Module: UU::OS::Permission

Extended by:
Permission
Included in:
Permission
Defined in:
uu_os_client-0.10.6/lib/uu/os/permission.rb,
uu_os_client-0.10.6/lib/uu/os/permission/permission_grant.rb,
uu_os_client-0.10.6/lib/uu/os/permission/permission_level.rb,
uu_os_client-0.10.6/lib/uu/os/permission/permission_revoke.rb,
uu_os_client-0.10.6/lib/uu/os/permission/permission_get_mask_list.rb,
uu_os_client-0.10.6/lib/uu/os/permission/permission_get_authority_list.rb,
uu_os_client-0.10.6/lib/uu/os/permission/permission_get_authority_data.rb,
uu_os_client-0.10.6/lib/uu/os/permission/permission_get_mask_attributes.rb,
uu_os_client-0.10.6/lib/uu/os/permission/permission_get_system_group_list.rb,
uu_os_client-0.10.6/lib/uu/os/permission/permission_get_authority_list_item.rb,
uu_os_client-0.10.6/lib/uu/os/permission/permission_get_system_group_attributes.rb

Overview

Module Permission.

Defined Under Namespace

Classes: PermissionGetAuthorityData, PermissionGetAuthorityList, PermissionGetAuthorityListItem, PermissionGetMaskAttributes, PermissionGetMaskList, PermissionGetSystemGroupAttributes, PermissionGetSystemGroupList, PermissionGrant, PermissionLevel, PermissionRevoke

Constant Summary

PATH =

REST service url path.

'ues/core/security/UESPermission'

Instance Method Summary (collapse)

Instance Method Details

- (UU::OS::REST::BinaryValue) get_authority_data(entity_uri, options)

Returns data about permissions granted to the given authority (Role, Group or System Group) on object (only Artifacts in current version).
To list all authorities with granted permissions use uuCommand #get_authority_list.

Examples:

# Get permissions granted to Group or Role in JSON format.
UU::OS::Permission.get_authority_data('ues:TERRITORY:ARTIFACT', :authority_uri => 'ues:TERRITORY:ROLE')

# Get permissions granted to System Group in JSON format.
UU::OS::Permission.get_authority_data('ues:TERRITORY:ARTIFACT', :authority_uri => 'ues:${system}:COMPETENT_FOR_ART_IFC')

# Get permissions granted to Group or Role in CSV format.
UU::OS::Permission.get_authority_data('ues:TERRITORY:ARTIFACT', :authority_uri => 'ues:TERRITORY:ROLE', :requested_mime_type => 'text/csv')

Parameters:

Options Hash (options):

  • :authority_uri (String, UU::OS::UESURI)

    UESURI of the authority whose granted permission settings will be returned. Must not be nil.

  • :requested_mime_type (String)

    MIME type of the returned value. Possible values are ‘application/json’ for JSON and ‘text/csv’ for CSV. JSON is returned by default.

Returns:



149
150
151
152
153
154
155
156
157
158
159
160
161
 
# File 'uu_os_client-0.10.6/lib/uu/os/permission.rb', line 149

def get_authority_data(entity_uri, options)
  svc = UU::OS::REST::RemoteClient.new(Permission)
  dto = UU::OS::Permission::PermissionGetAuthorityData.new(options)
  svc.add_parameter('authorityUri', dto.authority_uri)
  if dto.requested_mime_type
    svc.add_parameter('requestedMimeType', dto.requested_mime_type)
  end

  UU::OS::QoS::QoSHandler.auto_retry do
    res = svc.get('getAuthorityData', entity_uri)
    return UU::OS::REST::BinaryValue.new(res, true)
  end
end

- (Array) get_authority_list(entity_uri, criteria = nil)

Returns a list of authorities (Roles, Groups or System Groups) who have been granted permissions on a object (only Artifacts in current version).

