folders except those defined in allowed_paths (Permissions → Content → Folder/Content item permissions)
  view_draft_json	View the draft JSON payload of stories
  view_published_json	View the published JSON payload of stories
  manage_tags	Create, edit, or delete tags
  edit_datasources	Edit datasources
  edit_datasource_keys	Edit datasources keys
  access_commerce	Access e-commerce features (if available)
  access_tasks	Access tasks (requires the Tasks App)
  execute_tasks	Trigger tasks (requires the Tasks App)
  create_tasks	Create new tasks (requires the Tasks App)
  delete_tasks	Delete existing tasks (requires the Tasks App)
  edit_tasks	Edit existing tasks (requires the Tasks App)
  restrict_dimensionsapp	Cannot access the Dimensions App functionalities (requires the Dimensions App)
  restrict_dimensionsapp_clone	Cannot perform a Clone action within the Dimensions App (requires the Dimensions App)
  restrict_dimensionsapp_overwrite	Cannot perform an Overwrite action within the Dimensions App (requires the Dimensions App)
  restrict_dimensionsapp_merge	Cannot perform a Merge action within the Dimensions App (requires the Dimensions App)
  manage_concepts	Create, edit, or delete concepts (if the Concept Room is enabled)
  manage_block_library	Create, move, and edit blocks and folders
  apply_to_block_subfolders	Apply block-related permissions to sub-items (folders and blocks)
  deny_uploading_assets	Cannot upload assets
  deny_editing_assets	Cannot edit assets
  deny_deleting_assets	Cannot delete assets
  deny_moving_assets	Cannot upload assets
  deny_creating_asset_folders	Cannot create new asset folders
  deny_updating_asset_folders	Cannot change existing asset folders
  deny_moving_asset_folders	Cannot move assets between folders
  deny_deleting_asset_folders	Cannot delete existing asset folders
  manage-non-translatable-fields	Edit non-translatable fields only in the default language
  deny_component_technical_name_update	Cannot change a block’s technical name
  deny_component_fields_name_update	Cannot change a field’s technical name
  hide_asset_folders	If checked, hides all assets and folders except those defined in asset_folder_ids (Permissions → Assets → Asset Folder Permissions)

• role string

  The name of the role. Can be admin, editor, or a custom role.

• subtitle string

  Description of the role.

• datasource_ids number[]

  An array of datasource IDs that the role can access. If none is selected, all datasources are accessible.

• blocked_datasource_ids number[]

  An array of datasource IDs that the role cannot access. If none is selected, all datasources are accessible.

• allowed_component_ids number[]

  An array of block (component) IDs that the role can add to the Visual Editor. If none is selected, users associated with this role can add all components.

• component_ids number[]

  An array of block (component) IDs that the role cannot add to the Visual Editor. If none is selected, users associated with this role can add all components.

• component_group_uuids string[]

  An array of block folders (component groups) UUIDs that the role can add to the Visual Editor. If none is selected, users associated with this role can add all component groups.

• blocked_component_group_uuids string[]

  An array of block folders (component groups) UUIDs that the role cannot add to the Visual Editor. If none is selected, users associated with this role can add all component groups.

• managed_component_ids number[]

  An array of block (component) IDs that the role can edit, duplicate, or delete. If none is selected, users associated with this role can manage all components.

• blocked_manage_component_ids number[]

  An array of block (component) IDs that the role cannot edit, duplicate, or delete. If none is selected, users associated with this role can manage all components.

• managed_component_group_uuids string[]

  An array of block folders (component groups) UUIDs that the role can edit, duplicate, or delete. If none is selected, users associated with this role can manage all block folders.

• blocked_manage_component_group_uuids string[]

  An array of block folders (component groups) UUIDs that the role cannot edit, duplicate, or delete. If none is selected, users associated with this role can manage all block folders.

• branch_ids number[]

  An array of pipeline IDs that the role can deploy. If none is selected, all pipelines are accessible.

• blocked_branch_ids number[]

  An array of pipeline IDs that the role cannot deploy. If none is selected, all pipelines are accessible.

• allowed_languages string[]

  An array of languages (represented by language codes) that the role can access. If none is selected, all languages are accessible.

• blocked_languages string[]

  An array of languages (represented by language codes) that the role cannot access. If none is selected, all languages are accessible.

• asset_folder_ids number[]

  An array of asset folders IDs that the role can access. If none is selected, all asset folders are accessible.

• blocked_asset_folder_ids number[]

  An array of asset folders IDs that the role cannot access. If none is selected, all asset folders are accessible.