Parameter Filters

You can use parameter filters to control which specific values are permitted when calling ARDI functions.

To specify a parameter filter, use the property name param_, plus the name of the parameter you want to filter. This should contain a regular expression used to match against the value sent by the user.

For example, let's say you want to open a URL so that an automated system can write a status to ARDI. This system is very simple and can't go through the normal ARDI API authentication flow. 

{
   "paths": {
	"api/asset/set": "specialwriter"
   },
   "groups": {
       "specialwriter": [[{
	    "type": "open"
	  }]],
          [{
	    "type": "whitelist",
	    "list": ["127.0.0.1","localhost"],
	    "param_property": "28",
	    "elevate": "editor"
	  }],
    }
}

This security rule does two things.

1) It allows normal access (the 'open' option) to any user who could normally access it, and
2) For local traffic, it allows write access to the endpoint, but only if the 'property' parameter is 28.

Regular Expressions

You can use regular expressions to allow specific formats or multiple different values to be allowed.

You can also combine multiple filters. 

{
   "paths": {
	"api/asset/set": "specialwriter"
   },
   "groups": {
       "specialwriter": [[{
	    "type": "open"
	  }]],
          [{
	    "type": "whitelist",
	    "list": ["127.0.0.1","localhost"],
	    "param_property": "(28|35)",
            "param_id": "(115|116)",
	    "elevate": "editor"
	  }],
    }
}

In the example above, the local machine can write to property 28 or 35, but only on asset 115 or 116.

ARDI Admin Guide

SYSTEM

DATABASES/SITES

USERS

ADMINISTRATION

ASSET BASICS

PROPERTIES

RELATIONSHIPS

SPECIAL RELATIONSHIPS

ASSET DETAILS

ENVIRONMENTS & 3D TOPICS

ASSETS & 3D

IMPORT/EXPORT

FEATURES

REPORTS

HOWTOS

ADVANCED

—-

Other Documentation