Skip to main content
Call this API to remove user permissions from a Knowledge Base, Knowledge Base node, or Drive file, based on the file UUID, operator unionId, and permission ID.

Request

Basic information

FieldValue
HTTP URLhttps://api.dingtalk.io/v2.0/storage/spaces/dentries/{dentryUuid}/permissions/remove
HTTP MethodPOST
Supported app typeappType-Internal app
Permission scopepermission-Storage.Permission.Write-Write permission for organization storage authorization information

Request header

NameTypeRequiredDescription
x-acs-dingtalk-access-tokenStringYesThe access credential for calling this API. To obtain the value, call the Get the access token of an internal app API.

Path parameter

NameTypeRequiredDescription
dentryUuidStringYesThe file UUID. To obtain this value, call the File Search API or the Get dentryUuid API, and read the dentryUuid field from the response.

Query parameter

NameTypeRequiredDescription
unionIdStringYesThe user unionId.

Request body

NameTypeRequiredDescription
roleIdStringYesThe role ID. Enum values: - OWNER: Owner. Includes the following permission scopes: - PermissionPrivilegeEnum.INFO - PermissionPrivilegeEnum.LIST - PermissionPrivilegeEnum.PREVIEW - PermissionPrivilegeEnum.READ - PermissionPrivilegeEnum.WRITE - PermissionPrivilegeEnum.DOWNLOAD - PermissionPrivilegeEnum.ADD - PermissionPrivilegeEnum.DELETE - PermissionPrivilegeEnum.MODIFY - PermissionPrivilegeEnum.COPY - PermissionPrivilegeEnum.RENAME - PermissionPrivilegeEnum.READ_PERMISSION - PermissionPrivilegeEnum.WRITE_PERMISSION - PermissionPrivilegeEnum.ASSIGN - MANAGER: Manager. Includes the following permission scopes: - PermissionPrivilegeEnum.INFO - PermissionPrivilegeEnum.LIST - PermissionPrivilegeEnum.PREVIEW - PermissionPrivilegeEnum.READ - PermissionPrivilegeEnum.WRITE - PermissionPrivilegeEnum.DOWNLOAD - PermissionPrivilegeEnum.ADD - PermissionPrivilegeEnum.DELETE - PermissionPrivilegeEnum.MODIFY - PermissionPrivilegeEnum.COPY - PermissionPrivilegeEnum.RENAME - PermissionPrivilegeEnum.READ_PERMISSION - PermissionPrivilegeEnum.WRITE_PERMISSION - EDITOR: Editor. Includes the following permission scopes: - PermissionPrivilegeEnum.INFO - PermissionPrivilegeEnum.LIST - PermissionPrivilegeEnum.PREVIEW - PermissionPrivilegeEnum.READ - PermissionPrivilegeEnum.WRITE - PermissionPrivilegeEnum.DOWNLOAD - PermissionPrivilegeEnum.ADD - DOWNLOADER: Viewer with download permission. Includes the following permission scopes: - PermissionPrivilegeEnum.INFO - PermissionPrivilegeEnum.LIST - PermissionPrivilegeEnum.PREVIEW - PermissionPrivilegeEnum.READ - PermissionPrivilegeEnum.DOWNLOAD - READER: View-only. Includes the following permission scopes: - PermissionPrivilegeEnum.INFO - PermissionPrivilegeEnum.LIST - PermissionPrivilegeEnum.PREVIEW
membersArrayYesThe list of permission members. Up to 30 members are supported.
typeStringYesThe type of the permission member. Enum values: - ORG: Organization - DEPT: Department - TAG: Custom tag - CONVERSATION: Chat - USER: User
idStringYesThe ID of the permission member: - When type=ORG, the value is the organization ID. - When type=DEPT, the value is the department ID. - When type=TAG, the value is the tag ID. - When type=CONVERSATION, the value is the chat ID. - When type=USER, the value is the employee userId.
corpIdStringNoThe organization to which the permission belongs. - If an organization ID is provided, the permission is automatically removed when the corresponding member leaves the organization. - If memberType is dept, the organization ID is required.

