This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Not able to add new repository id with "Update User Role"

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Not able to add new repository id with "Update User Role"

srcnblgc
L0 Member

‎09-18-2024 12:18 PM

Hi,

Currently trying to add id of a repository to the field of  CodeRepositoryIds on role definition. Basically, I am using:

----

import requests
import json

url = "https://api.prismacloud.io/user/role/:id"

payload = json.dumps({
"accountGroupIds": [
"string"
],
"additionalAttributes": {
"hasDefenderPermissions": True,
"onlyAllowCIAccess": True,
"onlyAllowComputeAccess": True
},
"codeRepositoryIds": [
"string"
],
"description": "string",
"name": "string",
"resourceListIds": [
"string"
],
"restrictDismissalAccess": True,
"roleType": "string"
})
headers = {
'Content-Type': 'application/json',
'x-redlock-auth': '<API_KEY_VALUE>'
}

response = requests.request("PUT", url, headers=headers, data=payload)

print(response.text)

------

 

and as a result, I am having 200 from API but, i am only able to update lastModifiedBy and lastModifiedTs. I am using System Admin as role and still not able to do anything. Is there anything I am doing wrong?

 


INFO:__main__:Response status code: 200
INFO:__main__:Response content:
INFO:__main__:Add repository to role response: {}
INFO:__main__:Updated role details: {'id': '.....', 'name': '......', 'description': 'Admin role for Accenture', 'lastModifiedBy': '....', 'lastModifiedTs': 1726686863157, 'accountGroupIds': [], 'resourceListIds': [], 'codeRepositoryIds': [], 'associatedUsers': ['....'], 'restrictDismissalAccess': False, 'permissionGroup': None, 'additionalAttributes': {'onlyAllowCIAccess': False, 'onlyAllowComputeAccess': False, 'hasDefenderPermissions': True, 'onlyAllowReadAccess': False}, 'accountGroups': [], 'resourceLists': [], 'codeRepositories': [], 'roleType': 'System Admin'}
WARNING:__main__:Repository ........ not found in role ......... after update
INFO:__main__:Current codeRepositoryIds: []
INFO:__main__:Difference found in key 'lastModifiedTs':
INFO:__main__:Before: 1726686481540
INFO:__main__:After: 1726686863157

Br,

Sercan

0 Likes Likes
1 REPLY 1

OOmotayo
L2 Linker

‎10-16-2024 12:11 PM - edited ‎10-16-2024 12:20 PM

@srcnblgc 

 

Did you specify the code repository name or code repository ID in the payload?  You need the list of code Repository IDs you want to add to the role.

Did you include the roleID at the end of the URL ?

 

you also need to make sure that required attributes are specified which are  "Name" and "roletype"

https://pan.dev/prisma-cloud/api/cspm/update-user-role/

 

roletype=Permission group name in prisma cloud

Use this API below to get a list of your repository IDs.

https://pan.dev/prisma-cloud/api/code/get-repositories/

 

To get the list of roleIDs,

 

https://pan.dev/prisma-cloud/api/cspm/get-user-roles/

 

To get list of Account Group IDs ,

https://pan.dev/prisma-cloud/api/cspm/get-account-groups/

 

Example payload.

{"additionalAttributes":{"hasDefenderPermissions":false},"accountGroupIds":["<Account-group-ID-A>","<Account-group-ID-B>",........
],"description":"test","name":"test-role","resourceListIds":[],"codeRepositoryIds":["<Code-Repo-ID-A>","Code-Repo-ID-B",.........................],"restrictDismissalAccess":false,"roleType":"<Permission-group-name>"}

 

Let me know if you have further questions.

0 Likes Likes
  • 506 Views
  • 1 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks