Addition of 'Content Management User' permission check for API endpoints under /api/v2/contentmanagement/documents

Description

In order to maintain platform security, users who do not have the General: Content Management User’permission will not be allowed to perform CRUD operations in the Content Management APIs.

Change Category

API

Change Context

Only a user with General: Content Management User permission can perform the following in their personal workspace:

Change Impact

This change only impacts customers who have explicitly unassigned the General: Content Management User permission from the default employee role AND who utilize a 3rd party API client to access the Genesys Cloud public APIs.

All potentially impacted customers have been contacted, but please ensure that your users have the necessary General: Content Management User permission (content_management_user) assigned to at least one user role.

Date of Change

Immediate.

Impacted APIs

POST /api/v2/contentmanagement/documents
GET /api/v2/contentmanagement/documents
DELETE /api/v2/contentmanagement/documents/{documentId}
GET /api/v2/contentmanagement/documents/{documentId}
POST /api/v2/contentmanagement/documents/{documentId}
GET /api/v2/contentmanagement/documents/{documentId}/content
POST /api/v2/contentmanagement/documents/{documentId}/content

References

[PENTEST-336]
[CM-5694]