Request example

HTTP 
POST /v2.0/storage/spaces/dentries/EpGBaxxxxgN7R35y/permissions/remove?unionId=tXguNxxxxiE HTTP/1.1
Host:api.dingtalk.io
x-acs-dingtalk-access-token:access_token
Content-Type:application/json

{
  "roleId" : "MANAGER",
  "members" : [ {
    "type" : "USER",
    "id" : "01472825524039877041",
    "corpId" : "ding16b241fd05********288"
  } ]
}
Java 
package com.aliyun.sample;

import com.aliyun.tea.*;

public class Sample {

    /**
     * <b>description</b> :
     * <p>Initialize the account Client using a token</p>
     * @return Client
     * 
     * @throws Exception
     */
    public static com.aliyun.dingtalkstorage_2_0.Client createClient() throws Exception {
        com.aliyun.teaopenapi.models.Config config = new com.aliyun.teaopenapi.models.Config();
        config.protocol = "https";
        config.regionId = "central";
        return new com.aliyun.dingtalkstorage_2_0.Client(config);
    }

    public static void main(String[] args_) throws Exception {
        
        com.aliyun.dingtalkstorage_2_0.Client client = Sample.createClient();
        com.aliyun.dingtalkstorage_2_0.models.DeletePermissionHeaders deletePermissionHeaders = new com.aliyun.dingtalkstorage_2_0.models.DeletePermissionHeaders();
        deletePermissionHeaders.xAcsDingtalkAccessToken = "<your access token>";
        com.aliyun.dingtalkstorage_2_0.models.DeletePermissionRequest.DeletePermissionRequestMembers members0 = new com.aliyun.dingtalkstorage_2_0.models.DeletePermissionRequest.DeletePermissionRequestMembers()
                .setType("USER")
                .setId("01472825524039877041")
                .setCorpId("ding16b241fd05********288");
        com.aliyun.dingtalkstorage_2_0.models.DeletePermissionRequest deletePermissionRequest = new com.aliyun.dingtalkstorage_2_0.models.DeletePermissionRequest()
                .setUnionId("tXguNxxxxiE")
                .setRoleId("MANAGER")
                .setMembers(java.util.Arrays.asList(
                    members0
                ));
        try {
            client.deletePermissionWithOptions("EpGBaxxxxgN7R35y", deletePermissionRequest, deletePermissionHeaders, new com.aliyun.teautil.models.RuntimeOptions());
        } catch (TeaException err) {
            if (!com.aliyun.teautil.Common.empty(err.code) && !com.aliyun.teautil.Common.empty(err.message)) {
                // err contains the code and message Attribute, which can help with troubleshooting
            }

        } catch (Exception _err) {
            TeaException err = new TeaException(_err.getMessage(), _err);
            if (!com.aliyun.teautil.Common.empty(err.code) && !com.aliyun.teautil.Common.empty(err.message)) {
                // err contains the code and message Attribute, which can help with troubleshooting
            }

        }        
    }
}
Python 
# -*- coding: utf-8 -*-
# This file is auto-generated, don't edit it. Thanks.
import os
import sys
import json

from typing import List

from alibabacloud_dingtalk.storage_2_0.client import Client as dingtalkstorage_2_0Client
from alibabacloud_tea_openapi import models as open_api_models
from alibabacloud_dingtalk.storage_2_0 import models as dingtalkstorage__2__0_models
from alibabacloud_tea_util import models as util_models
from alibabacloud_tea_util.client import Client as UtilClient

class Sample:
    def __init__(self):
        pass

    @staticmethod
    def create_client() -> dingtalkstorage_2_0Client:
        """
        Initialize the account Client using a token
        @return: Client
        @throws Exception
        """
        config = open_api_models.Config()
        config.protocol = 'https'
        config.region_id = 'central'
        return dingtalkstorage_2_0Client(config)

    @staticmethod
    def main(
        args: List[str],
    ) -> None:
        client = Sample.create_client()
        delete_permission_headers = dingtalkstorage__2__0_models.DeletePermissionHeaders()
        delete_permission_headers.x_acs_dingtalk_access_token = '<your access token>'
        members_0 = dingtalkstorage__2__0_models.DeletePermissionRequestMembers(
            type='USER',
            id='01472825524039877041',
            corp_id='ding16b241fd05********288'
        )
        delete_permission_request = dingtalkstorage__2__0_models.DeletePermissionRequest(
            union_id='tXguNxxxxiE',
            role_id='MANAGER',
            members=[
                members_0
            ]
        )
        try:
            client.delete_permission_with_options('EpGBaxxxxgN7R35y', delete_permission_request, delete_permission_headers, util_models.RuntimeOptions())
        except Exception as err:
            if not UtilClient.empty(err.code) and not UtilClient.empty(err.message):
                # err contains the code and message Attribute, which can help with troubleshooting
                pass

