Note: In a Central Management environment, the object to which you want to add a role may reside on the Central Manager or on a managed unit. See the Overview of the Aggregation & Central Management help book, for more information.
Add a role to the specified object - a Classification process, for example. Dependencies are checked before adding the role. For example, before adding a role to a Classification process, that role must be assigned to all components contained by that Classification process (the classification policy and any datasources referenced).
|
Parameter |
Description |
|
objectTypeId |
Required (integer). Identifies the type of object to which the role will be assigned. It must be one of the following integers: 1=Query 2=Report 3=Alert 4=Baseline 5=Policy 6=SecurityAssessment 7=PrivacySet 8=AuditProcess 12=CustomTable 13=Datasource 14=CustomDomain 15=ClassifierPolicy 16=ClassificationProcess |
|
objectId |
Required (integer). Identifies the object to which the role will be assigned. |
|
roleId |
Required (integer). Identifies the role to assign. This can be any existing role ID, or the special value -1, which allows access by all roles. |
grdapi grant_role_to_object_by_id objectTypeId=13 objectId=2 roleId=3
|
ERR |
Description |
|
202 |
Could not retrieve App Object Type - check objectTypeId. |
|
203 |
Could not retrieve Role - check roleId. |
|
204 |
Could not retrieve assigned roles. |
|
205 |
could not add the role - possible cause dependency issues. |
|
206 |
could not add the role - error while checking dependencies. |
|
207 |
could not add the role - error while assigning the role. |
|
208 |
Role added successfully - error while handling report portlet. |
|
209 |
could not add the role. |
|
210 |
could not add the role. possible cause objectId not found. |
Add a role to the specified object - a Classification process, for example. Dependencies are checked before adding the role. For example, before adding a role to a Classification process, that role must be assigned to all components contained by that Classification process (the classification policy and any datasources referenced).
|
Parameter |
Description |
|
objectType |
Required. Identifies the type of object to which the role will be assigned. It must be one of the following: Query Report Alert Baseline Policy SecurityAssessment PrivacySet AuditProcess CustomTable Datasource CustomDomain ClassifierPolicy ClassificationProcess |
|
objectName |
Required. The name of the object (the query or report, for example) to which the role will be assigned. |
|
role |
Required. The name of the role to assign. This can be any existing role, or all_roles to allow access by all roles. |
grdapi grant_role_to_object_by_Name objectType=Datasource objectName= “swanSybase” role=admin
|
ERR |
Description |
|
200 |
Invalid ObjectType - should be one of :Query, Report, Alert, Baseline, Policy, SecurityAssessment, PrivacySet, AuditProcess, CustomTable, Datasource, CustomDomain, ClassifierPolicy, ClassificationProcess. |
|
201 |
Invalid role - should either be all_roles or any of existing roles. |
|
204 |
Could not retrieve assigned roles. |
|
205 |
could not add the role - possible cause dependency issues. |
|
206 |
could not add the role - error while checking dependencies. |
|
207 |
could not add the role - error while assigning the role. |
|
208 |
Role added successfully - error while handling report portlet. |
|
209 |
could not add the role. |
|
211 |
Could not retrieve Object - check objectName. |
|
212 |
Could not retrieve App Object Type - check objectType. |
Displays the roles assigned to the specified object - a Classification process, for example.
|
Parameter |
Description |
|
objectTypeID |
Required (integer). Identifies the type of object for which roles will be displayed. It must be one of the following integers: 1=Query 2=Report 3=Alert 4=Baseline 5=Policy 6=SecurityAssessment 7=PrivacySet 8=AuditProcess 12=CustomTable 13=Datasource 14=CustomDomain 15=ClassifierPolicy 16=ClassificationProcess |
|
objectID |
Required (integer). Identifies the specific instance of the object, for which the roles assigned will be displayed. |
grdapi list_roles_granted_to_object_by_id objectTypeId=7 objectId=1
|
ERR |
Description |
|
202 |
Could not retrieve App Object Type - check objectTypeId. |
|
204 |
Could not retrieve assigned roles. |
|
241 |
Could not read the roles - no App Object Type |
|
242 |
could not read the role. possible cause objectId not found. |
Displays the roles assigned to the specified object - a Classification process, for example.
