Navigation:
Documentation
Archive



Page Tree:

Child pages
  • Group Service Contract Description - v0.9-alpha

This wiki space contains archival documentation of Project Bamboo, April 2008 - March 2013.

Skip to end of metadata
Go to start of metadata

Brief description

Definition of terms:

  • A "group" is a set of Bamboo Persons.
  • A "stem" is akin to a folder or directory in a file system; a stem is a container within which groups may be organized.
  • The "Bamboo Groups root" is the topmost stem (container / folder / directory) within which groups and stems may be created and managed via this service.

Authenticated users can create Groups containing Bamboo Persons as members, and create a hierarchy of Stems within which to organize Groups. All Stems and Groups created and managed via this service are located beneath the Bamboo Groups root.

All groups created via this service, and the memberships of all such groups, are "discoverable" (visible, readable) by any authenticated Bamboo Ecosystem user (assuming that the backing store and its configuration are as implemented during the Bamboo Technology Project, cf. Grouper Install - Configure - Populate).

Version

This page describes the Groups service API, v. 0.9.

To discover the version and other metadata about deployed service code that fulfills this API, please utilize the Service Catalog service.

Overview and Definitions

(See Definition of terms in the Brief Definition section, above.)

Authenticated users can:

  • create groups containing Bamboo Persons as members under the Bamboo Groups root;
  • create a hierarchy of stems under the Bamboo Groups root;
  • create groups containing Bamboo Persons as members under the stems created in a hierarchy beneath the Bamboo Groups root; and,
  • discover the existence and membership of groups created by other authenticated users (see note/caveat in the "Brief Description" section, above).

The Bamboo Groups hierarchy is composed of nested stems and groups under the Bamboo Groups root. All stem and group addressing is relative to this root. This hierarchy must be observed when providing a stemid or a groupid to the methods below. When the stem or group is a direct child of the root, it is sufficient to provide just the stem or group identifier. When the stem or group is a separated from the root by one or more stems, the intervening stems (separated by a ":") must be included. Examples:

  • A group directly under the root would be addressed simply by referencing the grouid itself
  • A stem directly under the root would be addressed simply by referencing the stemid itself
  • A stem under a stem that is directly under the root would be addressed by specifying the parent stem and the stemid separated by a ":", as in {stemid}:{stemid}
  • A group under a stem that is directly under the root would be addressed by specifying the stem and the groupid separated by a ":", as in {stemid}:{groupid}

These examples are fully illustrated in the ROA Layer API, below. The assumption in these examples is that the Bamboo Groups root is set as described in Grouper Install - Configure - Populate.

Recipes: Use Cases and associated RESTful methods

Create a new Stem (folder within which to organize groups) under the Bamboo Groups root

MethodCreate a Stem

Examples:

A stem ("My Stem"; description "A stem for all my groups") beneath the Bamboo Group root:

POST <url root>/bsp/groups/stems/?name=My%20Stem&description=A%20stem%20for%20all%20my%20groups HTTP/1.1

 

A stem ("My Sub Stem"; description "A stem within a stem for some of my groups") beneath My Stem (the stem just created):

POST <url root>/bsp/groups/stems/?parentstemid=d0cbc8c7-018c-4146-92bc-4b033d31934c&name=My%20Sub%20Stem&description=A%20stem%20within%20a%20stem%20for%20some%20of%20my%20groups HTTP/1.1

 

A stem ("My Sub Sub Stem"; description "A stem within a stem within a stem for just a few of my groups") beneath My Sub Stem, the second stem created above:

POST <url root>/bsp/groups/stems/?parentstemid=d0cbc8c7-018c-4146-92bc-4b033d31934c:13C22F00-83C0-4535-9EC6-6354BE01F3FA&name=My%20Sub%20Sub%20Stem&description=A%20stem%20within%20a%20stem%20within%20a%20stem%20for%20just%20a%20few%20of%20my%20groups HTTP/1.1

 

Create a new Group within a stem under the Bamboo Groups Root

Method: Create a group

Example:

A group ("My Group"; description "A group") beneath My Stem:

