[Archivesspace_Users_Group] Also: setting groups/permissions thru backend API [was: new user defaults?]

Steven Majewski sdm7g at virginia.edu
Tue Aug 11 18:23:20 EDT 2015


I’ve packaged this up as a batch script:

https://gist.github.com/sdm7g/93b9e072cffd398484ca <https://gist.github.com/sdm7g/93b9e072cffd398484ca>

Requires curl and jq . (It should probably check for that.)
Edit to change HOST and admin user and password. 
( It’s using localhost:8089 and admin/admin as defaults for testing. ) 

You give it a repository id#, a group-code, and a list of usernames. 

If you just give it a repo-id, it displays the group-codes for that repo. 

./adduserstogroup.sh  $REPOID repository-viewers userid1 userid2 userid3 … 

will add users in the list to repository-viewers group of $REPOID . 

So if you’ve got one or two dozen users and several repos it makes it easier to manage groups. 

( It probably would have been simpler to do in Ruby or Python, but since I started
  testing with curl and jq, that seemed the path of least resistance at the time. )

I’ld still like to see a better management interface in the frontend webapp.  


— Steve Majewski



> On Aug 10, 2015, at 4:31 PM, Steven Majewski <sdm7g at virginia.edu> wrote:
> 
> 
> OK: I found a formula that seems to work. 
> 
> I also found that the clue as to why modifying permissions in the POST /users API method didn’t work is in the schema docs (if you click ‘view source’), where the permissions attribute of user is marked:  “readonly”: true .
> 
> However, passing the groups URI as a parameter string also didn’t work.
> 
> And it still seems rather misleading that those API calls returned a status of “Updated” with “warnings”:[]. A warning would seem appropriate here (if possible).
> 
> 
> Also, I’ld still like to know if there is a way to set default permissions for new users. 
> 
> 
> The working method:
> 
> If $UU = a list of usernames already created in AS: [ “user1”, “user2”, “user3” … ] 
> and /repositories/5/group/28 = "group_code": "repository-viewers", "description": "Viewers of the workspace repository” … 
> 
> This retrieves JSON for that group and adds the list of usernames to the JSON:
> 
> GG=$(curl_as_osx admin pwd http://localhost:8089/repositories/5/groups/28 <http://localhost:8089/repositories/5/groups/28> | jq " .member_usernames = $UU")
> 
> And posts the modified JSON to the backend:
> 
> curl_as_osx -d "$GG" admin pwd http://localhost:8089/repositories/5/groups/28 <http://localhost:8089/repositories/5/groups/28> 
> 
> 
> Now retrieving the group JSON from the backend shows the updated users, and going to the “Manage User Access”  page for that repository now shows that group checked for each the users. 
> 
> 
> — Steve Majewski
> 
> 
> 
>> On Aug 5, 2015, at 8:38 PM, Steven Majewski <sdm7g at virginia.edu <mailto:sdm7g at virginia.edu>> wrote:
>> 
>> 
>> I would like to use the backend API to set user permissions to avoid a couple hundred mouse clicks on the admin web forms. ( Adding users to a group seems to require you add them one at a time. It would be nicer if you could paste a list of user ids into that field and click Add just once. Or maybe put everything in a checkbox matrix so you can set several user/repo/groups/permissions at once. ) 
>> 
>> I’ve tried doing a "GET /users/$ID” , pulling the permissions out of one user as a template and merging those permissions into another users json with jq, and posting again to "POST /users/$ID” . 
>> 
>> The return value from that makes it appear to have updated:
>> {"status":"Updated","id":13,"lock_version":3,"stale":null,"uri":"/users/13","warnings":[]}
>> 
>> 
>> But doing another GET shows nothing changed. 
>> 
>> 
>> I’ve also tried appending ?groups%5B%5D=/repositories/3/groups/15  to the URL 
>> ( which should be "repository-basic-data-entry” group for that repo ) which also returns what
>> looks like an updated status, but again, it appears unchanged. 
>> 
>> In both cases, *something* got updated, if only the modification date, because if I do the same operation a second time using the same JSON, it rejects the 2nd attempt with:
>> 
>> {"error":"The record you tried to update has been modified since you fetched it."}
>> 
>> 
>> I haven’t yet tried posting to /repositories/$REPO/groups yet. Is that the one that works ?
>> 
>> 
>> Can anyone suggest a working API formula ? 
>> 
>> 
>> — Steve. 
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lyralists.lyrasis.org/pipermail/archivesspace_users_group/attachments/20150811/41dd43cb/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4943 bytes
Desc: not available
URL: <http://lyralists.lyrasis.org/pipermail/archivesspace_users_group/attachments/20150811/41dd43cb/attachment.bin>


More information about the Archivesspace_Users_Group mailing list