...
Anyways, these could be handled in one operation, basically if the input is blank, then all will be returned (e.g. dont sent any actions to query to get all).
Input:
Code Block |
---|
<permissionQuery><permissionRequest> <applicationLookup> <namespace> <folder>penn</folder> <folder>apps</folder> <folder>someApp</folder> </namespace> <name>paidTimeOff</name> </applicationLookup> <subjectLookups> <subjectLookup> <id>12345</id> <source>pennperson</source> <identifier>jsmith</identifier> </subjectLookup> </subjectLookups> <actions> <action>read</action> </actions> <active>T|F|A</action> <roleLookups> <roleLookup> <namespace> <folder>penn</folder> <folder>apps</folder> <folder>someApp</folder> </namespace> <name>users</name> </roleLookup> </roleLookups> <permissionLookups> <permissionLookup> <namespace> <folder>penn</folder> <folder>apps</folder> <folder>someApp</folder> </namespace> <name>org1</name> </permissionLookup> </permissionLookups> <attributes> <attribute> <name>ipAddress</name> <values> <value>1.2.3.4</value> </values> </attribute> </attributes> </permissionQuery>permissionRequest> |
Output:
Code Block |
---|
<permissionResponse> <subjects> <subject> <id>12345</id> <source>pennperson</source> <name>John Smith</name> <description>John Smith (12345, jsmith) Staff, Director of Human Resources</description> <attributes> <attribute> <name>pennkey</name> <values> <value>jsmith</value> </values> </attribute> </attributes> </subject> </subjects> <application> <namespace> <folder>penn</folder> <folder>apps</folder> <folder>someApp</folder> </namespace> <name>paidTimeOff</name> <displayName>Paid Time Off</displayName> </application> <permissionAssignments> <permissionAssignment> <permission> <namespace> <folder>penn</folder> <folder>apps</folder> <folder>someApp</folder> </namespace> <name>org1</name> <displayName>Org 1</displayName> </permission> <action>read</action> <role> <namespace> <folder>penn</folder> <folder>apps</folder> <folder>someApp</folder> </namespace> <name>users</name> <displayName>Users</name> </role> <subjectAbbrev> <id>12345</id> <source>pennperson</source> </subjectAbbrev> <active>T|F</active> <attributes> <attribute> <name>ipAddress</name> <values> <value>1.2.3.4</value> </values> </attribute> </attributes> </permissionAssignment> </permissionAssignments> </permissionResponse> |
...