Class: PEClient::Resource::RBACV1::Groups

Inherits:
Base
  • Object
show all
Defined in:
lib/pe_client/resources/rbac.v1/groups.rb

Overview

User groups allow you to quickly assign one or more roles to a set of users by placing all relevant users in the group. This is more efficient than assigning roles to each user individually. Use the groups endpoints to get lists of groups and add, delete, and change groups.

See Also:

Constant Summary collapse

BASE_PATH =

The base path for RBAC API v1 Groups endpoints.

"#{RBACV1::BASE_PATH}/groups".freeze
COMMAND_BASE_PATH =

The base path for RBAC API v1 Groups command endpoints.

"#{RBACV1::BASE_PATH}/command/groups".freeze

Instance Method Summary collapse

Methods inherited from Base

#initialize

Constructor Details

This class inherits a constructor from PEClient::Resource::Base

Instance Method Details

#create(login:, role_ids:, identity_provider_id:, display_name: nil) ⇒ Hash

Create a remote directory user group.

Parameters:

  • login (String)

    Defines the group for an external IdP, such as an LDAP login or a SAML identifier for the group.

  • role_ids (Array<String>)

    An array of IDs defining the roles that you want to assign to users in this group. Roles grant permissions to group members.

  • identity_provider_id (String)

    Specify the UUID of an identity provider to bind to the group.

  • display_name (String) (defaults to: nil)

    Specify a name for the group that is visible in the PE console. If this group originates from an LDAP group, this value is determined by the group’s Display name setting in LDAP.

Returns:

  • (Hash) 


55
56
57
 
# File 'lib/pe_client/resources/rbac.v1/groups.rb', line 55

def create(login:, role_ids:, identity_provider_id:, display_name: nil)
  @client.post COMMAND_BASE_PATH, body: {login:, role_ids:, identity_provider_id:, display_name:}.compact
end

#create_deprecated(login, role_ids) ⇒ Hash

Deprecated.

Use #create instead.

Creates a new remote directory user group.

Parameters:

  • login (String)

    Defines the group for an external IdP. This could be an LDAP login or a SAML identifier for the group.

  • role_ids (Array<String>)

    An array of role IDs defining the roles that you want to assign to users in this group. An empty array might be valid, but users can’t do anything in PE if they are not assigned to any roles.

Returns:

  • (Hash) 


90
91
92
93
 
# File 'lib/pe_client/resources/rbac.v1/groups.rb', line 90

def create_deprecated(, role_ids)
  PEClient.deprecated "create_deprecated", "create"
  @client.post COMMAND_BASE_PATH, body: {login:, role_ids:}
end

#delete(sid) ⇒ Hash

Deletes the user group with the specified ID from PE RBAC. This endpoint does not change the directory service.

Parameters:

  • sid (String)

    The Subject ID of the group to delete.

Returns:

  • (Hash)

    If successful, returns an empty JSON object.



77
78
79
 
# File 'lib/pe_client/resources/rbac.v1/groups.rb', line 77

def delete(sid)
  @client.delete "#{BASE_PATH}/#{sid}"
end

#edit(sid, attributes) ⇒ Hash

Edit the content of the specified user group object. For example, you can update the group’s roles or membership.

Parameters:

  • sid (String)

    The Subject ID of the group to update.

  • attributes (Hash)

    A hash of attributes to update for the group.

Returns:

  • (Hash)

See Also:



67
68
69
 
# File 'lib/pe_client/resources/rbac.v1/groups.rb', line 67

def edit(sid, attributes)
  @client.put "#{BASE_PATH}/#{sid}", body: attributes
end

#get(sid = nil) ⇒ Hash

Fetch information about all user groups. if a SID is provided, fetch information about that specific group.

Parameters:

  • sid (String) (defaults to: nil)

    The Subject ID of the group. If nil, retrieves all groups.

Returns:

  • (Hash) 


40
41
42
43
 
# File 'lib/pe_client/resources/rbac.v1/groups.rb', line 40

def get(sid = nil)
  path = sid ? "#{BASE_PATH}/#{sid}" : BASE_PATH
  @client.get path
end