Remove a User from a Batch of Groups
Removes a user from a batch of groups listed in an ANSI or UTF-8 encoded CSV file maintained in Access Control. You can use the Upload REST API to upload the file to the environment. The file format is as follows:
Group Name
GroupA
GroupB
A user is removed from groups only if these conditions are met:
- The user must exist in the identity domain that services the environment
- The user must be assigned to a pre-defined role in the identity domain
- The groups provided must exist in Access Control and must not be pre-defined groups
Additionally, the user running this API must be authorized to perform this action. This API should be run only by a service administrator in the environment where a user is to be removed from the groups. With this API, you can see which records failed and the reason why they failed in addition to how many records passed and failed.
The presence of status -1 in the response indicates that the removal in progress. Use the job status URI to determine whether the removal is complete. Any non-zero status except -1 indicates failure.
This API is version v1.
Required Roles
Service Administrator or Access Control – Manage
REST Resource
PUT /interop/rest/security/<api_version>/groups
Note:
Before using the REST resources, you must understand how to access the REST resources and other important concepts. See Implementation Best Practices for EPM Cloud REST APIs. Using this REST API requires prerequisites. See Prerequisites.
Table 12-44 Tasks for Remove a User from a Batch of Groups
Task | Request | REST Resource |
---|---|---|
Remove a user from groups | PUT | /interop/rest/security/<api_version>/groups |
Remove a user from groups status | GET | /interop/rest/security/<api_version>/jobs/<jobId> |
Request
Supported Media Types: application/x-www-form-urlencoded
The following table summarizes the request parameters.
Table 12-45 Parameters
Name | Description | Type | Required | Default |
---|---|---|---|---|
api_version |
Specific API version | Path | Yes | None |
jobtype |
The string should have the value REMOVE_USER_FROM_GROUPS . This value denotes that the user is being removed from the groups.
|
Form | Yes | None |
filename |
The name of the uploaded ANSI or UTF-8 encoded CSV file containing information on the groups from which the user is to be removed, for example, The file must have been uploaded already using the Upload REST API. File format:
|
Form | Yes | None |
username |
The name of the user to remove from the provided list of groups. This user must already exist. | Form | Yes | None |
Response
Supported Media Types: application/json
Table 12-46 Parameters
Name | Description |
---|---|
details |
In the case of errors, details are published with the error string |
status |
See Migration Status Codes |
links |
Detailed information about the link |
href |
Links to API call or status API |
action |
The HTTP call type |
rel |
Possible values: self or Job Status . If the value is set to Job Status , you can use the href to get the status
|
data |
Parameters as key value pairs passed in the request |
items |
Details about the resource |
links |
Details of the first URL to be requested to get the job details; rel is "Job Details" |
Examples of Response Body
The following examples show the contents of the response body in JSON format:
Example 1: Job is in Progress
{
"links": [
{
"href": https://<BASE-URL>/interop/rest/security/<api_version>/groups,
"rel": "self",
"data": {
"jobType": "REMOVE_USER_FROM_GROUPS",
"filename": "<filename>",
"username": "<username>"
},
"action": "PUT"
},
{
"href": https://<EPM-CLOUD-BASE-URL>/interop/rest/security/<api_version>/jobs/<jobId>,
"rel": "Job Status",
"data": null,
"action": "GET"
}
],
"details": null,
"status": -1,
"items": null
}
Example 2: Job Completes with Errors
{
"links": [
{
"rel": "self",
"href": "https://<BASE-URL>/interop/rest/security/<api_version>/jobs/<jobId>",
"data": null,
"action": "GET"
}
],
"details": "Failed to remove user from groups. File <filename> is not found. Specify a valid file name.",
"status": 1,
"items": null
}
Example 3: Job Completes without Errors
{
"links": [
{
"rel": "self",
"href": "https://<BASE-URL>/interop/rest/security/<api_version>/jobs/<jobId>",
"data": null,
"action": "GET"
}
],
"details": "Processed - 3, Succeeded - 1, Failed - 2.",
"status": 0,
"items": [
{
"GroupName":"<GROUPNAME>","Error_Details": "Group <GROUPNAME> is not found. Verify that the group exists."
},
{ "GroupName":"<GROUPNAME>","Error_Details": "Group <GROUPNAME> is not found. Verify that the group exists."
}
]
}
Java Sample Code
Prerequisites: json.jar
Common Functions: See CSS Common Helper Functions for Java
public void removeUserFromGroups(String fileName, String userName) {
try {
String url = this.serverUrl + "/interop/rest/security/" + apiVersion + "/groups";
Map<String, String> reqHeaders = new HashMap<String, String>();
reqHeaders.put("Authorization", "Basic " + DatatypeConverter
.printBase64Binary((this.userName + ":" + this.password).getBytes(Charset.defaultCharset())));
Map<String, String> reqParams = new HashMap<String, String>();
reqParams.put("filename", fileName);
reqParams.put("jobtype", "REMOVE_USER_FROM_GROUPS");
reqParams.put("username", userName);
Map<String, String> restResult = CSSRESTHelper.callRestApi(new HashMap(), url, reqHeaders, reqParams,
"PUT");
String jobStatus = CSSRESTHelper.getCSSRESTJobCompletionStatus(restResult, reqHeaders);
System.out.println(jobStatus);
} catch (Exception e) {
e.printStackTrace();
}
}
Shell Script Sample Code
Prerequisites: jq (http://stedolan.github.io/jq/download/linux64/jq)
Common Functions: See CSS Common Helper Functions for cURL.
funcRemoveUserFromGroups() {
url="$SERVER_URL/interop/rest/security/$API_VERSION/groups"
params="filename=$1&jobtype=REMOVE_USER_FROM_GROUPS&username=$2"
header="Content-Type: application/x-www-form-urlencoded"
cssRESTAPI="RemoveUserFromGroups"
statusMessage=$(funcCSSRESTHelper "PUT" "$url" "$header" "$USERNAME" "$PASSWORD" "$params" "$cssRESTAPI")
echo $statusMessage
}
Groovy Sample Code
Common Functions: See CSS Common Helper Functions for Groovy
def removeUserFromGroups(fileName, userName) {
String scenario = "Removing users in " + fileName + " from group " + userName;
String params = "jobtype=REMOVE_USER_FROM_GROUPS&filename="+ fileName +"&username="+ userName;
def url = null;
def response = null;
try {
url = new URL(serverUrl + "/interop/rest/security/" + apiVersion + "/groups");
} catch (MalformedURLException e) {
println "Please enter a valid URL"
System.exit(0);
}
response = executeRequest(url, "PUT", params, "application/x-www-form-urlencoded");
if (response != null) {
getJobStatus(getUrlFromResponse(scenario, response, "Job Status"), "GET");
}
}