    @staticmethod
    async def main_async(
        args: List[str],
    ) -> None:
        client = Sample.create_client()
        delete_permission_headers = dingtalkstorage__2__0_models.DeletePermissionHeaders()
        delete_permission_headers.x_acs_dingtalk_access_token = '<your access token>'
        members_0 = dingtalkstorage__2__0_models.DeletePermissionRequestMembers(
            type='USER',
            id='01472825524039877041',
            corp_id='ding16b241fd05********288'
        )
        delete_permission_request = dingtalkstorage__2__0_models.DeletePermissionRequest(
            union_id='tXguNxxxxiE',
            role_id='MANAGER',
            members=[
                members_0
            ]
        )
        try:
            await client.delete_permission_with_options_async('EpGBaxxxxgN7R35y', delete_permission_request, delete_permission_headers, util_models.RuntimeOptions())
        except Exception as err:
            if not UtilClient.empty(err.code) and not UtilClient.empty(err.message):
                # err contains the code and message Attribute, which can help with troubleshooting
                pass

if __name__ == '__main__':
    Sample.main(sys.argv[1:])
PHP 
<?php

// This file is auto-generated, don't edit it. Thanks.
namespace AlibabaCloud\SDK\Sample;

use AlibabaCloud\SDK\Dingtalk\Vstorage_2_0\Dingtalk;
use \Exception;
use AlibabaCloud\Tea\Exception\TeaError;
use AlibabaCloud\Tea\Utils\Utils;

use Darabonba\OpenApi\Models\Config;
use AlibabaCloud\SDK\Dingtalk\Vstorage_2_0\Models\DeletePermissionHeaders;
use AlibabaCloud\SDK\Dingtalk\Vstorage_2_0\Models\DeletePermissionRequest\members;
use AlibabaCloud\SDK\Dingtalk\Vstorage_2_0\Models\DeletePermissionRequest;
use AlibabaCloud\Tea\Utils\Utils\RuntimeOptions;

class Sample {

    /**
     * Initialize the account Client using a token
     * @return Dingtalk Client
     */
    public static function createClient(){
        $config = new Config([]);
        $config->protocol = "https";
        $config->regionId = "central";
        return new Dingtalk($config);
    }

    /**
     * @param string[] $args
     * @return void
     */
    public static function main($args){
        $client = self::createClient();
        $deletePermissionHeaders = new DeletePermissionHeaders([]);
        $deletePermissionHeaders->xAcsDingtalkAccessToken = "<your access token>";
        $members0 = new members([
            "type" => "USER",
            "id" => "01472825524039877041",
            "corpId" => "ding16b241fd05********288"
        ]);
        $deletePermissionRequest = new DeletePermissionRequest([
            "unionId" => "tXguNxxxxiE",
            "roleId" => "MANAGER",
            "members" => [
                $members0
            ]
        ]);
        try {
            $client->deletePermissionWithOptions("EpGBaxxxxgN7R35y", $deletePermissionRequest, $deletePermissionHeaders, new RuntimeOptions([]));
        }
        catch (Exception $err) {
            if (!($err instanceof TeaError)) {
                $err = new TeaError([], $err->getMessage(), $err->getCode(), $err);
            }
            if (!Utils::empty_($err->code) && !Utils::empty_($err->message)) {
                // err contains the code and message Attribute, which can help with troubleshooting
            }
        }
    }
}
$path = __DIR__ . \DIRECTORY_SEPARATOR . '..' . \DIRECTORY_SEPARATOR . 'vendor' . \DIRECTORY_SEPARATOR . 'autoload.php';
if (file_exists($path)) {
    require_once $path;
}
Sample::main(array_slice($argv, 1));
Go 
package main

import (
  "encoding/json"
  "strings"
  "fmt"
  "os"
  util  "github.com/alibabacloud-go/tea-utils/v2/service"
  dingtalkstorage_2_0  "github.com/alibabacloud-go/dingtalk/storage_2_0"
  openapi  "github.com/alibabacloud-go/darabonba-openapi/v2/client"
  "github.com/alibabacloud-go/tea/tea"
)