Examples:

# Get a list of all authorities which have been granted permissions for a Artifact.
UU::OS::Permission.get_authority_list('ues:TERRITORY:ARTIFACT')

# Get a list of all authorities with authorityName that starts with string John.
UU::OS::Permission.get_authority_list('ues:TERRITORY:ARTIFACT', :query => "authorityName='John%'")

=> { "UU::OS::REST::ResultList" : {
   "total_size" : "1" ,
   ...
   "page_entries" : [ {
      "UU::OS::Permission::PermissionGetAuthorityListItem" : {
         "authorityName" : "John Role" ,
         "authorityUri" : "ues:TERRITORY:JOHN_ROLE",
         ...
         "maskName" : "Read",
         "maskUri" : "ues:TERRITORY:META_ARTIFACT:MASK"
      }
   } ]
} }

Parameters:

Options Hash (criteria):

  • :query (String)

    Query for filtering and ordering of the result list (more information in uuQuery - Guideline). It is possible to filter the result list by authorityUri and authorityName.

Returns:



118
119
120
121
122
123
124
125
126
127
128
 
# File 'uu_os_client-0.10.6/lib/uu/os/permission.rb', line 118

def get_authority_list(entity_uri, criteria = nil)
  svc = UU::OS::REST::RemoteClient.new(Permission)
  dto = Permission::PermissionGetAuthorityList.new(criteria)
  svc.add_parameter('pageIndex', dto.page_index)
  svc.add_parameter('pageSize', dto.page_size)
  svc.add_parameter('query', dto.query)
  UU::OS::QoS::QoSHandler.auto_retry do
    res = svc.get('getAuthorityList', entity_uri)
    return UU::OS::REST::ResultList.new(Permission::PermissionGetAuthorityList, Permission::PermissionGetAuthorityListItem, res)
  end
end

- (Array) get_mask_list(artifact_uri, criteria = nil)

Returns a list of permission masks for an Artifact.

Examples:

# Get a list of all permission masks whose name starts with string "Create" and code starts with string "CREATE".
UU::OS::Permission.get_mask_list('ues:TERRITORY:ARTIFACT', :query => "name='Create%' AND code='CREATE%'")

Parameters:

Options Hash (criteria):

  • :query (String)

    Query for filtering and ordering of the result list (more information in uuQuery - Guideline). It is possible to filter the result list by name and code.

Returns:



174
175
176
177
178
179
180
181
182
183
184
 
# File 'uu_os_client-0.10.6/lib/uu/os/permission.rb', line 174

def get_mask_list(artifact_uri, criteria = nil)
  svc = UU::OS::REST::RemoteClient.new(Permission)
  dto = Permission::PermissionGetMaskList.new(criteria)
  svc.add_parameter('pageIndex', dto.page_index)
  svc.add_parameter('pageSize', dto.page_size)
  svc.add_parameter('query', dto.query)
  UU::OS::QoS::QoSHandler.auto_retry do
    res = svc.get('getMaskList', artifact_uri)
    return UU::OS::REST::ResultList.new(Permission::PermissionGetMaskList, Permission::PermissionGetMaskAttributes, res)
  end
end

- (Array) get_system_group_list(entity_uri, criteria = nil)

Returns a list of System Groups of an entity (object or pack). It may be used to set permissions for these groups.

Examples:

# Get a list of all System Groups for given entity.
UU::OS::Permission.get_system_group_list('ues:TERRITORY:ARTIFACT')

Parameters:

  • entity_uri (String, UU::OS::UESURI)

    UESURI of the object. Must not be nil.

Returns:



195
196
197
198
199
200
201
202
203
 
# File 'uu_os_client-0.10.6/lib/uu/os/permission.rb', line 195

def get_system_group_list(entity_uri, criteria = nil)
  svc = UU::OS::REST::RemoteClient.new(Permission)
  dto = Permission::PermissionGetSystemGroupList.new(criteria)

  UU::OS::QoS::QoSHandler.auto_retry do
    res = svc.get('getSystemGroupList', entity_uri)
    return UU::OS::REST::ResultList.new(Permission::PermissionGetSystemGroupList, Permission::PermissionGetSystemGroupAttributes, res)
  end
end

- (Object) grant(entity_uri, permission)

Grants permissions on objects (only Artifacts in current version) according to given Permission Mask or according to detailed permission specification (defined access level for chosen use cases). It is possible to grant permission on objects for any allowed authority (Role, Group or System Group).
To list all allowed system groups use uuCommand #get_system_group_list.
All possible levels may be found as constants in PermissionLevel class.