POST <url root>/bsp/groups/?parentstemid=d0cbc8c7-018c-4146-92bc-4b033d31934c&name=My%20Group&description=A%20Group HTTP/1.1

 

Add members to a Group

Method: Add a Bamboo person to a group

Example:

Add a person (given knowledge of her BPID) to My Group under My Stem:

PUT <url root>/bsp/groups/e8df11ae-a495-4b8a-a233-b06d86d6ddde:d67b9bfd-8033-4082-851c-7fa464f552ac/members/urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418 HTTP/1.1

 

Create a 'sub-group' (a Group that is a member of another Group)

Method: Add a group to a group

Example:

Add a group (the id after the second "/groups/" in the URL below) as a member to another group (the id after the first "/groups/" in the URL):

PUT <url root>/bsp/groups/e8df11ae-a495-4b8a-a233-b06d86d6ddde:d67b9bfd-8033-4082-851c-7fa464f552ac/groups/e8df11ae-a495-4b8a-a233-b06d86d6ddde:51e99f86-844d-4dc7-a4c6-8ae85d38d3ab HTTP/1.1

 

Delegate administrative (management) privileges for a Group

MethodAdd or remove privileges of a Bamboo Person for a Group

Example:

For a group one has created, give another Bamboo Person privileges to administer it:

PUT <url root>/bsp/groups/cbd01854-0261-49c0-96eb-c816f0c6da8c/privileges/urn:uuid:04574969-e851-4fbf-8535-0b81b9b3f2f3/?privilegetype=ACCESS&privilegename=ADMIN&allowed=T HTTP/1.1

Additional privileges are described in the method documentation below.

 

Delegate administrative (management) privileges for a Stem

MethodAdd or remove privilege of a Bamboo Person for a Stem

Example:

Add the privilege to create groups within a stem one has created to another Bamboo person identified by BPID:

PUT <url root>/bsp/groups/stems/d0cbc8c7-018c-4146-92bc-4b033d31934c/privileges/urn:uuid:04574969-e851-4fbf-8535-0b81b9b3f2f3/?privilegetype=NAMING&privilegename=STEM&allowed=T HTTP/1.1

Additional privileges are described in the method documentation below.

 

Delete a Group

Method: Delete a Group

Example:

Delete a group identified by group id:

DELETE <url root>/bsp/groups/2b845688-88f8-4728-980a-071353b528e3

 

Use Group membership to govern access to a specific resource

See API for the Protected Resource Service.

Assumptions

 

References

Known Issues

None

ROA Layer API

RESTful service methods performing Create, Read, Update, Delete, and List functions over (INSERT TEXT HERE DESCRIBING THE RESOURCE AGAINST WHICH METHODS ARE APPLIED).

Base URLs

It is assumed in this documentation that no centrally-run instances of the Bamboo Services Platform will be running after the project ends on 31 March 2013. Therefore, base URLs are assumed to be on a developer's machine, localhost. The base URL with a port number assumes that the BSP is running unsecured; the URL without a port number assumes that security is enforced and Apache Web Server is intercepting and redirecting service calls. Please see the page Identity and Access Management - Authentication and Authorization for context, as well as links to installation and configuration instructions for secured instances of BSP.

Note that ONLY services at v0.9 or greater will run properly in a secured instance of the BSP.

Currently available base URLs:

 

 

Client Responsibilities in Requests to Secured BSP Web Services

This section of the Service API documentation describes a client application's responsibilities when making requests to secured Web Services hosted on the Bamboo Services Platform (including this service).

A secured instance of the Bamboo Services Platform (BSP) implies a significant set of installation and configuration tasks for which the operator of the BSP is responsible. These are described in overview on the wiki page Identity and Access Management - Authentication and Authorization, and in detail on pages linked from that one.

