kornwaretm 0 Posted November 16, 2017 Share Posted November 16, 2017 i try to set add access type for Groups & Computers in my permission set. via serverAPI. here is the json : { "Era.Common.NetworkMessage.ConsoleApi.Security.RpcCreateCompetenceRequest" : { "staticObjectData": { "name":"permission_set", "description":"permission_set" }, "accessRights" : [{"accessType":1, "resourceUuid":{"uuid":"00000000-0000-0000-7004-000000000000"}] } to create access rights "read", "write", or "read use" using 1, 2,and 5 values respectively. i though they were binary "001", "010", "101", which match perfectly with the terms "read", "write", and "read use". so i can use "111" for functionality "read write use". "111" is 7 if i use this value in the json, the API return error { "Era.ServerApi.SimpleResponse": { "result": false, "error": "Can not parse protobuf from message. Json message is: {\"staticObjectData\":{\"name\":\"test\", \"description\":\"test permission set\"},\"accessRights\":[{\"accessType\":7, \"resourceUuid\":{\"uuid\":\"00000000-0000-0000-7004-000000000000\"}}]} ." } } 3 ("011") and 4 ("100") also not working, return success but no permission granted. The accessRight property is not a binary representation of the 3 column ("read", "write", "use"), so how to set an access right to "read write use" ? Link to comment Share on other sites More sharing options...
kornwaretm 0 Posted November 16, 2017 Author Share Posted November 16, 2017 ok found the solution, accessType = 2 (WRITE) sets all "read" "write" and "use" to 1. i thought I've check this one. Link to comment Share on other sites More sharing options...
ESET Staff MartinK 378 Posted November 20, 2017 ESET Staff Share Posted November 20, 2017 Just for future reference, accessType of enum type (not bitwise flags), where values are for ERA 6.5 documented here. Field accessRights is simple list of <accessType, access group> pairs. If you intend to add multiple accessTypes to the same object/operation, you have to add them both to the list accessRights. So in your example it should be (not tested): "accessRights" : [ { "accessType":1, "resourceUuid":{"uuid":"00000000-0000-0000-7004-000000000000" }, { "accessType":2, "resourceUuid":{"uuid":"00000000-0000-0000-7004-000000000000" } ] Link to comment Share on other sites More sharing options...
Recommended Posts