> Portal Navigation: > > - Append `.md` to any URL under `https://dev.wix.com/docs/` to get its markdown version. > - Pages are either content pages (article or reference text) or menu pages (a list of links to child pages). > - To get a menu page, truncate any URL to a parent path and append `.md` (e.g. `https://dev.wix.com/docs/sdk.md`, `https://dev.wix.com/docs/sdk/core-modules.md`). > - Top-level index of all portals: https://dev.wix.com/docs/llms.txt > - Full concatenated docs: https://dev.wix.com/docs/llms-full.txt # AddSpecialPermissions # Package: collectionManagement # Namespace: DataPermissionsService # Method link: https://dev.wix.com/docs/api-reference/business-solutions/cms/collection-management/data-permissions/add-special-permissions.md ## Permission Scopes: Manage Data Collections: SCOPE.DC-DATA.DATA-COLLECTIONS-MANAGE ## Introduction Adds special permissions to a specific user or role for the specified data collection. Special permissions allow specific users or roles to perform actions that [collection-level permissions](https://dev.wix.com/docs/api-reference/business-solutions/cms/data-permissions/introduction.md#collection-level-permissions) restrict. --- ## REST API ### Schema ``` Method: addSpecialPermissions Description: Adds special permissions to a specific user or role for the specified data collection. Special permissions allow specific users or roles to perform actions that [collection-level permissions](https://dev.wix.com/docs/api-reference/business-solutions/cms/data-permissions/introduction.md#collection-level-permissions) restrict. URL: https://www.wixapis.com/wix-data/v1/permissions/special Method: POST # Note: If the parameter `a.b` is listed under required parameters, `b` is only required if `a` is also present. Required parameters: dataCollectionId, specialPermissions Method parameters: param name: dataCollectionId | type: dataCollectionId | description: GUID of the collection for which to grant special permissions. | required: true param name: specialPermissions | type: SpecialPermissions | required: true - ONE-OF: - required: true - name: userId | type: string | description: GUID of the user for these special permissions. - name: policyId | type: string | description: GUID of the [role](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#user-roles) for these special permissions. To find the GUID of a role, call [Get Roles Info](https://dev.wix.com/docs/rest/account-level/user-management/accounts/users/get-roles-info.md). Roles and their GUIDs are found in the `predefinedRoles` or the `customRoles` arrays in the method response. Learn more about [roles and permissions for site management](https://support.wix.com/en/article/roles-permissions-overview#roles-and-permissions). - name: itemRead | type: Access | description: Whether the specified users or roles can read items from the collection. When set to `ALLOWED`, users can read items from the collection. When set to `UNSPECIFIED`, [collection-level permissions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#collection-level-permissions) apply. Learn more about [item actions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#item-actions). - enum: - UNSPECIFIED: No special permissions. [Collection-level permissions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#collection-level-permissions) apply to this action. - ALLOWED: User or role has special permissions to perform this action, overriding [collection-level permissions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#collection-level-permissions). - name: itemInsert | type: Access | description: Whether the specified users or roles can create new items in the collection. When set to `ALLOWED`, users can create new items in the collection. When set to `UNSPECIFIED`, [collection-level permissions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#collection-level-permissions) apply. Learn more about [item actions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#item-actions). - name: itemUpdate | type: Access | description: Whether the specified users or roles can update existing items in the collection. When set to `ALLOWED`, users can update existing items in the collection. When set to `UNSPECIFIED`, [collection-level permissions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#collection-level-permissions) apply. Learn more about [item actions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#item-actions). - name: itemRemove | type: Access | description: Whether the specified users or roles can remove items from the collection. When set to `ALLOWED`, users can remove items from the collection. When set to `UNSPECIFIED`, [collection-level permissions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#collection-level-permissions) apply. Learn more about [item actions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#item-actions). Return type: AddSpecialPermissionsResponse - name: specialPermissions | type: SpecialPermissions | description: Special permissions granted to the user or role for the specified collection. - ONE-OF: - name: userId | type: string | description: GUID of the user for these special permissions. - name: policyId | type: string | description: GUID of the [role](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#user-roles) for these special permissions. To find the GUID of a role, call [Get Roles Info](https://dev.wix.com/docs/rest/account-level/user-management/accounts/users/get-roles-info.md). Roles and their GUIDs are found in the `predefinedRoles` or the `customRoles` arrays in the method response. Learn more about [roles and permissions for site