Use this object to manage user groups.
|
Method |
Description |
|
Add a group to the grid controller's local directory service database. The new group is created without any members. |
|
|
Destroy a group. |
|
|
List groups in the grid controller's local directory service database and groups in the global directory service database (if the grid is configured to use such a service). |
|
|
Show group information. The information displayed includes: group name, ID, scope, description, and principal group members. |
|
|
Show group information. The information displayed includes: group name, ID, scope, description, and principal group members. |
|
|
Replace a local group's description and entire membership. |
|
|
Replace a local group's description or membership. |
|
|
Retrieve the new object ACL definition associated to a group |
|
|
Replace the entire new object ACL definition associated to a group |
|
|
Replace portion of a new object ACL definition associated to a group |
Add a group to the grid controller's local directory service database. The new group is created without any members.
/api/v2/group/create?group=group&vdc=controller-name
Name of the local group to create
Name of the target virtual data center
synchronous
GET
Create a local group named mygroup
GET http://192.168.123.200/api/v2/group/create?group=mygroup&vdc=mygrid
{
"message" : "Creating group mygroup...\n"
}
<message>Creating group mygroup... </message>
Entity vdc mygrid not found
- A VDC name was specified that is not configured in the WS_API application.
Missing required arguments (app).
- Argument group=group missing.
Note: This API is available with WS_API_r6-1.0.6-1 and above.
Destroy a group.
/api/v2/group/destroy?group=group&vdc=controller-name
Name of the local group to destroy
Name of the target virtual data center
synchronous
GET
Destroy a local group named mygroup
GET http://192.168.123.200/api/v2/group/destroy?group=mygroup&vdc=mygrid
{
"message" : "Destroying group mygroup...\n"
}
<message>Destroying group mygroup... </message>
Entity vdc mygrid not found
- A VDC name was specified that is not configured in the WS_API application.
Missing required arguments (app).
- Argument group=group missing.
Note: This API is available with WS_API_r6-1.0.6-1 and above.
List groups in the grid controller's local directory service database and groups in the global directory service database (if the grid is configured to use such a service).
/api/v2/group/list?vdc=controller-name
Name of the target virtual data center
synchronous
GET
GET http://192.168.123.200/api/v2/group/list?vdc=mygrid
GET http://192.168.123.200/api/v2/group/list?local&vdc=mygrid
GET http://192.168.123.200/api/v2/group/list?global&vdc=mygrid
{
"group" : [
{
"can_own" : "0",
"name" : "local:admin",
"description" : "",
"scope" : "local"
},
{
"can_own" : "0",
"name" : "local:all",
"description" : "implicitly contains all users as members",
"scope" : "local"
}
]
}
<groups>
<group>
<can_own>0</can_own>
<description></description>
<name>local:admin</name>
<scope>local</scope>
</group>
<group>
<can_own>0</can_own>
<description>implicitly contains all users as members</description>
<name>local:all</name>
<scope>local</scope>
</group>
</groups>
Entity vdc mygrid not found
- A VDC name was specified that is not configured in the WS_API application.
Note: This API is available with WS_API_r6-1.0.6-1 and above.
Show group information. The information displayed includes: group name, ID, scope, description, and principal group members.
/api/v2/group/get?group=group&vdc=controller-name
Name of the group
Name of the target virtual data center
synchronous
GET
GET http://192.168.123.200/api/v2/group/create?group=mygroup&vdc=mygrid
GET http://192.168.123.200/api/v2/group/get?group=mygroup&vdc=mygrid
{
"group" : {
"can_own" : "0",
"name" : "mygroup",
"id" : "1c534f9d-e26d-41e8-922f-4649743b9e98",
"description" : "",
"scope" : "local"
}
}
<group> <can_own>0</can_own> <description></description> <id>1c534f9d-e26d-41e8-922f-4649743b9e98</id> <name>mygroup</name> <scope>local</scope> </group>
Entity vdc mygrid not found
- A VDC name was specified that is not configured in the WS_API application.
Missing required arguments (app).
- Argument group=group missing.
Note: This API is available with WS_API_r6-1.0.6-1 and above.
Show group information. The information displayed includes: group name, ID, scope, description, and principal group members.
