Skip to main content
Call this API to update the file permissions of a permission user based on information such as the specified ID (file uuid, Knowledge Base rootNodeId, or Knowledge Base node nodeId), the operator’s unionId, and the permission role ID.

Request

Basic information

FieldValue
HTTP URLhttps://api.dingtalk.io/v2.0/storage/spaces/dentries/{dentryUuid}/permissions
HTTP MethodPUT
Supported app typeappType-Internal app
Permission requirementpermission-Storage.Permission.Write-Write permission for organization storage authorization information

Request header

NameTypeRequiredDescription
x-acs-dingtalk-access-tokenStringYesThe access credential used to call this API. Call the Get the access token of an internal app API to obtain it.

Path parameter

NameTypeRequiredDescription
dentryUuidStringYesThe file uuid. Call the File Search API or the Get dentryUuid information API to obtain the dentryUuid field from the response parameters.

Query parameter

NameTypeRequiredDescription
unionIdStringYesThe user unionId. Call the Query user details API to obtain it.

Request body

NameTypeRequiredDescription
roleIdStringYesThe role ID. Enum values: - OWNER: Owner, with the following permission scopes: - PermissionPrivilegeEnum.INFO - PermissionPrivilegeEnum.LIST - PermissionPrivilegeEnum.PREVIEW - PermissionPrivilegeEnum.READ - PermissionPrivilegeEnum.WRITE - PermissionPrivilegeEnum.DOWNLOAD - PermissionPrivilegeEnum.ADD - PermissionPrivilegeEnum.DELETE - PermissionPrivilegeEnum.MODIFY - PermissionPrivilegeEnum.COPY - PermissionPrivilegeEnum.RENAME - PermissionPrivilegeEnum.READ_PERMISSION - PermissionPrivilegeEnum.WRITE_PERMISSION - PermissionPrivilegeEnum.ASSIGN - MANAGER: Manager, with the following permission scopes: - PermissionPrivilegeEnum.INFO - PermissionPrivilegeEnum.LIST - PermissionPrivilegeEnum.PREVIEW - PermissionPrivilegeEnum.READ - PermissionPrivilegeEnum.WRITE - PermissionPrivilegeEnum.DOWNLOAD - PermissionPrivilegeEnum.ADD - PermissionPrivilegeEnum.DELETE - PermissionPrivilegeEnum.MODIFY - PermissionPrivilegeEnum.COPY - PermissionPrivilegeEnum.RENAME - PermissionPrivilegeEnum.READ_PERMISSION - PermissionPrivilegeEnum.WRITE_PERMISSION - EDITOR: Editor, with the following permission scopes: - PermissionPrivilegeEnum.INFO - PermissionPrivilegeEnum.LIST - PermissionPrivilegeEnum.PREVIEW - PermissionPrivilegeEnum.READ - PermissionPrivilegeEnum.WRITE - PermissionPrivilegeEnum.DOWNLOAD - PermissionPrivilegeEnum.ADD - DOWNLOADER: Viewer and downloader, with the following permission scopes: - PermissionPrivilegeEnum.INFO - PermissionPrivilegeEnum.LIST - PermissionPrivilegeEnum.PREVIEW - PermissionPrivilegeEnum.READ - PermissionPrivilegeEnum.DOWNLOAD - READER: View-only, with the following permission scopes: - PermissionPrivilegeEnum.INFO - PermissionPrivilegeEnum.LIST - PermissionPrivilegeEnum.PREVIEW
membersArrayYesThe list of permission users. The maximum size is 30.
typeStringYesThe permission user type. Enum values: - ORG: Organization - DEPT: Department - TAG: Custom tag - CONVERSATION: Chat - USER: User
idStringYesThe permission user ID: - When type=ORG, id is the organization ID. - When type=DEPT, id is the department ID. - When type=TAG, id is the tag ID. - When type=CONVERSATION, id is the chat ID. - When type=USER, id is the employee ID.
corpIdStringNoThe organization to which the permission belongs. - If an organization ID is provided, the permission is automatically cleared when the corresponding member leaves the organization. - When memberType is dept, an organization ID is required.
optionObjectNoOptional parameters.
durationLongNoThe validity period, in seconds. - Currently, only Spaces whose OwnerType is APP support temporary permissions. - The maximum value is 3600.

