Module: UU::OS::AccessRole Deprecated

Extended by:
AccessRole
Included in:
AccessRole
Defined in:
uu_os-0.29.16/lib/uu/os/access_role.rb,
uu_os-0.29.16/lib/uu/os/access_role/access_role_create.rb,
uu_os-0.29.16/lib/uu/os/access_role/access_role_attributes.rb,
uu_os-0.29.16/lib/uu/os/access_role/access_role_set_attributes.rb,
uu_os-0.29.16/lib/uu/os/access_role/access_role_add_role_interface.rb,
uu_os-0.29.16/lib/uu/os/access_role/access_role_remove_role_interface.rb,
uu_os-0.29.16/lib/uu/os/access_role/access_role_get_role_interface_list.rb,
uu_os-0.29.16/lib/uu/os/access_role/access_role_get_role_interface_list_item.rb

Overview

Deprecated.

Use PersonalAccessRole instead.

Access Role service.

Defined Under Namespace

Classes: AccessRoleAddRoleInterface, AccessRoleAttributes, AccessRoleCreate, AccessRoleGetRoleInterfaceList, AccessRoleGetRoleInterfaceListItem, AccessRoleRemoveRoleInterface, AccessRoleSetAttributes

Constant Summary

PATH =

Service path of the REST API.

'ues/core/role/UESAccessRole'

Instance Method Summary (collapse)

Instance Method Details

- (Object) activate_access(access_role_uri)

This command activates an access role. The access role will have access to its territory.

Examples:

# Activate access for specified access role.
UU::OS::AccessRole.activate_access('ues:TERRITORY:ACCESS_ROLE')

Parameters:

  • access_role_uri (String, UU::OS::UESURI)

    UESURI of an access role that the access will be reactivated.



208
209
210
211
212
213
 
# File 'uu_os-0.29.16/lib/uu/os/access_role.rb', line 208

def activate_access(access_role_uri)
  svc = UU::OS::REST::RemoteClient.new(AccessRole)
  UU::OS::QoS::QoSHandler.auto_retry do
    svc.post('activateAccess', access_role_uri)
  end
end

- (Object) add_role_interface(access_role_uri, access_role = nil)

This command creates new role interface connection to the specified access role. The role interface has to be in an active state and mustn't be already connected. The role interface has to be connected to the one of the authorized roles for this command, or the authorized role has to be casted to the default group of meta model where the role interface is located.

Examples:

# Add role interface for specified access role.
UU::OS::AccessRole.add_role_interface('ues:TERRITORY:ACCESSROLE', :role_interface_uri=>'ues:TERRITORY:ROLEIFC')

Parameters:

  • access_role_uri (String, UU::OS::UESURI)

    UESURI of the access role where the role interface will be connected

  • access_role (AccessRoleAddRoleInterface) (defaults to: nil)

    DTO containing role interface that to be connected

Options Hash (access_role):

  • :role_interface_uri (String, UU::OS::UESURI)

    UESURI of the role interface that to be connected to the specified access role. When nil is set, the command fails.



175
176
177
178
179
180
181
182
 
# File 'uu_os-0.29.16/lib/uu/os/access_role.rb', line 175

def add_role_interface(access_role_uri, access_role = nil)
  svc = UU::OS::REST::RemoteClient.new(AccessRole)
  payload = UU::OS::AccessRole::AccessRoleAddRoleInterface.new(access_role).to_json

  UU::OS::QoS::QoSHandler.auto_retry do
    svc.post('addRoleInterface', access_role_uri, payload)
  end
end

- (UU::OS::UESURI) create(location_uri, access_role = nil)

Creates a new access role. The command creates a new access role in aspecified location. At the very least meta artifact must bespecified in AccessRoleCreate DTO. Competent role for the new role will be selected as the most suitable according to the specified container and meta artifact (executive/authorized role with connected interface), or can be also specified in AccessRoleCreate DTO.

