Groups

Available groups in a Plone site can be created, queried, updated and deleted by interacting with the /@groups endpoint on portal root (requires an authenticated user):

List Groups

To retrieve a list of all current groups in the portal, call the /@groups endpoint with a GET request:

http

GET /plone/@groups HTTP/1.1
Accept: application/json
Authorization: Basic YWRtaW46c2VjcmV0

curl

curl -i http://nohost/plone/@groups -H 'Accept: application/json' --user admin:secret

httpie

http http://nohost/plone/@groups Accept:application/json -a admin:secret

python-requests

requests.get('http://nohost/plone/@groups', headers={
    'Accept': 'application/json',
}, auth=('admin', 'secret'))

The server will respond with a list of all groups in the portal:

HTTP/1.1 200 OK
Content-Type: application/json

[
  {
    "@id": "http://localhost:55001/plone/@groups/Administrators", 
    "description": "", 
    "email": "", 
    "groupname": "Administrators", 
    "id": "Administrators", 
    "roles": [
      "Manager", 
      "Authenticated"
    ], 
    "title": "Administrators"
  }, 
  {
    "@id": "http://localhost:55001/plone/@groups/Reviewers", 
    "description": "", 
    "email": "", 
    "groupname": "Reviewers", 
    "id": "Reviewers", 
    "roles": [
      "Reviewer", 
      "Authenticated"
    ], 
    "title": "Reviewers"
  }, 
  {
    "@id": "http://localhost:55001/plone/@groups/Site Administrators", 
    "description": "", 
    "email": "", 
    "groupname": "Site Administrators", 
    "id": "Site Administrators", 
    "roles": [
      "Site Administrator", 
      "Authenticated"
    ], 
    "title": "Site Administrators"
  }, 
  {
    "@id": "http://localhost:55001/plone/@groups/ploneteam", 
    "description": "We are Plone", 
    "email": "ploneteam@plone.org", 
    "groupname": "ploneteam", 
    "id": "ploneteam", 
    "roles": [
      "Authenticated"
    ], 
    "title": "Plone Team"
  }, 
  {
    "@id": "http://localhost:55001/plone/@groups/AuthenticatedUsers", 
    "description": "Automatic Group Provider", 
    "email": "", 
    "groupname": "AuthenticatedUsers", 
    "id": "AuthenticatedUsers", 
    "roles": [], 
    "title": "Authenticated Users (Virtual Group)"
  }
]

The endpoint supports some basic filtering:

http

GET /plone/@groups?query=plo HTTP/1.1
Accept: application/json
Authorization: Basic YWRtaW46c2VjcmV0

curl

curl -i 'http://nohost/plone/@groups?query=plo' -H 'Accept: application/json' --user admin:secret

httpie

http 'http://nohost/plone/@groups?query=plo' Accept:application/json -a admin:secret

python-requests

requests.get('http://nohost/plone/@groups?query=plo', headers={
    'Accept': 'application/json',
}, auth=('admin', 'secret'))

The server will respond with a list the filtered groups in the portal with groupname starts with the query.

The endpoint also takes a limit parameter that defaults to a maximum of 25 groups at a time for performance reasons.

HTTP/1.1 200 OK
Content-Type: application/json

[
  {
    "@id": "http://localhost:55001/plone/@groups/ploneteam", 
    "description": "We are Plone", 
    "email": "ploneteam@plone.org", 
    "groupname": "ploneteam", 
    "id": "ploneteam", 
    "roles": [
      "Authenticated"
    ], 
    "title": "Plone Team"
  }
]

Create Group

To create a new group, send a POST request to the global /@groups endpoint with a JSON representation of the group you want to create in the body:

http

POST /plone/@groups HTTP/1.1
Accept: application/json
Authorization: Basic YWRtaW46c2VjcmV0
Content-Type: application/json

{
    "description": "The Plone Framework Team",
    "email": "fwt@plone.org",
    "groupname": "fwt",
    "groups": [
        "Administrators"
    ],
    "roles": [
        "Manager"
    ],
    "title": "Framework Team",
    "users": [
        "admin",
        "test_user_1_"
    ]
}

curl

curl -i -X POST http://nohost/plone/@groups -H 'Accept: application/json' -H 'Content-Type: application/json' --data-raw '{"description": "The Plone Framework Team", "email": "fwt@plone.org", "groupname": "fwt", "groups": ["Administrators"], "roles": ["Manager"], "title": "Framework Team", "users": ["admin", "test_user_1_"]}' --user admin:secret

httpie

echo '{
  "description": "The Plone Framework Team",
  "email": "fwt@plone.org",
  "groupname": "fwt",
  "groups": [
    "Administrators"
  ],
  "roles": [
    "Manager"
  ],
  "title": "Framework Team",
  "users": [
    "admin",
    "test_user_1_"
  ]
}' | http POST http://nohost/plone/@groups Accept:application/json Content-Type:application/json -a admin:secret

python-requests

requests.post('http://nohost/plone/@groups', headers={
    'Accept': 'application/json',
    'Content-Type': 'application/json',
}, json={
    'description': 'The Plone Framework Team',
    'email': 'fwt@plone.org',
    'groupname': 'fwt',
    'groups': ['Administrators'],
    'roles': ['Manager'],
    'title': 'Framework Team',
    'users': ['admin', 'test_user_1_'],
}, auth=('admin', 'secret'))

Note

By default, “groupname” is a required field.