Request example

HTTP 
PUT /v2.0/storage/spaces/dentries/EpGBxxxx7R35y/permissions?unionId=tXguNxxxxURAiEiE HTTP/1.1
Host:api.dingtalk.io
x-acs-dingtalk-access-token:access_token
Content-Type:application/json

{
  "roleId" : "MANAGER",
  "members" : [ {
    "type" : "USER",
    "id" : "01296106445126923197",
    "corpId" : "ding16b241fd05********288"
  } ],
  "option" : {
    "duration" : 3600
  }
}
Java 
package com.aliyun.sample;

import com.aliyun.tea.*;

public class Sample {

    /**
     * <b>description</b> :
     * <p>Initialize the account Client with a Token</p>
     * @return Client
     * 
     * @throws Exception
     */
    public static com.aliyun.dingtalkstorage_2_0.Client createClient() throws Exception {
        com.aliyun.teaopenapi.models.Config config = new com.aliyun.teaopenapi.models.Config();
        config.protocol = "https";
        config.regionId = "central";
        return new com.aliyun.dingtalkstorage_2_0.Client(config);
    }

    public static void main(String[] args_) throws Exception {
        
        com.aliyun.dingtalkstorage_2_0.Client client = Sample.createClient();
        com.aliyun.dingtalkstorage_2_0.models.UpdatePermissionHeaders updatePermissionHeaders = new com.aliyun.dingtalkstorage_2_0.models.UpdatePermissionHeaders();
        updatePermissionHeaders.xAcsDingtalkAccessToken = "<your access token>";
        com.aliyun.dingtalkstorage_2_0.models.UpdatePermissionRequest.UpdatePermissionRequestOption option = new com.aliyun.dingtalkstorage_2_0.models.UpdatePermissionRequest.UpdatePermissionRequestOption()
                .setDuration(3600L);
        com.aliyun.dingtalkstorage_2_0.models.UpdatePermissionRequest.UpdatePermissionRequestMembers members0 = new com.aliyun.dingtalkstorage_2_0.models.UpdatePermissionRequest.UpdatePermissionRequestMembers()
                .setType("USER")
                .setId("01296106445126923197")
                .setCorpId("ding16b241fd05********288");
        com.aliyun.dingtalkstorage_2_0.models.UpdatePermissionRequest updatePermissionRequest = new com.aliyun.dingtalkstorage_2_0.models.UpdatePermissionRequest()
                .setUnionId("tXguNxxxxURAiEiE")
                .setRoleId("MANAGER")
                .setMembers(java.util.Arrays.asList(
                    members0
                ))
                .setOption(option);
        try {
            client.updatePermissionWithOptions("EpGBxxxx7R35y", updatePermissionRequest, updatePermissionHeaders, new com.aliyun.teautil.models.RuntimeOptions());
        } catch (TeaException err) {
            if (!com.aliyun.teautil.Common.empty(err.code) && !com.aliyun.teautil.Common.empty(err.message)) {
                // err contains code and message Attributes, which can help developers locate the issue
            }

        } catch (Exception _err) {
            TeaException err = new TeaException(_err.getMessage(), _err);
            if (!com.aliyun.teautil.Common.empty(err.code) && !com.aliyun.teautil.Common.empty(err.message)) {
                // err contains code and message Attributes, which can help developers locate the issue
            }

        }        
    }
}
Python 
# -*- coding: utf-8 -*-
# This file is auto-generated, don't edit it. Thanks.
import os
import sys
import json

from typing import List

from alibabacloud_dingtalk.storage_2_0.client import Client as dingtalkstorage_2_0Client
from alibabacloud_tea_openapi import models as open_api_models
from alibabacloud_dingtalk.storage_2_0 import models as dingtalkstorage__2__0_models
from alibabacloud_tea_util import models as util_models
from alibabacloud_tea_util.client import Client as UtilClient

class Sample:
    def __init__(self):
        pass

    @staticmethod
    def create_client() -> dingtalkstorage_2_0Client:
        """
        Initialize the account Client with a Token
        @return: Client
        @throws Exception
        """
        config = open_api_models.Config()
        config.protocol = 'https'
        config.region_id = 'central'
        return dingtalkstorage_2_0Client(config)

    @staticmethod
    def main(
        args: List[str],
    ) -> None:
        client = Sample.create_client()
        update_permission_headers = dingtalkstorage__2__0_models.UpdatePermissionHeaders()
        update_permission_headers.x_acs_dingtalk_access_token = '<your access token>'
        option = dingtalkstorage__2__0_models.UpdatePermissionRequestOption(
            duration=3600
        )
        members_0 = dingtalkstorage__2__0_models.UpdatePermissionRequestMembers(
            type='USER',
            id='01296106445126923197',
            corp_id='ding16b241fd05********288'
        )
        update_permission_request = dingtalkstorage__2__0_models.UpdatePermissionRequest(
            union_id='tXguNxxxxURAiEiE',
            role_id='MANAGER',
            members=[
                members_0
            ],
            option=option
        )
        try:
            client.update_permission_with_options('EpGBxxxx7R35y', update_permission_request, update_permission_headers, util_models.RuntimeOptions())
        except Exception as err:
            if not UtilClient.empty(err.code) and not UtilClient.empty(err.message):
                # err contains code and message Attributes, which can help developers locate the issue
                pass