management](https://support.wix.com/en/article/roles-permissions-overview#roles-and-permissions). - name: id | type: string | description: GUID of the special permissions set. - name: itemRead | type: Access | description: Whether the specified users or roles can read items from the collection. When set to `ALLOWED`, users can read items from the collection. When set to `UNSPECIFIED`, [collection-level permissions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#collection-level-permissions) apply. Learn more about [item actions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#item-actions). - enum: - UNSPECIFIED: No special permissions. [Collection-level permissions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#collection-level-permissions) apply to this action. - ALLOWED: User or role has special permissions to perform this action, overriding [collection-level permissions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#collection-level-permissions). - name: itemInsert | type: Access | description: Whether the specified users or roles can create new items in the collection. When set to `ALLOWED`, users can create new items in the collection. When set to `UNSPECIFIED`, [collection-level permissions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#collection-level-permissions) apply. Learn more about [item actions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#item-actions). - name: itemUpdate | type: Access | description: Whether the specified users or roles can update existing items in the collection. When set to `ALLOWED`, users can update existing items in the collection. When set to `UNSPECIFIED`, [collection-level permissions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#collection-level-permissions) apply. Learn more about [item actions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#item-actions). - name: itemRemove | type: Access | description: Whether the specified users or roles can remove items from the collection. When set to `ALLOWED`, users can remove items from the collection. When set to `UNSPECIFIED`, [collection-level permissions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#collection-level-permissions) apply. Learn more about [item actions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#item-actions). Possible Errors: HTTP Code: 409 | Status Code: ALREADY_EXISTS | Application Code: ALREADY_EXISTS | Description: Returned when the special permissions already exist for the specified user or role. ``` ### Examples ### Add special permissions for a role ```curl curl -X POST 'https://www.wixapis.com/wix-data/v1/permissions/special' \ -H 'Content-Type: application/json' \ -H 'Authorization: ' \ -d '{ "dataCollectionId": "my-first-collection", "specialPermissions": { "policyId": "7046409866117489206", "itemRead": "ALLOWED", "itemInsert": "ALLOWED", "itemUpdate": "UNSPECIFIED", "itemRemove": "UNSPECIFIED" } }' ``` --- ## JavaScript SDK ### Schema ``` Method: wixClientAdmin.collectionManagement.DataPermissionsService.addSpecialPermissions(dataCollectionId, specialPermissions) Description: Adds special permissions to a specific user or role for the specified data collection. Special permissions allow specific users or roles to perform actions that [collection-level permissions](https://dev.wix.com/docs/api-reference/business-solutions/cms/data-permissions/introduction.md#collection-level-permissions) restrict. # Note: If the parameter `a.b` is listed under required parameters, `b` is only required if `a` is also present. Required parameters: dataCollectionId, specialPermissions Method parameters: param name: dataCollectionId | type: string | description: GUID of the collection for which to grant special permissions. | required: true param name: specialPermissions | type: SpecialPermissions | required: true - ONE-OF: - required: true - name: userId | type: string | description: GUID of the user for these special permissions. - name: policyId | type: string | description: GUID of the [role](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#user-roles) for these special permissions. To find the GUID of a role, call [Get Roles Info](https://dev.wix.com/docs/rest/account-level/user-management/accounts/users/get-roles-info.md). Roles and their GUIDs are found in the `predefinedRoles` or the `customRoles` arrays in the method response. Learn more about [roles and permissions for site management](https://support.wix.com/en/article/roles-permissions-overview#roles-and-permissions). - name: itemRead | type: Access | description: Whether the specified users or roles can read items from the collection. When set to `ALLOWED`, users can read items from the collection. When set to `UNSPECIFIED`, [collection-level permissions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#collection-level-permissions) apply. Learn more about [item actions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#item-actions). - enum: - UNSPECIFIED: No special permissions. [Collection-level permissions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#collection-level-permissions) apply to this action. - ALLOWED: User or role has special permissions to perform this action, overriding [collection-level permissions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#collection-level-permissions). - name: itemInsert | type: Access | description: Whether the specified users or roles can create new items in the collection. When set to `ALLOWED`, users can create new items in the collection. When set to `UNSPECIFIED`, [collection-level permissions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#collection-level-permissions) apply. Learn