[Archivesspace_Users_Group] Also: setting groups/permissions thru backend API [was: new user defaults?]

Mon Aug 10 16:31:29 EDT 2015

OK: I found a formula that seems to work. 

I also found that the clue as to why modifying permissions in the POST /users API method didn’t work is in the schema docs (if you click ‘view source’), where the permissions attribute of user is marked:  “readonly”: true .

However, passing the groups URI as a parameter string also didn’t work.

And it still seems rather misleading that those API calls returned a status of “Updated” with “warnings”:[]. A warning would seem appropriate here (if possible).

Also, I’ld still like to know if there is a way to set default permissions for new users. 

The working method:

If $UU = a list of usernames already created in AS: [ “user1”, “user2”, “user3” … ] 
and /repositories/5/group/28 = "group_code": "repository-viewers", "description": "Viewers of the workspace repository” … 

This retrieves JSON for that group and adds the list of usernames to the JSON:

GG=$(curl_as_osx admin pwd http://localhost:8089/repositories/5/groups/28 | jq " .member_usernames = $UU")

And posts the modified JSON to the backend:

curl_as_osx -d "$GG" admin pwd http://localhost:8089/repositories/5/groups/28 

Now retrieving the group JSON from the backend shows the updated users, and going to the “Manage User Access”  page for that repository now shows that group checked for each the users. 

— Steve Majewski

> On Aug 5, 2015, at 8:38 PM, Steven Majewski <sdm7g at virginia.edu> wrote:
> 
> 
> I would like to use the backend API to set user permissions to avoid a couple hundred mouse clicks on the admin web forms. ( Adding users to a group seems to require you add them one at a time. It would be nicer if you could paste a list of user ids into that field and click Add just once. Or maybe put everything in a checkbox matrix so you can set several user/repo/groups/permissions at once. ) 
> 
> I’ve tried doing a "GET /users/$ID” , pulling the permissions out of one user as a template and merging those permissions into another users json with jq, and posting again to "POST /users/$ID” . 
> 
> The return value from that makes it appear to have updated:
> {"status":"Updated","id":13,"lock_version":3,"stale":null,"uri":"/users/13","warnings":[]}
> 
> 
> But doing another GET shows nothing changed. 
> 
> 
> I’ve also tried appending ?groups%5B%5D=/repositories/3/groups/15  to the URL 
> ( which should be "repository-basic-data-entry” group for that repo ) which also returns what
> looks like an updated status, but again, it appears unchanged. 
> 
> In both cases, *something* got updated, if only the modification date, because if I do the same operation a second time using the same JSON, it rejects the 2nd attempt with:
> 
> {"error":"The record you tried to update has been modified since you fetched it."}
> 
> 
> I haven’t yet tried posting to /repositories/$REPO/groups yet. Is that the one that works ?
> 
> 
> Can anyone suggest a working API formula ? 
> 
> 
> — Steve. 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lyralists.lyrasis.org/pipermail/archivesspace_users_group/attachments/20150810/921d7ab3/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4943 bytes
Desc: not available
URL: <http://lyralists.lyrasis.org/pipermail/archivesspace_users_group/attachments/20150810/921d7ab3/attachment.bin>