    @staticmethod
    async def main_async(
        args: List[str],
    ) -> None:
        client = Sample.create_client()
        update_permission_headers = dingtalkstorage__2__0_models.UpdatePermissionHeaders()
        update_permission_headers.x_acs_dingtalk_access_token = '<your access token>'
        option = dingtalkstorage__2__0_models.UpdatePermissionRequestOption(
            duration=3600
        )
        members_0 = dingtalkstorage__2__0_models.UpdatePermissionRequestMembers(
            type='USER',
            id='01296106445126923197',
            corp_id='ding16b241fd05********288'
        )
        update_permission_request = dingtalkstorage__2__0_models.UpdatePermissionRequest(
            union_id='tXguNxxxxURAiEiE',
            role_id='MANAGER',
            members=[
                members_0
            ],
            option=option
        )
        try:
            await client.update_permission_with_options_async('EpGBxxxx7R35y', update_permission_request, update_permission_headers, util_models.RuntimeOptions())
        except Exception as err:
            if not UtilClient.empty(err.code) and not UtilClient.empty(err.message):
                # err contains code and message Attributes, which can help developers locate the issue
                pass

if __name__ == '__main__':
    Sample.main(sys.argv[1:])
PHP 
<?php

// This file is auto-generated, don't edit it. Thanks.
namespace AlibabaCloud\SDK\Sample;

use AlibabaCloud\SDK\Dingtalk\Vstorage_2_0\Dingtalk;
use \Exception;
use AlibabaCloud\Tea\Exception\TeaError;
use AlibabaCloud\Tea\Utils\Utils;

use Darabonba\OpenApi\Models\Config;
use AlibabaCloud\SDK\Dingtalk\Vstorage_2_0\Models\UpdatePermissionHeaders;
use AlibabaCloud\SDK\Dingtalk\Vstorage_2_0\Models\UpdatePermissionRequest\option;
use AlibabaCloud\SDK\Dingtalk\Vstorage_2_0\Models\UpdatePermissionRequest\members;
use AlibabaCloud\SDK\Dingtalk\Vstorage_2_0\Models\UpdatePermissionRequest;
use AlibabaCloud\Tea\Utils\Utils\RuntimeOptions;

class Sample {

    /**
     * Initialize the account Client with a Token
     * @return Dingtalk Client
     */
    public static function createClient(){
        $config = new Config([]);
        $config->protocol = "https";
        $config->regionId = "central";
        return new Dingtalk($config);
    }

    /**
     * @param string[] $args
     * @return void
     */
    public static function main($args){
        $client = self::createClient();
        $updatePermissionHeaders = new UpdatePermissionHeaders([]);
        $updatePermissionHeaders->xAcsDingtalkAccessToken = "<your access token>";
        $option = new option([
            "duration" => 3600
        ]);
        $members0 = new members([
            "type" => "USER",
            "id" => "01296106445126923197",
            "corpId" => "ding16b241fd05********288"
        ]);
        $updatePermissionRequest = new UpdatePermissionRequest([
            "unionId" => "tXguNxxxxURAiEiE",
            "roleId" => "MANAGER",
            "members" => [
                $members0
            ],
            "option" => $option
        ]);
        try {
            $client->updatePermissionWithOptions("EpGBxxxx7R35y", $updatePermissionRequest, $updatePermissionHeaders, new RuntimeOptions([]));
        }
        catch (Exception $err) {
            if (!($err instanceof TeaError)) {
                $err = new TeaError([], $err->getMessage(), $err->getCode(), $err);
            }
            if (!Utils::empty_($err->code) && !Utils::empty_($err->message)) {
                // err contains code and message Attributes, which can help developers locate the issue
            }
        }
    }
}
$path = __DIR__ . \DIRECTORY_SEPARATOR . '..' . \DIRECTORY_SEPARATOR . 'vendor' . \DIRECTORY_SEPARATOR . 'autoload.php';
if (file_exists($path)) {
    require_once $path;
}
Sample::main(array_slice($argv, 1));
Go 
package main

import (
  "encoding/json"
  "strings"
  "fmt"
  "os"
  util  "github.com/alibabacloud-go/tea-utils/v2/service"
  dingtalkstorage_2_0  "github.com/alibabacloud-go/dingtalk/storage_2_0"
  openapi  "github.com/alibabacloud-go/darabonba-openapi/v2/client"
  "github.com/alibabacloud-go/tea/tea"
)

