Contents
Changelog
November 10, 2020
POST /deals
and PUT /deals/{id}
endpointsAnnounced: October 13, 2020
November 10, 2020
Breaking change in POST /deals
and PUT /deals/{id}
endpoints
POST /deals
and PUT /deals/{id}
endpointsEndpoints directly affected:
What will change?
In Pipedrive, admin users can set visibility groups and permission sets. Visibility groups are used to categorize users and dictate what entity they will be allowed to see. Permission sets dictate what actions the users in the account are able to perform. To see and set the visibility group of the entity through the API we have the visible_to
parameter.
If one tries to set the wrong visible_to
value when requesting POST /organizations
, PUT /organizations/{id}
, POST /persons
or PUT /persons/{id}
endpoints, they will get the 403
response code. We’re adding that same additional validation to POST /deals
and PUT /deals/{id}
endpoints.
Why?
POST /deals
and PUT /deals/{id}
endpoints don't currently return an error if an incorrect value is given to visible_to
parameter, instead the request is shown to be successful and it will ignore the data sent by the user.
Who is affected?
This change affects only non-admin type of users who belong to a permission set where the permission Can change visibility of items is turned off.
Published on October 13, 2020