For drafts, reviews and page planning, it is possible to delegate printformer access control to the external system. To do this, the remoteAcl flag must be set to true during creation.

For example, if the user with the UserIdentifier CBDAajZb tries to open the draft with the DraftId  2c0b3d4664350f2ff5a2ac539aeacf0e, the printformer executes a request to the URL stored in the admin (Integrations > API-Keys > Client selection > API > Remote ACL URL) according to the following scheme:

Request

JSON-RequestBody printformer > external system

{
  "actions": [
    {
      "action": "editorView",
      "entityType": "draft",
      "entityIdentifier": "2c0b3d4664350f2ff5a2ac539aeacf0e",
      "userIdentifier": "CBDAajZb"
    }
  ]
}
CODE

Response

JSON-ResponseBody external system > printformer

{
  "actions": [
    {
      "action": "editorView",
      "entityType": "draft",
      "entityIdentifier": "2c0b3d4664350f2ff5a2ac539aeacf0e",
      "userIdentifier": "CBDAajZb",
      "allowAction": true
    }
  ]
}
CODE

  • The request is sent with the HTTP method POST and the Content-Type header application/json 

  • The difference between request and response should only be the addition of the allowAction value to the actions

  • A request-response cycle can be used to check the access rights of different users to different entities

  • If the allowAction value is missing in the response or an error occurs, the check is always evaluated negatively.

Actions per EntityType

EntityType

Action

draft
CODE 
editorView
CODE

Opening a draft in the editor

draft
CODE 
editorUpdate
CODE

Changing a draft in the editor

review

view

Opening a review

review

finish

Reviewer marks review as finished

review

end

Finishing a review