SetUserRoles

Description

This services sets or revokes roles for a specified user.

Arguments

Argument Type Description
auth (optional) Auth The Auth type supplies credentials and optionally, a host name for licensing. The userId and password can be specified with HTTP BASIC or WS-SECURITY instead.
user UserIdentifier Indicates the user for which roles should be set or revoked.
role RoleInfo Indicates the name and assignment information for a role.

Response

One or more RoleHolder responses are returned. The roles are returned in the context of the specified user. The role name, project, and access information are returned. For more information, see RoleHolder.

Usage

This call enables you to set one or more roles for a user. Roles might be granted, revoked, or inherited according to the <urn:access> parameter; however, this service only manages explicit user roles without affecting the role inheritance tree. When a role is explicitly revoked for a particular project, the user nevertheless might still have that role due to inheritance from the upper-level project. To check the actual state of role availability for a particular user, use the HasUserRole or GetUserRoles calls.

If an invalid role or no role is specified, the call will succeed, but no role information will be returned.

Faults

XML

The following XML is a snippet of the payload that is sent with SetUserRoles.

<urn:SetUserRoles>
    <urn:auth>
        <urn:userId>bill</urn:userId>
        <urn:password></urn:password>
        <urn:hostname>localhost</urn:hostname>
    </urn:auth>
    <urn:user>
        <urn:loginId>john</urn:loginId>
    </urn:user>
    <urn:role>
        <urn:id>
            <urn:displayName>IDM Team</urn:displayName>
            <urn:projectId>
                <urn:displayName>IDM Project</urn:displayName>
            </urn:projectId>
        </urn:id>
        <urn:access>GRANTED</urn:access>
    </urn:role>
    <urn:role>
        <urn:id>
            <urn:displayName>IDM Administrator</urn:displayName>
            <urn:projectId>
                <urn:displayName>IDM Project</urn:displayName>
            </urn:projectId>
        </urn:id>
        <urn:access>REVOKED</urn:access>
    </urn:role>
</urn:SetUserRoles>