Web Services Developer's Guide → Web Services API Reference → SBM Administrative Web Services → Administrative Calls → SetGroupPrivileges
This services sets or revokes privileges for a specified group.
Argument | Type | Description |
---|---|---|
auth (optional) | Auth | The Auth type supplies credentials and optionally, a host name for licensing. The userId and password can be specified with HTTP BASIC or WS-SECURITY instead. |
group | GroupIdentifier | Indicates the group for which privileges should be set or revoked. |
privilege | PrivilegeInfo | Indicates the name and assignment information for a privilege. |
One or more PrivilegeHolder responses are returned. The privileges are returned in the context of the specified group. The privilege name, type, access information, and objectId (if the privilege applies only to a particular object like a project or table) are returned. For more information, see PrivilegeHolder.
This call enables you to grant or revoke one or more privileges for a group. Use the GetPrivilegeTypes and GetTypePrivileges calls to get available privilege types and privilege names.
If a privilege is specified, but no access information is sent, the privilege is automatically set to REVOKED. To successfully grant or revoke a privilege, you must supply the privilege's corresponding object unless specified otherwise.
The following table lists the available user privilege types and their corresponding objects. (Send any of the following privilege types using GetTypePrivileges to return the type's associated privileges).
Privilege Type | Associated objectId |
---|---|
TS_PRIVTYPE_USERPRJ |
Project – To grant groups project-type privileges, you must include the project displayName, id, or uuid in the <urn:objectId> argument. Tip: You do not send project information using the
privilege.projectId element. Use one of the objectId parameters instead.
|
TS_PRIVTYPE_USERWKF |
Workflow – Not used. There are no workflow-based privileges for users that you can grant or revoke in SBM. |
TS_PRIVTYPE_USERFLD |
Folder – To grant groups folder-type privileges, you must include the folder displayName, id, or uuid in the <urn:objectId> argument. |
TS_PRIVTYPE_USERTBL |
Table – To grant groups table-type privileges, you must include the table displayName, id, or uuid in the <urn:objectId> argument. |
TS_PRIVTYPE_USERSYS |
System – Not bound to a specific object, so objectId parameters can be empty. |
The following table lists the available administrator privilege types and their corresponding objects. (Send any of the following privilege types using GetTypePrivileges to return the type's associated privileges).
Privilege Type | Associated objectId |
---|---|
TS_PRIVTYPE_ADMSYS |
System – Not bound to a specific object, so objectId parameters can be empty. |
TS_PRIVTYPE_ADMPRJ |
Project – To grant groups administrative project-type privileges, you must include the project displayName, id, or uuid in the <urn:objectId> argument. Tip: You do not send project information using the
privilege.projectId element. Use one of the objectId parameters instead.
|
TS_PRIVTYPE_ADMWKF |
Workflow – To grant groups administrative workflow-type privileges, you must include the workflow displayName, id, or uuid in the <urn:objectId> argument. |
TS_PRIVTYPE_ADMFLD_PRJ |
Override Ordering for Default Fields – To grant groups administrative override-type privileges for fields in projects, you must include the project displayName, id, or uuid in the <urn:objectId> argument. |
TS_PRIVTYPE_ADMFLD_WKF |
Workflow – Not used. There are no workflow-based field privileges for administrators that you can grant or revoke in SBM. |
TS_FLDPRIVTYPE_ADMFLD |
Field – To grant groups administrative field-type privileges, you must include the field displayName, id, or uuid in the <urn:objectId> argument. Important: You must include a project value in
projectId in order to identify the correct
field in the correct project.
|
TS_FLDPRIVTYPE_ADMGRP |
Group – To grant groups administrative group-type privileges, you must include the group displayName, id, or uuid in the <urn:objectId> argument. |
TS_FLDPRIVTYPE_ADMTBL |
Table – To grant groups administrative table-type privileges, you must include the table displayName, id, or uuid in the <urn:objectId> argument. |
TS_PRIVTYPE_ADMCON |
Deployment – Not bound to a specific object, so objectId parameters can be empty. |
The following XML is a snippet of the payload that is sent with SetGroupPrivileges.
<urn:SetGroupPrivileges> <urn:auth> <urn:userId>bill</urn:userId> <urn:password></urn:password> <urn:hostname></urn:hostname> </urn:auth> <urn:group> <urn:displayName>Everyone</urn:displayName> </urn:group> <urn:privilege> <urn:privilegeId> <urn:name>TS_USRPRJPRIV_DELETE</urn:name> </urn:privilegeId> <urn:access>GRANTED</urn:access> <urn:objectId> <urn:displayName>IM Project</urn:displayName> <urn:id></urn:id> <urn:uuid></urn:uuid> </urn:objectId> </urn:privilege> </urn:SetGroupPrivileges>
Copyright © 2007–2016 Serena Software, Inc. All rights reserved.