|
Parameter |
Description |
|
objectType |
Required. Identifies the type of object for which roles will be displayed. It must be one of the following integers: Query Report Alert Baseline Policy SecurityAssessment PrivacySet AuditProcess CustomTable Datasource CustomDomain ClassifierPolicy ClassificationProcess |
|
objectName |
Required. The name of the object (the query or report, for example) , for which the roles assigned will be displayed. |
grdapi list_roles_granted_to_object_by_Name objectType=PrivacySet
objectName="privaceSet 1"
|
ERR |
Description |
|
200 |
Invalid ObjectType - should be one of :Query, Report, Alert, Baseline, Policy, SecurityAssessment, PrivacySet, AuditProcess, CustomTable, Datasource, CustomDomain, ClassifierPolicy, ClassificationProcess. |
|
204 |
Could not retrieve assigned roles. |
|
211 |
Could not retrieve Object - check objectName. |
|
212 |
Could not retrieve App Object Type - check objectType. |
|
241 |
Could not read the roles - no App Object Type |
Removes a role from the specified object - a Classification process, for example. Dependencies are handled automatically. For example, if the role foo is removed from a specific query, the role foo will also be removed from any report based on that query.
|
Parameter |
Description |
|
objectTypeId |
Required (integer). Identifies the type of object from which the role will be removed. It must be one of the following integers: 1=Query 2=Report 3=Alert 4=Baseline 5=Policy 6=SecurityAssessment 7=PrivacySet 8=AuditProcess 12=CustomTable 13=Datasource 14=CustomDomain 15=ClassifierPolicy 16=ClassificationProcess |
|
objectId |
Required (integer). Identifies the object from which the role will be removed. |
|
roleId |
Required (integer). Identifies the role to be removed. This can be any existing role ID, or the special value -1, meaning remove all roles. |
grdapi revoke_role_from_object_by_Name objectType=Datasource
objectName= “swanSybase” role=admin
|
ERR |
Description |
|
202 |
Could not retrieve App Object Type - check objectTypeId. |
|
203 |
Could not retrieve Role - check roleId. |
|
204 |
Could not retrieve assigned roles. |
|
220 |
Could not remove roleId, This object has all_roles assigned to it. |
|
221 |
Could not remove roleId, error while removing the role |
|
222 |
Role removed successfully - error while handling report portlet. |
|
223 |
Role removed successfully - error while adjusting dependent roles. |
|
224 |
could not remove the role. possible cause objectId not found. |
Removes a role from the specified object - a Classification process, for example. Dependencies are handled automatically. For example, if the role foo is removed from a specific query, the role foo will also be removed from any report that uses that query.
|
Parameter |
Description |
|
objectType |
Required. Identifies the type of object from which the role will be removed. It must be one of the following: Query Report Alert Baseline Policy SecurityAssessment PrivacySet AuditProcess CustomTable Datasource CustomDomain ClassifierPolicy ClassificationProcess |
|
objectName |
Required. The name of the object (the query or report, for example) from which the role will be removed. |
|
role |
Required. The name of the role to remove. This can be any existing role, or all_roles to remove all roles (only the owner will be able to access this object). |
grdapi revoke_role_from_object_by_Name objectType=Datasource
objectName= “swanSybase” role=admin
|
ERR |
Description |
|
200 |
Invalid ObjectType - should be one of :Query, Report, Alert, Baseline, Policy, SecurityAssessment, PrivacySet, AuditProcess, CustomTable, Datasource, CustomDomain, ClassifierPolicy, ClassificationProcess. |
|
201 |
Invalid role - should either be all_roles or any of existing roles. |
|
204 |
Could not retrieve assigned roles. |
|
211 |
Could not retrieve Object - check objectName. |
|
212 |
Could not retrieve App Object Type - check objectType. |
|
220 |
Could not remove roleId, This object has all_roles assigned to it. |
|
221 |
Could not remove roleId, error while removing the role |
|
222 |
Role removed successfully - error while handling report portlet. |
|
223 |
Role removed successfully - error while adjusting dependent roles. |