Examples:

# Create access role in specified location.
UU::OS::AccessRole.create('ues:UNI:FOLDER', :meta_artifact_uri=>'ues:TER:METAARTIFACT',:universe_id=>'37820001', :first_name=>'John', :surname=>'Doe', :code=>'DOECODE', :description=>'Some sample description',:searchable_in_territory=>true)

Parameters:

  • location_uri (String, UU::OS::UESURI)

    UESURI of the folder/org. unit/meta model where the access role will be created.

  • access_role (AccessRoleCreate) (defaults to: nil)

    DTO containing attributes of the new access role

Options Hash (access_role):

  • :meta_artifact_uri (String, UU::OS::UESURI)

    UESURI of the meta artifact. Only a meta artifact with the template class of an Access role (not its descendants) can be used. If the rights does not permit to create a new access role from the meta artifact in the specified location, the create command fails.

  • :universe_id (String)

    Universe identifier of the user. When nil is set, the create command fails.

  • :first_name (String)

    First name of the new access role. When nil is set, the create command fails.

  • :surname (String)

    Surname of the new access role. When nil is set, the create command fails.

  • :code (String)

    Code of the new access role. When nil is set, the code is generated automatically using the system sequence. The code must be unique in the given territory, otherwise the create command fails.

  • :description (String)

    Description of the new access role. When nil is set, description from meta artifact is used if set, otherwise no description is set on the new access role.

  • :competent_role_uri (String, UU::OS::UESURI)

    UESURI of the competent role. When nil is set, the executive role from authorization is used. If no role is authorized to create the access role into specified container, the create command fails. If the selected role doesn’t have connected the access role interface with the selected meta artifact, the create command fails. If the selected role doesn’t belong to the same organizational unit as anew role or if it doesn’t belong to one of superior organizational units, the create command fails.

  • :security_level (UU::OS::Artifact::SecurityLevel)

    Security level. When nil is set, security level is taken from the meta artifact default security level. If the meta artifact template security level is higher than the user’s security clearance, the create command fails.

  • :security_clearance (UU::OS::Artifact::SecurityLevel)

    Security clearance of the new access role. When nil is set, the value NO_CONFIDENTIALITY is used.

  • :searchable_in_territory (Boolean)

    Specifies if it is possible to search the new access role in its territory. When nil is set, SearchableInTerritory from meta artifact is used if set, otherwise the create command fails.

  • :icon_uri (String, UU::OS::UESURI)

    URI of the role’s icon. When nil is set, the icon is not modified. If nil UESURI (“ues:[-1]:[-1]:”) is set, the role icon is removed and the role uses icon from meta artifact. Allowed format of icon URI: ‘ues:#{system}:#{ues_v5.core_v1.codetable_v1.base_v1.CodeTable_Icons}:#{CODE_OF_ICON}’. An example of icon URI: ‘ues:#{system}:#{ues_v5.core_v1.codetable_v1.base_v1.CodeTable_Icons}:#{ART_077}’.

  • :grant_all_from_organizational_unit (Boolean)

    Deprecated. Specifies if the access role will be included among All roles from organizational unit. When true or nil is set, the access role will be included, otherwise it will not be included among All roles from organizational unit.

  • :component_content (Boolean)

    Defines whether the primarily displayed content of the created Access role is component content. Default value is false.

Returns:

Raises:

  • (UESAccessRoleRTException) 


104
105
106
107
108
109
110
111
112
 
# File 'uu_os-0.29.16/lib/uu/os/access_role.rb', line 104

def create(location_uri, access_role = nil)
  svc = UU::OS::REST::RemoteClient.new(AccessRole)
  payload = UU::OS::AccessRole::AccessRoleCreate.new(access_role).to_json

  UU::OS::QoS::QoSHandler.auto_retry do
    res = svc.post('create', location_uri, payload)
    return UU::OS::UESURI.new(res)
  end
end

- (Object) deactivate_access(access_role_uri)

This command deactivates an access role. The access role will lose access to its territory.

