Appearance
Server Webhooks
User Permissions API
To efficiently manage access to email template and its different parts in the editor, Stripo has implemented a webhook designed to externally retrieve permissions for a specific user to interact with the email template. To process requests from Stripo, you will need to implement an API according to this specification.
OpenAPI Specification
Reference
yaml
openapi: 3.0.3
info:
title: Stripo User Permissions API
description: |
To efficiently manage access to email template and its different parts in the editor, Stripo has implemented a webhook designed to externally retrieve [permissions](permissions-and-access-management) for a specific user to interact with the email template. To process requests from Stripo, you will need to implement an API according to this specification.
servers:
- url: https://{YOUR_USER_PERMISSIONS_CHECKER_URL}
paths:
/:
get:
tags:
- Methods
summary: Get user permissions for email
operationId: getUserPermissionsForEmail
description: Retrieves the set of permissions granted to a specific user for a particular email. The editor sends a request to this endpoint with the metadata in the header and expects to receive the granted permissions. This method ensures users have appropriate access and capabilities when working with emails within the Stripo platform, enhancing security and role-based management.
parameters:
- in: header
name: ES-PLUGIN-UI-DATA
required: true
schema:
type: string
description: >-
Content of metadata param that was passed during editor
initialization
- in: header
name: Cookies
required: true
schema:
type: string
description: Browser cookies
responses:
'200':
description: User permissions for email
content:
application/json:
schema:
$ref: '#/components/schemas/UserPermissions'
security:
- basicAuth: []
components:
securitySchemes:
basicAuth:
type: http
scheme: basic
schemas:
UserPermissions:
type: object
properties:
codeEditor:
type: object
$ref: '#/components/schemas/UserPermissionValue'
appearance:
type: object
$ref: '#/components/schemas/UserPermissionValue'
content:
type: object
$ref: '#/components/schemas/UserContentPermissionValue'
modules:
type: object
$ref: '#/components/schemas/UserPermissionValue'
versionHistory:
type: object
$ref: '#/components/schemas/UserPermissionValue'
UserPermissionValue:
type: object
properties:
read:
type: boolean
description: Is allowed to read
example: true
write:
type: boolean
description: Is allowed to write/manage
example: false
UserContentPermissionValue:
type: object
properties:
read:
type: boolean
description: Is allowed to read
example: true
write:
type: boolean
description: Is allowed to write/manage
example: false
textOnly:
type: boolean
description: Is allowed to edit only text
example: falseEmail Resources Permissions API
The Email Resources Permissions API ensures that only authorized users have the rights to edit email resources such as modules and images in your application. This feature helps prevent unauthorized access and ensures that the Stripo Plugin performs server-side operations only with your permission. To enable this feature, you need to implement the following backend endpoint on your server.
OpenAPI Specification
Reference
yaml
openapi: 3.0.3
info:
title: Stripo User Resources Permissions API
description: The Email Resources Permissions API ensures that only authorized users have the rights to edit email resources such as modules and images in your application. This feature helps prevent unauthorized access and ensures that the Stripo Plugin performs server-side operations only with your permission. To enable this feature, you need to implement the following backend endpoint on your server.
servers:
- url: https://{YOUR_RESOURCE_PERMISSIONS_CHECKER_URL}
paths:
/:
post:
tags:
- Methods
summary: Check and grant permissions
description: Verifies and assigns necessary permissions to a user for accessing specific features or content within the Stripo platform. The editor sends a request to the customer's endpoint with the information from the metadata and expects to receive a set of granted permissions in response. This method ensures that users have the appropriate access levels required to work inside the editor, enhancing security and effective role-based management.
security:
- basicAuth: []
requestBody:
required: true
content:
application/json:
schema:
$ref: '#/components/schemas/ResourcePermissionsRequest'
responses:
'200':
description: Resources permissions
content:
application/json:
schema:
$ref: '#/components/schemas/ResourcePermissionsResponse'
components:
securitySchemes:
basicAuth:
type: http
scheme: basic
schemas:
ResourcePermissionsRequest:
type: object
properties:
pluginId:
type: string
description: ID of the plugin requesting permissions
example: YOUR_PLUGIN_ID
uiData:
type: object
description: The value of 'metadata' field from editor initialization parameters
additionalProperties:
type: string
requestPermissions:
type: array
description: Array of permissions that plugin requests
items:
$ref: '#/components/schemas/ResourcePermission'
required:
- pluginId
- uiData
- requestPermissions
ResourcePermission:
type: object
properties:
type:
type: string
description: Operation subject. Supported values - BLOCKS, DOCS
example: BLOCKS
action:
type: string
description: Operation type. Supported values - READ, MODIFY
example: READ
key:
type: string
description: >-
Key identifier that was configured in plugin settings with filled
values
example: pluginId_YOUR_PLUGIN_ID_emailId_123_id_456
keyTemplate:
type: string
description: Key identifier that was configured in plugin settings
example: emailId_${emailId}_id_${someAnotherIdentifier}
ResourcePermissionsResponse:
type: object
properties:
grantPermissions:
type: array
items:
$ref: '#/components/schemas/ResourcePermission'Email Change Notification API
The Email Change Notification API allows you to receive information about the time and author of each autosave for security and atomic integrity purposes during simultaneous editing. This webhook needs to be specified in the plugin settings to function correctly.
To ensure that the webhook functions correctly, you need to specify an endpoint in the plugin settings that meets the following specifications.
OpenAPI Specification
Reference
yaml
openapi: 3.0.1
info:
title: Stripo Notification API
description: |
The Email Change Notification API allows you to receive information about the time and author of each autosave for security and atomic integrity purposes during simultaneous editing. This webhook needs to be specified in the plugin settings to function correctly.
To ensure that the webhook functions correctly, you need to specify an endpoint in the plugin settings that meets the following specifications.
servers:
- url: https://{YOUR_EMAIL_CHANGE_NOTIFICATION_URL}
paths:
/:
post:
tags:
- Methods
summary: Notification on email changes
description: Provides details about the time and author of each autosave, ensuring security and atomic integrity during simultaneous editing.
operationId: handleEmailChanged
security:
- basicAuth: []
requestBody:
content:
application/json:
schema:
$ref: '#/components/schemas/SaveRequest'
required: true
responses:
'200':
description: Successful response
content:
application/json:
schema:
type: object
nullable: true
components:
securitySchemes:
basicAuth:
type: http
scheme: basic
schemas:
SaveRequest:
type: object
required:
- emailId
- userId
- updatedTime
properties:
emailId:
type: string
userId:
type: string
dateTime:
type: integer
format: int64