Access and Audit Fields¶
Every DRP object embeds an Access struct that tracks whether the object is read-only and maintains an audit trail of who created and last modified it. These fields are all read-only from the API perspective and are managed automatically by the server.
The ReadOnly flag is set to true when an object originates from a content layer other than the writable working layer. Objects delivered by content packs or plugins cannot be directly modified through the API. This ensures that curated content remains intact and that local customizations are kept separate from upstream-provided definitions. Attempting to modify a read-only object via the API will result in an error.
The audit trail fields (CreatedBy, CreatedAt, LastModifiedBy, LastModifiedAt) record when objects are created and changed, and which user performed the action. These fields are only populated when the action is performed by an authenticated user. Operations performed using machine tokens (such as those used by the runner during job execution) do not populate the CreatedBy or LastModifiedBy fields. This distinction allows administrators to differentiate between human-initiated changes and automated system activity.
| Field | Type | Description |
|---|---|---|
ReadOnly |
bool | Whether the object comes from a read-only content layer and cannot be directly modified. |
CreatedBy |
string | The user who created the object. Only set when the object was created by an authenticated user, not a machine token. |
CreatedAt |
timestamp | The time that the object was created. |
LastModifiedBy |
string | The user who last modified the object. Only populated for modifications made by an authenticated user. |
LastModifiedAt |
timestamp | The time that the object was last modified. |