// Description:
// 
// Initialize the account Client using a token
// 
// @return Client
// 
// @throws Exception
func CreateClient () (_result *dingtalkstorage_2_0.Client, _err error) {
  config := &openapi.Config{}
  config.Protocol = tea.String("https")
  config.RegionId = tea.String("central")
  _result = &dingtalkstorage_2_0.Client{}
  _result, _err = dingtalkstorage_2_0.NewClient(config)
  return _result, _err
}

func _main (args []*string) (_err error) {
  client, _err := CreateClient()
  if _err != nil {
    return _err
  }

  deletePermissionHeaders := &dingtalkstorage_2_0.DeletePermissionHeaders{}
  deletePermissionHeaders.XAcsDingtalkAccessToken = tea.String("<your access token>")
  members0 := &dingtalkstorage_2_0.DeletePermissionRequestMembers{
    Type: tea.String("USER"),
    Id: tea.String("01472825524039877041"),
    CorpId: tea.String("ding16b241fd05********288"),
  }
  deletePermissionRequest := &dingtalkstorage_2_0.DeletePermissionRequest{
    UnionId: tea.String("tXguNxxxxiE"),
    RoleId: tea.String("MANAGER"),
    Members: []*dingtalkstorage_2_0.DeletePermissionRequestMembers{members0},
  }
  tryErr := func()(_e error) {
    defer func() {
      if r := tea.Recover(recover()); r != nil {
        _e = r
      }
    }()
    _, _err = client.DeletePermissionWithOptions(tea.String("EpGBaxxxxgN7R35y"), deletePermissionRequest, deletePermissionHeaders, &util.RuntimeOptions{})
    if _err != nil {
      return _err
    }

    return nil
  }()

  if tryErr != nil {
    var err = &tea.SDKError{}
    if _t, ok := tryErr.(*tea.SDKError); ok {
      err = _t
    } else {
      err.Message = tea.String(tryErr.Error())
    }
    if !tea.BoolValue(util.Empty(err.Code)) && !tea.BoolValue(util.Empty(err.Message)) {
      // err contains the code and message Attribute, which can help with troubleshooting
    }

  }
  return _err
}

func main() {
  err := _main(tea.StringSlice(os.Args[1:]))
  if err != nil {
    panic(err)
  }
}
Node.js 
'use strict';
// This file is auto-generated, don't edit it
const Util = require('@alicloud/tea-util');
const dingtalkstorage_2_0 = require('@alicloud/dingtalk/storage_2_0');
const OpenApi = require('@alicloud/openapi-client');
const Tea = require('@alicloud/tea-typescript');

class Client {

  /**
   * Initialize the account Client using a token
   * @return Client
   * @throws Exception
   */
  static createClient() {
    let config = new OpenApi.Config({ });
    config.protocol = 'https';
    config.regionId = 'central';
    return new dingtalkstorage_2_0.default(config);
  }

  static async main(args) {
    let client = Client.createClient();
    let deletePermissionHeaders = new dingtalkstorage_2_0.DeletePermissionHeaders({ });
    deletePermissionHeaders.xAcsDingtalkAccessToken = '<your access token>';
    let members0 = new dingtalkstorage_2_0.DeletePermissionRequestMembers({
      type: 'USER',
      id: '01472825524039877041',
      corpId: 'ding16b241fd05********288',
    });
    let deletePermissionRequest = new dingtalkstorage_2_0.DeletePermissionRequest({
      unionId: 'tXguNxxxxiE',
      roleId: 'MANAGER',
      members: [
        members0
      ],
    });
    try {
      await client.deletePermissionWithOptions('EpGBaxxxxgN7R35y', deletePermissionRequest, deletePermissionHeaders, new Util.RuntimeOptions({ }));
    } catch (err) {
      if (!Util.default.empty(err.code) && !Util.default.empty(err.message)) {
        // err contains the code and message Attribute, which can help with troubleshooting
      }

