09-18-2024 12:18 PM
Hi,
Currently trying to add id of a repository to the field of CodeRepositoryIds on role definition. Basically, I am using:
----
import requests
import json
url = "https://api.prismacloud.io/user/role/:id"
payload = json.dumps({
"accountGroupIds": [
"string"
],
"additionalAttributes": {
"hasDefenderPermissions": True,
"onlyAllowCIAccess": True,
"onlyAllowComputeAccess": True
},
"codeRepositoryIds": [
"string"
],
"description": "string",
"name": "string",
"resourceListIds": [
"string"
],
"restrictDismissalAccess": True,
"roleType": "string"
})
headers = {
'Content-Type': 'application/json',
'x-redlock-auth': '<API_KEY_VALUE>'
}
response = requests.request("PUT", url, headers=headers, data=payload)
print(response.text)
------
and as a result, I am having 200 from API but, i am only able to update lastModifiedBy and lastModifiedTs. I am using System Admin as role and still not able to do anything. Is there anything I am doing wrong?
INFO:__main__:Response status code: 200
INFO:__main__:Response content:
INFO:__main__:Add repository to role response: {}
INFO:__main__:Updated role details: {'id': '.....', 'name': '......', 'description': 'Admin role for Accenture', 'lastModifiedBy': '....', 'lastModifiedTs': 1726686863157, 'accountGroupIds': [], 'resourceListIds': [], 'codeRepositoryIds': [], 'associatedUsers': ['....'], 'restrictDismissalAccess': False, 'permissionGroup': None, 'additionalAttributes': {'onlyAllowCIAccess': False, 'onlyAllowComputeAccess': False, 'hasDefenderPermissions': True, 'onlyAllowReadAccess': False}, 'accountGroups': [], 'resourceLists': [], 'codeRepositories': [], 'roleType': 'System Admin'}
WARNING:__main__:Repository ........ not found in role ......... after update
INFO:__main__:Current codeRepositoryIds: []
INFO:__main__:Difference found in key 'lastModifiedTs':
INFO:__main__:Before: 1726686481540
INFO:__main__:After: 1726686863157
Br,
Sercan
10-16-2024 12:11 PM - edited 10-16-2024 12:20 PM
Did you specify the code repository name or code repository ID in the payload? You need the list of code Repository IDs you want to add to the role.
Did you include the roleID at the end of the URL ?
you also need to make sure that required attributes are specified which are "Name" and "roletype"
https://pan.dev/prisma-cloud/api/cspm/update-user-role/
roletype=Permission group name in prisma cloud
Use this API below to get a list of your repository IDs.
https://pan.dev/prisma-cloud/api/code/get-repositories/
To get the list of roleIDs,
https://pan.dev/prisma-cloud/api/cspm/get-user-roles/
To get list of Account Group IDs ,
https://pan.dev/prisma-cloud/api/cspm/get-account-groups/
Example payload.
Let me know if you have further questions.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