(1) A client must be configured as a Trusted Application if requests are to be treated other than as Anonymous

A client application – whether a web app or a simple testing client such as Firefox Poster or curl – may make requests anonymously or as a "Trusted Application." Only a Trusted Application may assert the identity of a user on behalf of whom the request is made, and scoped roles to be assigned to that user; Bamboo Services trust such clients to assert the identity and assigned-roles only of users who have authenticated in the current session of application activity. (A special-case type of client application, termed Innovation Licensed applications, are trusted to assert the identity of and roles assigned to a fixed set of special-case users without those users having to authenticate in the current session.)

Configuration of client applications are described in detail in this wiki page: Configure Apache Web Server for Client Auth. It is assumed in #2, below, that this configuration has been performed.

(2) A Trusted client is expected to pass HTTP Request Headers to identify itself and an authenticated user

A client application that is Trusted in the security context of the Bamboo Trust Federation (cf. Identity and Access Management - Authentication and Authorization) must augment each request to a service hosted by a secured instance of the Bamboo Services Platform (BSP) with a set of HTTP headers, as follows:

  • X-Bamboo-AppID: A UUID that identifies the client research environment, application, tool, or service; this UUID is issued as part of the process of registering a trusted client in the Bamboo Trust Federation as described in overview on the page Identity and Access Management - Authentication and Authorization; and in detail with respect to physical establishment of trust on the page Configure Apache Web Server for Client Auth. The value of this header is linked to the X.509 certificate by which the application establishes an SSL connection to the BSP host in the registration process, and a match between this Application ID and the linked X.509 certificate is checked by the BSP on receipt of every request.

  • X-Bamboo-BPID: A UUID that identifies the logged-in user on whose behalf the request is being sent; this value, a Bamboo Person Identifier, or BPId, is obtained via a call to the Person Service that occurs in time between user login and any other service request. See the Read a BambooPersonId method of the Person Service API for details. []
  • X-Bamboo-Roles: A pipe-delimited (|) set of scoped roles asserted by the trusted client to belong to the logged-in user, of the form role@domain, which are to be evaluated as factors in the determination of whether the request satisfies policies (access restrictions) that apply to the requested resource. If a user is authenticated, the client is expected to include the role undefined@domain where domain identifies the organization that authenticated the user (example: undefined@google.com is a client app's assertion that the user authenticated to Google). This header is otherwise optional (depending on policies governing the requested resource that may require one or more scoped roles for access to be permitted). Example of multiple roles asserted in this header: roleA@domainOne.xxx|roleB@domainTwo []

[] The value of X-Bamboo-BPID is set to the identifier for the application itself (X-Bamboo-AppID) when a client application calls the Person Service to create a new Bamboo Person Identifier; or to retrieve the BPId for a user based on the identifier of the IdP with which she has logged in and an SHA-256 hash of that IdP's user identifier for the logged-in person.

[] Policies and policy evaluation are described on the page Authorization and Policy. Also see Conventions for representing Identity Providers in the Bamboo Trust Federation.

 

Schema

  • None

Stem

Create a Stem

An authenticated user can create a new stem under the Bamboo Groups stem. They can also create a stem under an existing stem as long as:

  • The stem in question is a descendant of the Bamboo Groups stem
  • The user has the necessary privileges to create a stem under said stem

The user can provide an optional name and description for the new stem; if they are not provided, they will be generated. If generated, the user can perform an Update Stem to change these values.

Calling Method and Arguments

Invoked as an HTTP POST method. Send an HTTPS request of the form:

POST <url root>/bsp/groups/stems/?parentstemid={value}&name={value}&description={value} HTTP/1.1

Parameters:.

Parameter

Meaning

parentstemid

Identifier of the parent stem

descriptionA description for the new stem
nameA name for the new stem


Example:

POST <url root>/bsp/groups/stems

Response

On success, a response with a "201 Created" HTTP status code will be returned.

Parameter

Meaning

HTTP Header Location

A URL of the form "/bsp/groups/stems/stemId" where "stemid" is the stem identifier

Example Location Header:

<url root>/bsp/groups/stems/d0cbc8c7-018c-4146-92bc-4b033d31934c

Example HTTP Body:

<WsStemSaveResults>
    <results>
        <WsStemSaveResult>
            <wsStem>
                <extension>d0cbc8c7-018c-4146-92bc-4b033d31934c</extension>
                <displayExtension>d0cbc8c7-018c-4146-92bc-4b033d31934c</displayExtension>
                <description>Stem created by
                    urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418</description>
                <displayName>bamboo:groups:d0cbc8c7-018c-4146-92bc-4b033d31934c</displayName>
                <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:d0cbc8c7-018c-4146-92bc-4b033d31934c</name>
                <uuid>b9988b0162234941a8fb181cccef86f9</uuid>
            </wsStem>
            <resultMetadata>
                <resultCode>SUCCESS_INSERTED</resultCode>
                <success>T</success>
            </resultMetadata>
        </WsStemSaveResult>
    </results>
    <resultMetadata>
        <resultCode>SUCCESS</resultCode>
        <resultMessage>Success for: clientVersion: 2.1.2, wsStemToSaves: Array size: 1: [0]:
            WsStemToSave[
            wsStemLookup=WsStemLookup[stemName=458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:d0cbc8c7-018c-4146-92bc-4b033d31934c],
            wsStem=WsSt... , actAsSubject:
            WsSubjectLookup[subjectId=urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418], txType: NONE,
            paramNames: , params: null</resultMessage>
        <success>T</success>
    </resultMetadata>
    <responseMetadata>
        <resultWarnings/>
        <millis>96</millis>
        <serverVersion>2.1.2</serverVersion>
    </responseMetadata>
</WsStemSaveResults>

Exceptions

If an error occurred, some non-2xx code will be returned. Check the HTTP Status Code that is returned in the response's HTTP headers for the specific error. The following errors may be returned in response to the Get request:

Error (Status Code)

Meaning

Returned When

400

Bad Request

If any of the arguments are invalid

401

Unauthorized

The client submitting the request is not a member of the Bamboo Trust Federation group or does not have privileges on the stem

500

Internal Server Error

A service error prevented the resource from being returned

Update a Stem

An authenticated user can update an existing stem under the Bamboo Groups stem. They can also update a stem under another stem as long as:

  • The stem in question is a descendant of the Bamboo Groups stem
  • The user has the necessary privileges to create a stem under said stem

The user must provide one or both of a name or description for the stem.

Calling Method and Arguments

Invoked as an HTTP PUT method. Send an HTTPS request of the form:

PUT <url root>/bsp/groups/stems/{stemid}/?parentstemid={value}&name={value}&description={value} HTTP/1.1

Parameters:.

Parameter

Meaning

parentstemid

Identifier of the parent stem

descriptionA description for the stem
nameA name for the stem


Example:

PUT <url root>/bsp/groups/stems/d0cbc8c7-018c-4146-92bc-4b033d31934c/?name=A better name&description=A better description

Response

On success, a response with a "201 Created" HTTP status code will be returned.

Example HTTP Body:

<WsStemSaveResults>
    <results>
        <WsStemSaveResult>
            <wsStem>
                <extension>d0cbc8c7-018c-4146-92bc-4b033d31934c</extension>
                <displayExtension>A better name</displayExtension>
                <description>A better description</description>
                <displayName>bamboo:groups:A better name</displayName>
                <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:d0cbc8c7-018c-4146-92bc-4b033d31934c</name>
                <uuid>b9988b0162234941a8fb181cccef86f9</uuid>
            </wsStem>
            <resultMetadata>
                <resultCode>SUCCESS_UPDATED</resultCode>
                <success>T</success>
            </resultMetadata>
        </WsStemSaveResult>
    </results>
    <resultMetadata>
        <resultCode>SUCCESS</resultCode>
        <resultMessage>Success for: clientVersion: 2.1.2, wsStemToSaves: Array size: 1: [0]:
            WsStemToSave[
            wsStemLookup=WsStemLookup[stemName=458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:d0cbc8c7-018c-4146-92bc-4b033d31934c],
            wsStem=WsSt... , actAsSubject:
            WsSubjectLookup[subjectId=urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418], txType: NONE,
            paramNames: , params: null</resultMessage>
        <success>T</success>
    </resultMetadata>
    <responseMetadata>
        <resultWarnings/>
        <millis>58</millis>
        <serverVersion>2.1.2</serverVersion>
    </responseMetadata>
</WsStemSaveResults>

Exceptions

If an error occurred, some non-2xx code will be returned. Check the HTTP Status Code that is returned in the response's HTTP headers for the specific error. The following errors may be returned in response to the Get request:

Error (Status Code)

Meaning

Returned When

400

Bad Request

If any of the arguments are invalid

401

Unauthorized

The client submitting the request is not a member of the Bamboo Trust Federation group or does not have privileges on the stem

500

Internal Server Error

A service error prevented the resource from being returned

Read a Stem

An authenticated user can read a stem.

Calling Method and Arguments

Invoked as an HTTP GET method. Send an HTTPS request of the form:

GET <url root>/bsp/groups/stems/{stemid} HTTP/1.1


Example:

GET <url root>/bsp/groups/stems/e97dfad1-9b67-4a31-8cf0-db64f20f8ffe

Response

On success, a response with a "200 OK" HTTP status code will be returned.

Example HTTP Body:

<WsFindStemsResults>
    <stemResults>
        <WsStem>
            <extension>e97dfad1-9b67-4a31-8cf0-db64f20f8ffe</extension>
            <displayExtension>e97dfad1-9b67-4a31-8cf0-db64f20f8ffe</displayExtension>
            <description>Stem created by urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418</description>
            <displayName>bamboo:groups:A better
                name:e97dfad1-9b67-4a31-8cf0-db64f20f8ffe</displayName>
            <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:d0cbc8c7-018c-4146-92bc-4b033d31934c:e97dfad1-9b67-4a31-8cf0-db64f20f8ffe</name>
            <uuid>49b5e43854b7453ebfe0675e96413870</uuid>
        </WsStem>
    </stemResults>
    <resultMetadata>
        <resultCode>SUCCESS</resultCode>
        <resultMessage>Success for: clientVersion: 2.1.2, wsStemQueryFilter:
            WsStemQueryFilter[stemQueryFilterType=FIND_BY_STEM_NAME_APPROXIMATE,stemName=e97dfad1-9b67-4a31-8cf0-db64f20f8ffe],
            actAsSubject: WsSubjectLookup[subjectId=urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418] ,
            params: null , wsStemLookups: null</resultMessage>
        <success>T</success>
    </resultMetadata>
    <responseMetadata>
        <resultWarnings/>
        <millis>39</millis>
        <serverVersion>2.1.2</serverVersion>
    </responseMetadata>
</WsFindStemsResults>

Exceptions

If an error occurred, some non-2xx code will be returned. Check the HTTP Status Code that is returned in the response's HTTP headers for the specific error. The following errors may be returned in response to the Get request:

Error (Status Code)

Meaning

Returned When

404

Not Found

If the stem does not exist

401

Unauthorized

The client submitting the request is not a member of the Bamboo Trust Federation group or does not have privileges on the stem

500

Internal Server Error

A service error prevented the resource from being returned

Delete a Stem

An authenticated user with delete priviliges for the stem can delete the stem.

Calling Method and Arguments

Invoked as an HTTP DELETE method. Send an HTTPS request of the form:

DELETE <url root>/bsp/groups/stems/{stemid} HTTP/1.1

Example:

DELETE <url root>/bsp/groups/stems/d0cbc8c7-018c-4146-92bc-4b033d31934c

Response

On success, a response with a "200 OK" HTTP status code will be returned.

