Editing the configuration of a role

You can edit an existing custom role.

Method and URI

To edit the configuration of a role, use a PUT method with a URI:

PUT     https://{hostname|IPv4}/api/security/role/{roleId}

Tip

To get a {roleId} value based on the role name, follow the instructions in Getting a {roleId}.

Parameters

None.

Data

For information about the available data key-value pairs, see Creating a role.

The update request will overwrite key-value pairs in data. Add the permission items that you want to keep in the permissionIds list. Any permission item that is not present in the list will be unselected and revoked.

Example: Edit the configuration of a role

Assume that you have a role with View permissions for all permission groups. The {roleid} is 1010. You want to modify the following values for this role:

  • Rename it VisitorMod

  • Keep the View permission for all permission groups

  • Add the Run permission to Job

    • In the permissionIds list, this permission item is represented by policy.run.

A Python snippet that is similar to the following example can be used to update the role:

role_id = "1010"

_data = f'''{{
    "name":          "VisitorMod",
    "description":   "",
    "permissionIds": [
        "application.view",
        "appserver.view",
        ...,
        "policy.view",
        "policy.run",
        ...
    ]
}}'''

requests.put('https://' + spp_ipv4 + '/api/security/role/' + role_id,
    headers={...}, data=_data, verify=...)
_images/reference_accounts_role_edit02.png

Figure 92 The same action can be taken in the IBM Spectrum Protect Plus web user interface: In the navigation pane, click Accounts > Role, click the custom role that you want to edit, click the ellipsis (···) > Modify role. Specify options for a role.

After you run the Python snippet, ensure that you get a response with the HTTP status of 200 (OK) and that the role settings are updated. The response body is similar to the JSON object for Visitor, as shown in Example 2: Get information about a specific role.