// Description:
// 
// Initialize the account Client with a Token
// 
// @return Client
// 
// @throws Exception
func CreateClient () (_result *dingtalkstorage_2_0.Client, _err error) {
  config := &openapi.Config{}
  config.Protocol = tea.String("https")
  config.RegionId = tea.String("central")
  _result = &dingtalkstorage_2_0.Client{}
  _result, _err = dingtalkstorage_2_0.NewClient(config)
  return _result, _err
}

func _main (args []*string) (_err error) {
  client, _err := CreateClient()
  if _err != nil {
    return _err
  }

  updatePermissionHeaders := &dingtalkstorage_2_0.UpdatePermissionHeaders{}
  updatePermissionHeaders.XAcsDingtalkAccessToken = tea.String("<your access token>")
  option := &dingtalkstorage_2_0.UpdatePermissionRequestOption{
    Duration: tea.Int64(3600),
  }
  members0 := &dingtalkstorage_2_0.UpdatePermissionRequestMembers{
    Type: tea.String("USER"),
    Id: tea.String("01296106445126923197"),
    CorpId: tea.String("ding16b241fd05********288"),
  }
  updatePermissionRequest := &dingtalkstorage_2_0.UpdatePermissionRequest{
    UnionId: tea.String("tXguNxxxxURAiEiE"),
    RoleId: tea.String("MANAGER"),
    Members: []*dingtalkstorage_2_0.UpdatePermissionRequestMembers{members0},
    Option: option,
  }
  tryErr := func()(_e error) {
    defer func() {
      if r := tea.Recover(recover()); r != nil {
        _e = r
      }
    }()
    _, _err = client.UpdatePermissionWithOptions(tea.String("EpGBxxxx7R35y"), updatePermissionRequest, updatePermissionHeaders, &util.RuntimeOptions{})
    if _err != nil {
      return _err
    }

    return nil
  }()

  if tryErr != nil {
    var err = &tea.SDKError{}
    if _t, ok := tryErr.(*tea.SDKError); ok {
      err = _t
    } else {
      err.Message = tea.String(tryErr.Error())
    }
    if !tea.BoolValue(util.Empty(err.Code)) && !tea.BoolValue(util.Empty(err.Message)) {
      // err contains code and message Attributes, which can help developers locate the issue
    }

  }
  return _err
}

func main() {
  err := _main(tea.StringSlice(os.Args[1:]))
  if err != nil {
    panic(err)
  }
}
Node.js 
'use strict';
// This file is auto-generated, don't edit it
const Util = require('@alicloud/tea-util');
const dingtalkstorage_2_0 = require('@alicloud/dingtalk/storage_2_0');
const OpenApi = require('@alicloud/openapi-client');
const Tea = require('@alicloud/tea-typescript');

class Client {

  /**
   * Initialize the account Client with a Token
   * @return Client
   * @throws Exception
   */
  static createClient() {
    let config = new OpenApi.Config({ });
    config.protocol = 'https';
    config.regionId = 'central';
    return new dingtalkstorage_2_0.default(config);
  }

  static async main(args) {
    let client = Client.createClient();
    let updatePermissionHeaders = new dingtalkstorage_2_0.UpdatePermissionHeaders({ });
    updatePermissionHeaders.xAcsDingtalkAccessToken = '<your access token>';
    let option = new dingtalkstorage_2_0.UpdatePermissionRequestOption({
      duration: 3600,
    });
    let members0 = new dingtalkstorage_2_0.UpdatePermissionRequestMembers({
      type: 'USER',
      id: '01296106445126923197',
      corpId: 'ding16b241fd05********288',
    });
    let updatePermissionRequest = new dingtalkstorage_2_0.UpdatePermissionRequest({
      unionId: 'tXguNxxxxURAiEiE',
      roleId: 'MANAGER',
      members: [
        members0
      ],
      option: option,
    });
    try {
      await client.updatePermissionWithOptions('EpGBxxxx7R35y', updatePermissionRequest, updatePermissionHeaders, new Util.RuntimeOptions({ }));
    } catch (err) {
      if (!Util.default.empty(err.code) && !Util.default.empty(err.message)) {
        // err contains code and message Attributes, which can help developers locate the issue
      }