Examples:

# Deactivate access for specified access role.
UU::OS::AccessRole.deactivate_access('ues:TERRITORY:ACCESSROLE')

Parameters:

  • access_role_uri (String, UU::OS::UESURI)

    UESURI of an access role that the access will be canceled.



193
194
195
196
197
198
 
# File 'uu_os-0.29.16/lib/uu/os/access_role.rb', line 193

def deactivate_access(access_role_uri)
  svc = UU::OS::REST::RemoteClient.new(AccessRole)
  UU::OS::QoS::QoSHandler.auto_retry do
    svc.post('deactivateAccess', access_role_uri)
  end
end

- (AccessRoleAttributes) get_attributes(access_role_uri)

This command returns attributes representing the personal access role specified by the access_role_uri parameter. The command does not change the state of the role in the system.

Examples:

# Get attributes of access role.
getAttributes = UU::OS::AccessRole.get_attributes('ues:UNI:ACCESSROLE')

Parameters:

  • access_role_uri (String, UU::OS::UESURI)

    UESURI of a personal access role whose attributes are returned

Returns:



34
35
36
37
38
39
40
 
# File 'uu_os-0.29.16/lib/uu/os/access_role.rb', line 34

def get_attributes(access_role_uri)
  svc = UU::OS::REST::RemoteClient.new(AccessRole)
  UU::OS::QoS::QoSHandler.auto_retry do
    res = svc.get('getAttributes', access_role_uri)
    return AccessRole::AccessRoleAttributes.new(res)
  end
end

- (UU::OS::REST::ResultList<AccessRole::AccessRoleGetRoleInterfaceList, AccessRole::AccessRoleGetRoleInterfaceListItem>) get_role_interface_list(access_role_uri, criteria = nil)

Returns list of the role interfaces that are connected to the specified access role. The list of returned interfaces could be filtered by the name or code. Returned list does not contain any objects filtered out by executed UESQuery. The list is sorted by the name (and by code in case are equal) of an interface by default.

Examples:

# Get role interface list for specified access role.
roleIfcList = UU::OS::AccessRole.get_role_interface_list('ues:TERRITORY:ACCESSROLE')

Parameters:

Options Hash (criteria):

  • query (String)

    # The UES query string. It has to conform the uesquery syntax (see documentation for more info). Filtering and order of the result list can be specified there. When nil is set, no filtering is applied and entries are ordered by name of casted subjects (and code as the second criteria). See UESQuery Documentation.

Returns:



129
130
131
132
133
134
135
136
137
138
139
 
# File 'uu_os-0.29.16/lib/uu/os/access_role.rb', line 129

def get_role_interface_list(access_role_uri, criteria = nil)
  svc = UU::OS::REST::RemoteClient.new(AccessRole)
  dto = AccessRole::AccessRoleGetRoleInterfaceList.new(criteria)
  svc.add_parameter('pageIndex', dto.page_index)
  svc.add_parameter('pageSize', dto.page_size)
  svc.add_parameter('query', dto.query)
  UU::OS::QoS::QoSHandler.auto_retry do
    res = svc.get('getRoleInterfaceList', access_role_uri)
    return UU::OS::REST::ResultList.new(AccessRole::AccessRoleGetRoleInterfaceList, AccessRole::AccessRoleGetRoleInterfaceListItem, res)
  end
end

- (Object) remove_role_interface(access_role_uri, access_role = nil)

The command removes role interface connection from the specified access role. Only connected interfaces can be disconnected from the access role.

Examples:

# Remove role interface from specified access role.
UU::OS::AccessRole.remove_role_interface('ues:TERRITORY:ACCESSROLE', :role_interface_uri=>'ues:TERRITORY:ROLEIFC')

Parameters:

  • access_role_uri (String, UU::OS::UESURI)

    UESURI of the access role where the role interface will be disconnected

  • access_role (AccessRoleRemoveRoleInterface) (defaults to: nil)

    DTO containing role interface that to be disconnected

Options Hash (access_role):

  • :role_interface_uri (String, UU::OS::UESURI)

    UESURI of the role interface that to be unconnected from the specified access role. When nil is set, the command fails.