If the group has been created successfully, the server will respond with a status 201 (Created). The Location header contains the URL of the newly created group and the resource representation in the payload:

HTTP/1.1 201 Created
Content-Type: application/json
Location: http://localhost:55001/plone/@groups/fwt

{
  "@id": "http://localhost:55001/plone/@groups/fwt", 
  "description": "The Plone Framework Team", 
  "email": "fwt@plone.org", 
  "groupname": "fwt", 
  "id": "fwt", 
  "roles": [
    "Manager", 
    "Authenticated"
  ], 
  "title": "Framework Team", 
  "users": {
    "@id": "http://localhost:55001/plone/@groups", 
    "items": [
      "Administrators", 
      "admin", 
      "test_user_1_"
    ], 
    "items_total": 3
  }
}

Read Group

To retrieve all details for a particular group, send a GET request to the /@groups endpoint and append the group id to the URL:

http

GET /plone/@groups/ploneteam HTTP/1.1
Accept: application/json
Authorization: Basic YWRtaW46c2VjcmV0

curl

curl -i http://nohost/plone/@groups/ploneteam -H 'Accept: application/json' --user admin:secret

httpie

http http://nohost/plone/@groups/ploneteam Accept:application/json -a admin:secret

python-requests

requests.get('http://nohost/plone/@groups/ploneteam', headers={
    'Accept': 'application/json',
}, auth=('admin', 'secret'))

The server will respond with a 200 OK status code and the JSON representation of the group in the body:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "@id": "http://localhost:55001/plone/@groups/ploneteam", 
  "description": "We are Plone", 
  "email": "ploneteam@plone.org", 
  "groupname": "ploneteam", 
  "id": "ploneteam", 
  "roles": [
    "Authenticated"
  ], 
  "title": "Plone Team", 
  "users": {
    "@id": "http://localhost:55001/plone/@groups/ploneteam", 
    "items": [], 
    "items_total": 0
  }
}

Batching is supported for the ‘users’ object.

Update Group

To update the settings of a group, send a PATCH request with the group details you want to amend to the URL of that particular group:

http

PATCH /plone/@groups/ploneteam HTTP/1.1
Accept: application/json
Authorization: Basic YWRtaW46c2VjcmV0
Content-Type: application/json

{
    "email": "ploneteam2@plone.org",
    "users": {
        "test_user_1_": false
    }
}

curl

curl -i -X PATCH http://nohost/plone/@groups/ploneteam -H 'Accept: application/json' -H 'Content-Type: application/json' --data-raw '{"email": "ploneteam2@plone.org", "users": {"test_user_1_": false}}' --user admin:secret

httpie

echo '{
  "email": "ploneteam2@plone.org",
  "users": {
    "test_user_1_": false
  }
}' | http PATCH http://nohost/plone/@groups/ploneteam Accept:application/json Content-Type:application/json -a admin:secret

python-requests

requests.patch('http://nohost/plone/@groups/ploneteam', headers={
    'Accept': 'application/json',
    'Content-Type': 'application/json',
}, json={
    'email': 'ploneteam2@plone.org',
    'users': {
        'test_user_1_': False,
    },
}, auth=('admin', 'secret'))

Note

The ‘users’ object is a mapping of a user_id and a boolean indicating adding or removing from the group.

A successful response to a PATCH request will be indicated by a 204 No Content response:

HTTP/1.1 204 No Content

Delete Group

To delete a group send a DELETE request to the /@groups endpoint and append the group id of the group you want to delete:

http

DELETE /plone/@groups/ploneteam HTTP/1.1
Accept: application/json
Authorization: Basic YWRtaW46c2VjcmV0

curl

curl -i -X DELETE http://nohost/plone/@groups/ploneteam -H 'Accept: application/json' --user admin:secret

httpie

http DELETE http://nohost/plone/@groups/ploneteam Accept:application/json -a admin:secret

python-requests

requests.delete('http://nohost/plone/@groups/ploneteam', headers={
    'Accept': 'application/json',
}, auth=('admin', 'secret'))

A successful response will be indicated by a 204 No Content response:

HTTP/1.1 204 No Content