Example HTTP Body:

<WsStemDeleteResults>
    <results>
        <WsStemDeleteResult>
            <wsStem>
                <extension>d0cbc8c7-018c-4146-92bc-4b033d31934c</extension>
                <displayExtension>A better name</displayExtension>
                <description>A better description</description>
                <displayName>bamboo:groups:A better name</displayName>
                <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:d0cbc8c7-018c-4146-92bc-4b033d31934c</name>
                <uuid>b9988b0162234941a8fb181cccef86f9</uuid>
            </wsStem>
            <resultMetadata>
                <resultCode>SUCCESS</resultCode>
                <resultMessage>Stem
                    &apos;458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:d0cbc8c7-018c-4146-92bc-4b033d31934c&apos;
                    was deleted.</resultMessage>
                <success>T</success>
            </resultMetadata>
        </WsStemDeleteResult>
    </results>
    <resultMetadata>
        <resultCode>SUCCESS</resultCode>
        <resultMessage>Success for: clientVersion: 2.1.2, wsStemLookups: Array size: 1: [0]:
            WsStemLookup[stemName=458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:d0cbc8c7-018c-4146-92bc-4b033d31934c]
            , actAsSubject:
            WsSubjectLookup[subjectId=urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418], txType: NONE,
            paramNames: , params: null</resultMessage>
        <success>T</success>
    </resultMetadata>
    <responseMetadata>
        <resultWarnings/>
        <millis>75</millis>
        <serverVersion>2.1.2</serverVersion>
    </responseMetadata>
</WsStemDeleteResults>

Exceptions

If an error occurred, some non-2xx code will be returned. Check the HTTP Status Code that is returned in the response's HTTP headers for the specific error. The following errors may be returned in response to the Get request:

Error (Status Code)

Meaning

Returned When

404

Not Found

If the stem does not exist

401

Unauthorized

The client submitting the request is not a member of the Bamboo Trust Federation group or does not have privileges on the stem

500

Internal Server Error

A service error prevented the resource from being returned

Add or remove privilege of a Bamboo Person for a Stem

An authenticated user with privileges for the stem can grant or deny privileges to another a Bamboo Person for a stem.

Calling Method and Arguments

Invoked as an HTTP PUT method. Send an HTTPS request of the form:

PUT <url root>/bsp/groups/stems/{stemid}/privileges/{bpid}/?privilegetype="value"&privilegename="value"&allowed="value" HTTP/1.1

Parameters:.

Parameter

Meaning

privilegetype

the privilege type, always NAMING for operating on stems

privilegenamethe privilege name, e.g. CREATE
allowedT or F, depending on whether privilege is to be added or removed

Allowed values for the parameter privilegename:

  • CREATE - can create a group(s) named with a naming stem, and
  • STEM - can assign who has CREATE for the naming stem, and can create naming stems subordinate to this one. by making it a member of the SysAdmin group

Example:

PUT <url root>/bsp/groups/stems/cbd01854-0261-49c0-96eb-c816f0c6da8c/privileges/urn:uuid:04574969-e851-4fbf-8535-0b81b9b3f2f3/?privilegetype=NAMING&privilegename=CREATE&allowed=T

Response

On success, a response with a "200 OK" HTTP status code will be returned.

Example HTTP Body:

<WsAssignGrouperPrivilegesResults>
    <resultMetadata>
        <resultCode>SUCCESS</resultCode>
        <resultMessage>Success for: clientVersion: 2.1.2, wsSubjects: Array size: 1: [0]:
            WsSubjectLookup[subjectId=urn:uuid:04574969-e851-4fbf-8535-0b81b9b3f2f3] , group: null,
            stem:
            WsStemLookup[stemName=458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:cbd01854-0261-49c0-96eb-c816f0c6da8c],
            privilege: NAMING-Array size: 1: [0]: create , allowed? true, actAsSubject:
            WsSubjectLookup[subjectId=urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418],
            replaceAllExisting: false , params: null</resultMessage>
        <success>T</success>
    </resultMetadata>
    <responseMetadata>
        <resultWarnings/>
        <millis>111</millis>
        <serverVersion>2.1.2</serverVersion>
    </responseMetadata>
    <wsStem>
        <extension>cbd01854-0261-49c0-96eb-c816f0c6da8c</extension>
        <displayExtension>cbd01854-0261-49c0-96eb-c816f0c6da8c</displayExtension>
        <description>A new description</description>
        <displayName>bamboo:groups:cbd01854-0261-49c0-96eb-c816f0c6da8c</displayName>
        <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:cbd01854-0261-49c0-96eb-c816f0c6da8c</name>
        <uuid>26b3ce457830493eb839f715c83c874b</uuid>
    </wsStem>
    <results>
        <WsAssignGrouperPrivilegesResult>
            <resultMetadata>
                <resultCode>SUCCESS_ALLOWED</resultCode>
                <success>T</success>
            </resultMetadata>
            <privilegeName>create</privilegeName>
            <privilegeType>naming</privilegeType>
            <wsSubject>
                <resultCode>SUCCESS</resultCode>
                <success>T</success>
                <id>urn:uuid:04574969-e851-4fbf-8535-0b81b9b3f2f3</id>
                <name>earnest adams</name>
                <sourceId>postgresSubjectSource</sourceId>
            </wsSubject>
        </WsAssignGrouperPrivilegesResult>
    </results>
</WsAssignGrouperPrivilegesResults>

