SetGroupRoles

Description

This services sets or revokes roles for a specified group.

Arguments

Argument Type Description
auth (optional) Auth The Auth type supplies credentials and optionally, a host name for licensing. The userId and password can be specified with HTTP BASIC or WS-SECURITY instead.
group GroupIdentifier Indicates the group for which roles should be set or revoked.
role RoleInfo Indicates the name and assignment information for a role.

Response

One or more RoleHolder responses are returned. The roles are returned in the context of the specified group. The role name, project, and access information are returned. For more information, see RoleHolder.

Usage

This call enables you to set one or more roles for a group. Roles might be granted, revoked, or inherited according to the <urn:access> parameter; however, this service only manages explicit group roles without affecting the role inheritance tree. When a role is explicitly revoked for a particular project, the group nevertheless might still have that role due to inheritance from the upper-level project. To check the actual state of role availability for a particular group, use the HasGroupRole or GetGroupRoles calls.

If an invalid role or no role is specified, the call will succeed, but no role information will be returned.

Faults

XML

The following XML is a snippet of the payload that is sent with SetGroupRoles.

<urn:SetGroupRoles>
    <urn:auth>
        <urn:userId>bill</urn:userId>
        <urn:password></urn:password>
        <urn:hostname></urn:hostname>
    </urn:auth>
    <urn:group>
        <urn:displayName>IDM View Only</urn:displayName>
    </urn:group>
    <urn:role>
        <urn:id>
            <urn:displayName>IDM Team</urn:displayName>
            <urn:projectId>
                <urn:displayName>IDM Project</urn:displayName>
            </urn:projectId>
        </urn:id>
        <urn:access>GRANTED</urn:access>
    </urn:role>
    <urn:role>
        <urn:id>
            <urn:displayName>IDM Administrator</urn:displayName>
            <urn:projectId>
                <urn:displayName>IDM Project</urn:displayName>
            </urn:projectId>
        </urn:id>
        <urn:access>INHERITED</urn:access>
    </urn:role>
</urn:SetGroupRoles>