Examples:

# Prepare data for the permission in JSON format.
grant_data = '[{"useCaseCode":"AU_103129","castLevel":"$GUEST"}]'

# Grant permissions for Group or Role according to detailed permission specification.
UU::OS::Permission.grant('ues:TERRITORY:ARTIFACT', :authority_uri => 'ues:TERRITORY:ROLE', :data => grant_data)

# Grant permissions for System Group according to Permission mask.
UU::OS::Permission.grant('ues:TERRITORY:ARTIFACT', :authority_uri => 'ues:${system}:COMPETENT_FOR_ART_IFC', :mask_uri => "ues:TERRITORY:ARTIFACT:MASK")

=> nil

Parameters:

Options Hash (permission):

  • :authority_uri (String, UU::OS::UESURI)

    UESURI of the authority for which permissions will be granted. Must not be nil.

  • :data (String, File, UU::OS::REST::BinaryValue)

    Information about permission settings in JSON format. The permission is specified by the use case and the level.

  • :mask_uri (String, UU::OS::UESURI)

    UESURI of the Permission mask according that the permission will be set. Option :data has higher priority than this one.



51
52
53
54
55
56
57
58
 
# File 'uu_os_client-0.10.6/lib/uu/os/permission.rb', line 51

def grant(entity_uri, permission)
  svc = UU::OS::REST::RemoteClient.new(Permission)
  payload = UU::OS::Permission::PermissionGrant.new(permission).to_json

  UU::OS::QoS::QoSHandler.auto_retry do
    svc.post('grant', entity_uri, payload)
  end
end

- (Object) revoke(entity_uri, permission)

Revokes permissions on an object (only Artifact in current version) for given Use Cases. It is possible to revoke permissions on objects for any allowed authority (Role, Group or System Group).
To list all allowed system groups use uuCommand #get_system_group_list.

Examples:

# Revoke permissions on all Use Cases (e.g. Permission mask) for System Group.
UU::OS::Permission.revoke('ues:TERRITORY:ARTIFACT', :authority_uri => 'ues:${system}:COMPETENT_FOR_ART_IFC', :all => true)

# Revoke permissions on all Use Cases (e.g. Permission mask) for Group or Role.
UU::OS::Permission.revoke('ues:TERRITORY:ARTIFACT', :authority_uri => 'ues:TERRITORY:ROLE', :all => true)

# Revoke permissions on specified Use Cases for Group or Role.
revoke_data = '[{"useCaseCode":"AU_103129"},{"useCaseCode":"AU_103300"}]'
UU::OS::Permission.revoke('ues:TERRITORY:ARTIFACT', :authority_uri => 'ues:TERRITORY:ROLE', :data => revoke_data)

=> nil

Parameters:

Options Hash (permission):

  • :authority_uri (String, UU::OS::UESURI)

    UESURI of the authority for which the permissions will be revoked. Must not be nil.

  • :data (String, File, UU::OS::REST::BinaryValue)

    List of Use Cases (in JSON format) for which the permission will be revoked.

  • :all (Boolean)

    When true is set, permissions will be revoked for all Use Cases (e.g. whole Permission Mask). Default value is false. Option :data has higher priority than this one.



81
82
83
84
85
86
87
88
 
# File 'uu_os_client-0.10.6/lib/uu/os/permission.rb', line 81

def revoke(entity_uri, permission)
  svc = UU::OS::REST::RemoteClient.new(Permission)
  payload = UU::OS::Permission::PermissionRevoke.new(permission).to_json        

  UU::OS::QoS::QoSHandler.auto_retry do
    svc.post('revoke', entity_uri, payload)
  end
end