/api/v2/group/info?group=group&vdc=controller-name
Name of the group
Name of the target virtual data center
synchronous
GET
Get group information for group mygroup
GET http://192.168.123.200/api/v2/group/info?group=mygroup&vdc=mygrid
{
"group" : {
"members" : {
"members[2]" : {
"name" : "*",
"id" : "f29c1426-10c1-4715-a763-b0bcc4b8b9d5",
"type" : "user",
"scope" : "local"
},
"members[0]" : {
"name" : "apimig@3tera.com",
"id" : "e1a5357f-204b-4cd3-9ca8-9e09f45b21c6",
"type" : "user",
"scope" : "local"
},
"members[1]" : {
"name" : "api@3tera.com",
"id" : "4f865f5b-e63a-410a-9d9a-96427c3ecfc7",
"type" : "user",
"scope" : "local"
},
"members[3]" : {
"name" : "apoorva@3tera.com",
"id" : "b543eff7-db88-4d79-a11c-4de22d5e6d3b",
"type" : "user",
"scope" : "local"
}
},
"name" : "mygroup",
"id" : "a5cb10bc-7291-4a86-84f8-74419fc9ae63",
"description" : "us",
"scope" : "local"
}
}
<group>
<name>mygroup</name>
<description>us</description>
<id>a5cb10bc-7291-4a86-84f8-74419fc9ae63</id>
<members>
<name>apimig@3tera.com</name>
<id>e1a5357f-204b-4cd3-9ca8-9e09f45b21c6</id>
<scope>local</scope>
<type>user</type>
</members>
<members>
<name>api@3tera.com</name>
<id>4f865f5b-e63a-410a-9d9a-96427c3ecfc7</id>
<scope>local</scope>
<type>user</type>
</members>
<members>
<name>*</name>
<id>f29c1426-10c1-4715-a763-b0bcc4b8b9d5</id>
<scope>local</scope>
<type>user</type>
</members>
<scope>local</scope>
</group>
Entity vdc mygrid not found
- A VDC name was specified that is not configured in the WS_API application.
Missing required arguments (app).
- Argument group=group missing.
Note: This API is available with WS_API_r6-1.0.6-1 and above.
Replace a local group's description and entire membership.
/api/v2/group/put?group=group&description=description&principal=principal&vdc=controller-name
Name of the group
A URL-encoded owner description of the group
URL-encoded ‘/’ separated list of principals.
For example. local:user:api@3tera.com should be passed as local%3Auser%3Aapi%403tera.com
For example, local:user:api@3tera.com /local:user:test@3tera.com should be passed as local%3Auser%3Aapi%403tera.com%2Flocal%3Auser%3Atest%403tera.com
Name of the target virtual data center
synchronous
GET
Replace the entire description with “API GROUP” and membership with single principal local:user:api@3tera.com for mygroup
GET http://192.168.123.200/api/v2/group/put?group=mygroup&description=API%20Group&principal=local%3Auser%3Aapi%403tera.com&vdc=mygrid
Replace the entire description with “API GROUP” and membership with principals local:user:api@3tera.com and local:user:test@3tera.com for mygroup.
GET http://192.168.123.200/api/v2/group/put?group=mygroup&description=API%20Group&principal=local%3Auser%3Aapi%403tera.com%2Flocal%3Auser%3Atest%403tera.com&vdc=mygrid
{
"message" : ""
}
<message></message>
Entity vdc mygrid not found
- A VDC name was specified that is not configured in the WS_API application.
Missing required arguments (group)
- Argument group=group missing
Missing required arguments (description)
- Argument description=description
Missing required arguments (principal)
- Argument principal=principal missing
Entity not found – Group mygroup does not exist.
- A group was specified that does not exist on mygrid.
Entity not found - Failed to put application ACL - invalid principal data - principal local user 'test@3tera.com' does not exist.
- An invalid principal was specified
Note: This API is available with WS_API_r6-1.0.6-1 and above.
Replace a local group's description or membership.
/api/v2/group/modify?group=group&add_principal=add_principal&remove_principal=remove_principal&vdc=controller-name
Name of the group
URL-encoded ‘/’ separated list of principals to be added to the group.
For example, local:user:api@3tera.com should be passed as local%3Auser%3Aapi%403tera.com
For example, local:user:api@3tera.com /local:user:test@3tera.com should be passed as local%3Auser%3Aapi%403tera.com%2Flocal%3Auser%3Atest%403tera.com
URL-encoded ‘/’ separated list of principals to be removed from the group.
For example, local:user:api@3tera.com should be passed as local%3Auser%3Aapi%403tera.com
For example, local:user:api@3tera.com /local:user:test@3tera.com should be passed as local%3Auser%3Aapi%403tera.com%2Flocal%3Auser%3Atest%403tera.com
Name of the target virtual data center
synchronous
GET
Replace the entire description with “API GROUP” and but do not change the membership
GET
http://192.168.123.200/api/v2/group/modify?group=mygroup&description=API%20Group&add_principal=&remove_principal=&vdc=mygrid
Replace the entire description with “API GROUP” and add local:user:api@3tera.com to the membership and remove local:user:test@3tera.com from mygroup.
GET http://192.168.123.200/api/v2/group/put?group=mygroup&description=API%20Group&add_principal=local%3Auser%3Aapi%403tera.com&remove_principal=local%3Auser%3Atest%403tera.com&vdc=mygrid
Replace the entire description with “API GROUP” and remove local:user:api@3tera.com and local:user:test@3tera.com from mygroup.