    }    
  }

}

exports.Client = Client;
Client.main(process.argv.slice(2));
C# 
using Newtonsoft.Json;
using System;
using System.Collections;
using System.Collections.Generic;
using System.IO;
using System.Threading.Tasks;

using Tea;
using Tea.Utils;

namespace AlibabaCloud.SDK.Sample
{
    public class Sample 
    {

        /// <term><b>Description:</b></term>
        /// <description>
        /// <para>Initialize the account Client using a token</para>
        /// </description>
        /// 
        /// <returns>
        /// Client
        /// </returns>
        /// 
        /// <term><b>Exception:</b></term>
        /// Exception
        public static AlibabaCloud.SDK.Dingtalkstorage_2_0.Client CreateClient()
        {
            AlibabaCloud.OpenApiClient.Models.Config config = new AlibabaCloud.OpenApiClient.Models.Config();
            config.Protocol = "https";
            config.RegionId = "central";
            return new AlibabaCloud.SDK.Dingtalkstorage_2_0.Client(config);
        }

        public static void Main(string[] args)
        {
            AlibabaCloud.SDK.Dingtalkstorage_2_0.Client client = CreateClient();
            AlibabaCloud.SDK.Dingtalkstorage_2_0.Models.DeletePermissionHeaders deletePermissionHeaders = new AlibabaCloud.SDK.Dingtalkstorage_2_0.Models.DeletePermissionHeaders();
            deletePermissionHeaders.XAcsDingtalkAccessToken = "<your access token>";
            AlibabaCloud.SDK.Dingtalkstorage_2_0.Models.DeletePermissionRequest.DeletePermissionRequestMembers members0 = new AlibabaCloud.SDK.Dingtalkstorage_2_0.Models.DeletePermissionRequest.DeletePermissionRequestMembers
            {
                Type = "USER",
                Id = "01472825524039877041",
                CorpId = "ding16b241fd05********288",
            };
            AlibabaCloud.SDK.Dingtalkstorage_2_0.Models.DeletePermissionRequest deletePermissionRequest = new AlibabaCloud.SDK.Dingtalkstorage_2_0.Models.DeletePermissionRequest
            {
                UnionId = "tXguNxxxxiE",
                RoleId = "MANAGER",
                Members = new List<AlibabaCloud.SDK.Dingtalkstorage_2_0.Models.DeletePermissionRequest.DeletePermissionRequestMembers>
                {
                    members0
                },
            };
            try
            {
                client.DeletePermissionWithOptions("EpGBaxxxxgN7R35y", deletePermissionRequest, deletePermissionHeaders, new AlibabaCloud.TeaUtil.Models.RuntimeOptions());
            }
            catch (TeaException err)
            {
                if (!AlibabaCloud.TeaUtil.Common.Empty(err.Code) && !AlibabaCloud.TeaUtil.Common.Empty(err.Message))
                {
                    // err contains the code and message Attribute, which can help with troubleshooting
                }
            }
            catch (Exception _err)
            {
                TeaException err = new TeaException(new Dictionary<string, object>
                {
                    { "message", _err.Message }
                });
                if (!AlibabaCloud.TeaUtil.Common.Empty(err.Code) && !AlibabaCloud.TeaUtil.Common.Empty(err.Message))
                {
                    // err contains the code and message Attribute, which can help with troubleshooting
                }
            }
        }

    }
}

Response

Response body

NameTypeDescription
successBooleanWhether the operation succeeded.

Response body example

HTTP/1.1 200 OK
Content-Type:application/json

{
  "success" : true
}

Error codes

If an error is returned when you call this API, refer to the Global error codes documentation for solutions.
HttpCodeError codeError messageDescription
400paramError%sParameter error
400paramError.dentryUuid%sParameter error - dentryUuid
400paramError.roleId%sParameter error - roleId
400paramError.permissionMemberType%sParameter error - permissionMemberType
403permissionDenied%sThe user lacks the required permission.
404spaceNotExist%sThe space does not exist.
404dentryNotExist%sThe file does not exist.
500systemError%sSystem error
500unknownErrorUnknown ErrorUnknown error
503operationTimeout%sRequest timeout