    }    
  }

}

exports.Client = Client;
Client.main(process.argv.slice(2));
C# 
using Newtonsoft.Json;
using System;
using System.Collections;
using System.Collections.Generic;
using System.IO;
using System.Threading.Tasks;

using Tea;
using Tea.Utils;

namespace AlibabaCloud.SDK.Sample
{
    public class Sample 
    {

        /// <term><b>Description:</b></term>
        /// <description>
        /// <para>Initialize the account Client with a Token</para>
        /// </description>
        /// 
        /// <returns>
        /// Client
        /// </returns>
        /// 
        /// <term><b>Exception:</b></term>
        /// Exception
        public static AlibabaCloud.SDK.Dingtalkstorage_2_0.Client CreateClient()
        {
            AlibabaCloud.OpenApiClient.Models.Config config = new AlibabaCloud.OpenApiClient.Models.Config();
            config.Protocol = "https";
            config.RegionId = "central";
            return new AlibabaCloud.SDK.Dingtalkstorage_2_0.Client(config);
        }

        public static void Main(string[] args)
        {
            AlibabaCloud.SDK.Dingtalkstorage_2_0.Client client = CreateClient();
            AlibabaCloud.SDK.Dingtalkstorage_2_0.Models.UpdatePermissionHeaders updatePermissionHeaders = new AlibabaCloud.SDK.Dingtalkstorage_2_0.Models.UpdatePermissionHeaders();
            updatePermissionHeaders.XAcsDingtalkAccessToken = "<your access token>";
            AlibabaCloud.SDK.Dingtalkstorage_2_0.Models.UpdatePermissionRequest.UpdatePermissionRequestOption option = new AlibabaCloud.SDK.Dingtalkstorage_2_0.Models.UpdatePermissionRequest.UpdatePermissionRequestOption
            {
                Duration = 3600,
            };
            AlibabaCloud.SDK.Dingtalkstorage_2_0.Models.UpdatePermissionRequest.UpdatePermissionRequestMembers members0 = new AlibabaCloud.SDK.Dingtalkstorage_2_0.Models.UpdatePermissionRequest.UpdatePermissionRequestMembers
            {
                Type = "USER",
                Id = "01296106445126923197",
                CorpId = "ding16b241fd05********288",
            };
            AlibabaCloud.SDK.Dingtalkstorage_2_0.Models.UpdatePermissionRequest updatePermissionRequest = new AlibabaCloud.SDK.Dingtalkstorage_2_0.Models.UpdatePermissionRequest
            {
                UnionId = "tXguNxxxxURAiEiE",
                RoleId = "MANAGER",
                Members = new List<AlibabaCloud.SDK.Dingtalkstorage_2_0.Models.UpdatePermissionRequest.UpdatePermissionRequestMembers>
                {
                    members0
                },
                Option = option,
            };
            try
            {
                client.UpdatePermissionWithOptions("EpGBxxxx7R35y", updatePermissionRequest, updatePermissionHeaders, new AlibabaCloud.TeaUtil.Models.RuntimeOptions());
            }
            catch (TeaException err)
            {
                if (!AlibabaCloud.TeaUtil.Common.Empty(err.Code) && !AlibabaCloud.TeaUtil.Common.Empty(err.Message))
                {
                    // err contains code and message Attributes, which can help developers locate the issue
                }
            }
            catch (Exception _err)
            {
                TeaException err = new TeaException(new Dictionary<string, object>
                {
                    { "message", _err.Message }
                });
                if (!AlibabaCloud.TeaUtil.Common.Empty(err.Code) && !AlibabaCloud.TeaUtil.Common.Empty(err.Message))
                {
                    // err contains code and message Attributes, which can help developers locate the issue
                }
            }
        }

    }
}

Response

Response body

NameTypeDescription
successBooleanWhether the operation was successful.

Response body example

HTTP/1.1 200 OK
Content-Type:application/json

{
  "success" : true
}

Error codes

If an error is returned when you call this API, refer to the Global error codes document to find a solution based on the error message.
HttpCodeError codeError messageDescription
400paramError%sParameter error
400paramError.dentryUuid%sParameter error - dentryUuid
400paramError.roleId%sParameter error - roleId
400paramError.permissionMemberType%sParameter error - permissionMemberType
403permissionDenied%sThe user lacks the required authorization.
404spaceNotExist%sThe space does not exist.
404dentryNotExist%sThe file does not exist.
500systemError%sSystem error
500unknownErrorUnknown ErrorUnknown error
503operationTimeout%sRequest timed out