REST API reference
Delete a SACL or DACL ACL
Suggest changes
-
PDF of this doc site
Collection of separate PDF docs
Creating your file...
DELETE /protocols/file-security/permissions/{svm.uuid}/{path}/acl/{user}
Introduced In: 9.9
Deletes the SACL/DACL ACL
Related ONTAP commands
-
vserver security file-directory ntfs dacl remove -
vserver security file-directory ntfs sacl remove
Parameters
| Name | Type | In | Required | Description |
|---|---|---|---|---|
path |
string |
path |
True |
path |
user |
string |
path |
True |
User Name |
return_timeout |
integer |
query |
False |
The number of seconds to allow the call to execute before returning. When doing a POST, PATCH, or DELETE operation on a single record, the default is 0 seconds. This means that if an asynchronous operation is started, the server immediately returns HTTP code 202 (Accepted) along with a link to the job. If a non-zero value is specified for POST, PATCH, or DELETE operations, ONTAP waits that length of time to see if the job completes so it can return something other than 202.
|
svm.uuid |
string |
path |
True |
UUID of the SVM to which this object belongs. |
Request Body
| Name | Type | Description |
|---|---|---|
access |
string |
Specifies whether the ACL is for DACL or SACL. The available values are:
|
apply_to |
Specifies where to apply the DACL or SACL entries. You can specify more than one value by using a comma-delimited list. |
|
ignore_paths |
array[string] |
Specifies that permissions on this file or directory cannot be replaced. |
propagation_mode |
string |
Specifies how to propagate security settings to child subfolders and files. This setting determines how child files/folders contained within a parent folder inherit access control and audit information from the parent folder. The available values are:
|
Example request
{
"access": "access_allow",
"ignore_paths": [
"/dir1/dir2/",
"/parent/dir3"
],
"propagation_mode": "propagate"
}Response
Status: 202, Accepted| Name | Type | Description |
|---|---|---|
job |
Example response
{
"job": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"uuid": "string"
}
}Error
Status: Default, Error| Name | Type | Description |
|---|---|---|
error |
Example error
{
"error": {
"arguments": {
"code": "string",
"message": "string"
},
"code": "4",
"message": "entry doesn't exist",
"target": "uuid"
}
}Definitions
See Definitions
apply_to
Specifies where to apply the DACL or SACL entries. You can specify more than one value by using a comma-delimited list.
| Name | Type | Description |
|---|---|---|
files |
boolean |
Apply to Files |
sub_folders |
boolean |
Apply to all sub-folders |
this_folder |
boolean |
Apply only to this folder |
acl_delete
Manages the DACLS or SACLS.
| Name | Type | Description |
|---|---|---|
access |
string |
Specifies whether the ACL is for DACL or SACL. The available values are:
|
apply_to |
Specifies where to apply the DACL or SACL entries. You can specify more than one value by using a comma-delimited list. |
|
ignore_paths |
array[string] |
Specifies that permissions on this file or directory cannot be replaced. |
propagation_mode |
string |
Specifies how to propagate security settings to child subfolders and files. This setting determines how child files/folders contained within a parent folder inherit access control and audit information from the parent folder. The available values are:
|
href
| Name | Type | Description |
|---|---|---|
href |
string |
_links
| Name | Type | Description |
|---|---|---|
self |
job_link
| Name | Type | Description |
|---|---|---|
_links |
||
uuid |
string |
The UUID of the asynchronous job that is triggered by a POST, PATCH, or DELETE operation. |
error_arguments
| Name | Type | Description |
|---|---|---|
code |
string |
Argument code |
message |
string |
Message argument |
error
| Name | Type | Description |
|---|---|---|
arguments |
array[error_arguments] |
Message arguments |
code |
string |
Error code |
message |
string |
Error message |
target |
string |
The target parameter that caused the error. |