GET http://192.168.123.200/api/v2/group/put?group=mygroup&description=API%20Group&remove_principal=local%3Auser%3Aapi%403tera.com%2Flocal%3Auser%3Atest%403tera.com&add_principal=&vdc=mygrid
{
"message" : ""
}
<message></message>
Entity vdc mygrid not found
- A VDC name was specified that is not configured in the WS_API application.
Missing required arguments (add_principal, remove_principal, can_own or description).
Entity not found – Group mygroup does not exist.
- A group was specified that does not exist on mygrid.
Entity not found - Failed to put application ACL - invalid principal data - principal local user 'test@3tera.com' does not exist.
- An invalid principal was specified
Note: This API is available with WS_API_r6-1.0.6-1 and above.
Display the new object ACL definition associated to a group, or display that portion of the new object ACL definition which relates to a particular principal.
/api/v2/group/get_newobj_acl?group=group&principal=principal&vdc=vdc
Name of the group. Prepend the group name with / to indicate a global group.
Name of the principal. <principal> is in the form:
Encoded principal in the form:
<name> - Local user or group.
/<name> - Global user or group.
<scope>:<type>:<name> - A fully qualified principal name where <scope> is 'global' or 'local', <type> is 'group' or 'user' and <name> is the group or user name.
For example, local:user:api@3tera.com=full should be passed as local%3Auser%3Aapi%403tera.com%3Dfull
If principal is an empty string, then the full new object ACL definition associated to a group is displayed; Otherwise, only the portion of the new object ACL definition which relates to a particular principal is displayed.
Name of the target virtual data center
synchronous
GET
GET http://192.168.123.200/api/v2/group/get_newobj_acl?group=apigroup&principal=&vdc=mygrid
<acl>
<entries>
<entry>
<full>1</full>
<id>a5cb10bc-7291-4a86-84f8-74419fc9ae63</id>
</entry>
</entries>
<owner>
<id></id>
</owner>
</acl>
{
"acl" : {
"owner" : {
"id" : ""
},
"entries" : [
{
"id" : "a5cb10bc-7291-4a86-84f8-74419fc9ae63",
"full" : 1
}
]
}
}
Entity vdc vdc not found - A VDC name was specified that is not configured in the WS_API application.
Entity not found - There is no principal name match for 'principal'
Missing required arguments (group). - Argument group=group missing in the request.
Note: This API is available with WS_API_r10-1.0.10-1 and above.
Replace the entire new object ACL definition associated to a group.
/api/v2/group/put_newobj_acl?group=group&acl=<ACLs>&vdc=controller-name
Name of the group; prepend the group name with / to indicate a global group.
URL-encoded ' / ' separated list of principals.
The principal for the owner must be a group.
For example, local:group:apigroup=full should be passed as local%3Agroup%3Aapigroup%3Dfull
For example, local:group:apigroup=full/local:user:test@3tera.com=configure should be passed as local%3Agroup%3Aapigroup%3Dfull%2Flocal%3Auser%3Atest%403tera.com%3Dconfigure
Name of the target virtual data center
synchronous
GET
GET http://192.168.123.200/api/v2/group/put_newobj_acl?group=apigroup&acl=apigroup%3Downer%2Ftest%403tera.com%3Dconfigure&vdc=mygrid
<message></message>
{
"message" : ""
}
Entity vdc controller-name not found - A VDC name was specified that is not configured in the WS_API application.
Entity not found - There is no principal name match for 'principal'
Missing required arguments (acl). - Argument acl=<ACL> missing in the request.
Missing required arguments (group). - Argument group=group missing in the request.
Note: This API is available with WS_API_r10-1.0.10-1 and above.
Replace that portion of a new object ACL definition associated to a group which relates to the owner or a principal entry.
/api/v2/group/modify_newobj_acl?group=group&acl=<ACLs>&vdc=controller-name
Name of the group; prepend the group name with / to indicate a global group.
URL-encoded ' / ' separated list of principals.
The principal for the owner must be a group.
For example, local:group:apigroup=full should be passed as local%3Agroup%3Aapigroup%3Dfull
For example, local:group:apigroup=full/local:user:test@3tera.com=configure should be passed as local%3Agroup%3Aapigroup%3Dfull%2Flocal%3Auser%3Atest%403tera.com%3Dconfigure
Name of the target virtual data center
synchronous
GET
GET http://192.168.123.200/api/v2/group/modify_newobj_acl?group=apigroup&acl=apigroup%3Downer%2Ftest%403tera.com%3Dconfigure&vdc=mygrid
<message></message>
{
"message" : ""
}
Entity vdc controller-name not found - A VDC name was specified that is not configured in the WS_API application.
Entity not found - There is no principal name match for 'principal'
Missing required arguments (acl). - Argument acl=<ACL> missing in the request.
Missing required arguments (group). - Argument group=group missing in the request.
Note: This API is available with WS_API_r10-1.0.10-1 and above.
|
Copyright © 2013 CA Technologies.
All rights reserved.
|
|