more about [item actions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#item-actions). - name: itemUpdate | type: Access | description: Whether the specified users or roles can update existing items in the collection. When set to `ALLOWED`, users can update existing items in the collection. When set to `UNSPECIFIED`, [collection-level permissions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#collection-level-permissions) apply. Learn more about [item actions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#item-actions). - name: itemRemove | type: Access | description: Whether the specified users or roles can remove items from the collection. When set to `ALLOWED`, users can remove items from the collection. When set to `UNSPECIFIED`, [collection-level permissions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#collection-level-permissions) apply. Learn more about [item actions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#item-actions). Return type: PROMISE - name: specialPermissions | type: SpecialPermissions | description: Special permissions granted to the user or role for the specified collection. - ONE-OF: - required: true - name: userId | type: string | description: GUID of the user for these special permissions. - name: policyId | type: string | description: GUID of the [role](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#user-roles) for these special permissions. To find the GUID of a role, call [Get Roles Info](https://dev.wix.com/docs/rest/account-level/user-management/accounts/users/get-roles-info.md). Roles and their GUIDs are found in the `predefinedRoles` or the `customRoles` arrays in the method response. Learn more about [roles and permissions for site management](https://support.wix.com/en/article/roles-permissions-overview#roles-and-permissions). - name: _id | type: string | description: GUID of the special permissions set. - name: itemRead | type: Access | description: Whether the specified users or roles can read items from the collection. When set to `ALLOWED`, users can read items from the collection. When set to `UNSPECIFIED`, [collection-level permissions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#collection-level-permissions) apply. Learn more about [item actions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#item-actions). - enum: - UNSPECIFIED: No special permissions. [Collection-level permissions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#collection-level-permissions) apply to this action. - ALLOWED: User or role has special permissions to perform this action, overriding [collection-level permissions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#collection-level-permissions). - name: itemInsert | type: Access | description: Whether the specified users or roles can create new items in the collection. When set to `ALLOWED`, users can create new items in the collection. When set to `UNSPECIFIED`, [collection-level permissions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#collection-level-permissions) apply. Learn more about [item actions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#item-actions). - name: itemUpdate | type: Access | description: Whether the specified users or roles can update existing items in the collection. When set to `ALLOWED`, users can update existing items in the collection. When set to `UNSPECIFIED`, [collection-level permissions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#collection-level-permissions) apply. Learn more about [item actions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#item-actions). - name: itemRemove | type: Access | description: Whether the specified users or roles can remove items from the collection. When set to `ALLOWED`, users can remove items from the collection. When set to `UNSPECIFIED`, [collection-level permissions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#collection-level-permissions) apply. Learn more about [item actions](https://dev.wix.com/docs/rest/business-solutions/cms/data-permissions/introduction.md#item-actions). Possible Errors: HTTP Code: 409 | Status Code: ALREADY_EXISTS | Application Code: ALREADY_EXISTS | Description: Returned when the special permissions already exist for the specified user or role. ``` ### Examples ### addSpecialPermissions ```javascript import { permissions } from '@wix/data'; async function addSpecialPermissions(dataCollectionId,specialPermissions) { const response = await permissions.addSpecialPermissions(dataCollectionId,specialPermissions); }; ``` ### addSpecialPermissions (with elevated permissions) ```javascript import { permissions } from '@wix/data'; import { auth } from '@wix/essentials'; async function myAddSpecialPermissionsMethod(dataCollectionId,specialPermissions) { const elevatedAddSpecialPermissions = auth.elevate(permissions.addSpecialPermissions); const response = await elevatedAddSpecialPermissions(dataCollectionId,specialPermissions); } ``` ### addSpecialPermissions (self-hosted) Self-hosted SDK calls require you to [create a client](https://dev.wix.com/docs/sdk/articles/work-with-the-sdk/about-the-wix-client.md). ```javascript import { createClient } from '@wix/sdk'; import { permissions } from '@wix/data'; // Import the auth strategy for the relevant access type // Import the relevant host module if needed const myWixClient = createClient ({ modules: { permissions }, // Include the auth strategy and host as relevant }); async function addSpecialPermissions(dataCollectionId,specialPermissions) { const response = await myWixClient.permissions.addSpecialPermissions(dataCollectionId,specialPermissions); }; ``` ---