152
153
154
155
156
157
158
159
 
# File 'uu_os-0.29.16/lib/uu/os/access_role.rb', line 152

def remove_role_interface(access_role_uri, access_role = nil)
  svc = UU::OS::REST::RemoteClient.new(AccessRole)
  payload = UU::OS::AccessRole::AccessRoleRemoveRoleInterface.new(access_role).to_json

  UU::OS::QoS::QoSHandler.auto_retry do
    svc.post('removeRoleInterface', access_role_uri, payload)
  end
end

- (UU::OS::UESURI) set_attributes(access_role_uri, access_role = nil)

Command for setting attributes of an access role. The command can't modify references to objects like location, competent role and so on.

Examples:

# Set access role confidential and not search able in territory.
accessRoleUri = UU::OS::AccessRole.set_attributes('ues:UNI:ACCESSROLE', :first_name=>'John', :surname=>'Doe', :code=>'NEWACCESSCODE', :description=>'Some basic access role',:security_level=>UU::OS::Artifact::SecurityLevel::CONFIDENTIAL,:searchable_in_territory=>false)

Parameters:

  • access_role_uri (String, UU::OS::UESURI)

    UESURI of the access role whose attributes are to be changed

  • access_role (AccessRoleSetAttributes) (defaults to: nil)

    DTO containing new attributes theaccess role

Options Hash (access_role):

  • :first_name (String)

    The new first name of the access role. When nil is set, the first name is not modified.

  • :surname (String)

    The new surname of the access role. When nil is set, the surname is not modified.

  • :code (String)

    The new code of the access role. When nil is set, the code is not modified. When blank string is set, the code is generated automatically using the system sequence. The code must be unique in a given territory, otherwise the setAttributes command fails.

  • :description (String)

    The new description of the access role. When nil is set, the description is not modified.

  • :security_level (UU::OS::Artifact::SecurityLevel)

    Security level of the new access role. When nil is set, security level is taken from the meta artifact SecurityLevel. If the meta artifact SecurityLevel is higher than the user’s security clearance, the create command fails.

  • :security_clearance (UU::OS::Artifact::SecurityLevel)

    Security clearance of the new access role. When nil is set, the security clearance is not modified.

  • :searchable_in_territory (Boolean)

    Specifies if it is possible to search the access role in its territory. When nil is set, this attribute on the access role is not modified.

  • :icon_uri (String, UU::OS::UESURI)

    URI of the role’s icon. When nil is set, the icon is not modified. If nil UESURI (“ues:[-1]:[-1]:”) is set, the role icon is removed and the role uses icon from meta artifact. Allowed format of icon URI: ‘ues:#{system}:#{ues_v5.core_v1.codetable_v1.base_v1.CodeTable_Icons}:#{CODE_OF_ICON}’. An example of icon URI: ‘ues:#{system}:#{ues_v5.core_v1.codetable_v1.base_v1.CodeTable_Icons}:#{ART_077}’.

  • :grant_all_from_organizational_unit (Boolean)

    Deprecated. Specifies if the access role will be included among All roles from organizational unit. When nil is set, this attribute on the access role is not modified.

  • :component_content (Boolean)

    Defines whether the primarily displayed content of the created Access role is component content. Default value is false.

Returns:



64
65
66
67
68
69
70
71
72
 
# File 'uu_os-0.29.16/lib/uu/os/access_role.rb', line 64

def set_attributes(access_role_uri, access_role = nil)
  svc = UU::OS::REST::RemoteClient.new(AccessRole)
  payload = UU::OS::AccessRole::AccessRoleSetAttributes.new(access_role).to_json

  UU::OS::QoS::QoSHandler.auto_retry do
    res = svc.post('setAttributes', access_role_uri, payload)
    return UU::OS::UESURI.new(res)
  end
end