Carbonio SOAP API Reference 24.9.5_ZEXTRAS

Command: GrantRight
Namespace: urn:zimbraAdmin
Description: Grant a right on a target to an individual or group grantee.

Properties:

Authorization token required	true
Admin Authorization token required	true

GrantRightRequest

    <GrantRightRequest> ## GrantRightRequest
        <target
                   type="{target-type} (account | calresource | cos | dl | group | domain | server | xmppcomponent | zimlet | config | global)"
                   [by="{target-selector-by} (id | name)"]>{value}</target> ## EffectiveRightsTargetSelector
        <grantee [type="{grantee-type} (usr | grp | egp | all | dom | edom | gst | key | pub | email)"]
                    [by="{grantee-selector-by} (id | name)"] [secret="{secret}"] [all="{all-flag} (0|1)"]>{key}</grantee> ## GranteeSelector
        <right [deny="{deny-flag} (0|1)"] [canDelegate="{can-delegate-flag} (0|1)"]
                  [disinheritSubGroups="{disinheritSubGroups-flag} (0|1)"] [subDomain="{subdomain-flag} (0|1)"]>{value}</right> ## RightModifierInfo
    </GrantRightRequest>

elements and attributes you can define within a <GrantRightRequest> element:

XPath

Required / Optional

Description

/target

Required (only 1)

Type: {value}
Target selector
Description for element text content:The key used to identify the target. Meaning determined by {target-selector-by}

/target@type

Required (only 1)

/target@by

Optional (0 or 1)

Type: id | name
Select the meaning of {target-selector-key}

/grantee

Required (only 1)

Type: {key}
Grantee selector
Description for element text content:The key used to identify the grantee. Meaning determined by {grantee-selector-by}

/grantee@type

Optional (0 or 1)

Type: usr | grp | egp | all | dom | edom | gst | key | pub | email
Grantee type

usr	Zimbra User
grp	Zimbra Group (distribution list)
egp	an external AD group
dom	Zimbra domain
edom	non-Zimbra domain (used with sendToDistList right)
all	all authenticated users
gst	non-Zimbra email address and password
key	external user with accesskey
pub	public authenticated and unauthenticated access
email	Pseudo grantee type. Granting code will map to usr/grp/egp or gst

/grantee@by

Optional (0 or 1)

Type: id | name
Select the meaning of {grantee-selector-key}

/grantee@secret

Optional (0 or 1)

Type: String
Password for guest grantee or the access key for key grantee For user right only

/grantee@all

Optional (0 or 1)

Type: 0|1
For GetGrantsRequest, selects whether to include grants granted to groups the specified grantee belongs to. Default is 1 (true)

/right

Required (only 1)

Type: {value}
Right
Description for element text content:Value is of the form : {right-name} | {inline-right} where
{right-name} = a system defined right name
{inline-right} = {op}.{target-type}.{attr-name}
{op} = set | get
{attr-name} = a valid attribute name on the specified target type

/right@deny

Optional (0 or 1)

Type: 0|1
Deny flag - default is 0 (false)

/right@canDelegate

Optional (0 or 1)

Type: 0|1
Flag whether can delegate - default is 0 (false)

/right@disinheritSubGroups

Optional (0 or 1)

Type: 0|1
disinheritSubGroups flag - default is 0 (false)

/right@subDomain

Optional (0 or 1)

Type: 0|1
subDomain flag - default is 0 (false)

Service: zimbraAdmin

GrantRightRequest

GrantRightResponse