Exceptions

If an error occurred, some non-2xx code will be returned. Check the HTTP Status Code that is returned in the response's HTTP headers for the specific error. The following errors may be returned in response to the Get request:

Error (Status Code)

Meaning

Returned When

404

Not Found

If the stem does not exist

401

Unauthorized

The client submitting the request is not a member of the Bamboo Trust Federation group or does not have privileges on the stem

500

Internal Server Error

A service error prevented the resource from being returned

Group

Create a Group

An authenticated user can create a new group under the Bamboo Groups stem. They can also create a group under an existing stem as long as:

  • The stem in question is a descendant of the Bamboo Groups stem
  • The user has the necessary privileges to create a group under said stem

The user can provide an optional name and description for the new group; if they are not provided, they will be generated. If generated, the user can perform an Update Group to change these values.

Calling Method and Arguments

Invoked as an HTTP POST method. Send an HTTPS request of the form:

POST <url root>/bsp/groups/?parentstemid={value}&name={value}&description={value} HTTP/1.1

Parameters:.

Parameter

Meaning

parentstemid

Identifier of the parent stem

descriptionA description for the new group
nameA name for the new group


Example:

POST <url root>/bsp/groups

Response

On success, a response with a "201 Created" HTTP status code will be returned.

Parameter

Meaning

HTTP Header Location

A URL of the form "/bsp/groups/groupid" where "groupid" is the group identifier

Example Location Header:

<url root>/bsp/groups/2b845688-88f8-4728-980a-071353b528e3

Example HTTP Body:

<WsGroupSaveResults>
    <results>
        <WsGroupSaveResult>
            <wsGroup>
                <extension>2b845688-88f8-4728-980a-071353b528e3</extension>
                <typeOfGroup>group</typeOfGroup>
                <displayExtension>2b845688-88f8-4728-980a-071353b528e3</displayExtension>
                <description>Group created by
                    urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418</description>
                <displayName>bamboo:groups:2b845688-88f8-4728-980a-071353b528e3</displayName>
                <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:2b845688-88f8-4728-980a-071353b528e3</name>
                <uuid>dac85da9850040cf9f88814e498ce4e4</uuid>
            </wsGroup>
            <resultMetadata>
                <resultCode>SUCCESS_INSERTED</resultCode>
                <success>T</success>
            </resultMetadata>
        </WsGroupSaveResult>
    </results>
    <resultMetadata>
        <resultCode>SUCCESS</resultCode>
        <resultMessage>Success for: clientVersion: 2.1.2, wsGroupToSaves: Array size: 1: [0]:
            WsGroupToSave[
            wsGroupLookup=WsGroupLookup[groupName=458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:2b845688-88f8-4728-980a-071353b528e3],
            wsGroup... , actAsSubject:
            WsSubjectLookup[subjectId=urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418], txType: NONE,
            paramNames: , params: null</resultMessage>
        <success>T</success>
    </resultMetadata>
    <responseMetadata>
        <resultWarnings/>
        <millis>143</millis>
        <serverVersion>2.1.2</serverVersion>
    </responseMetadata>
</WsGroupSaveResults>

Exceptions

If an error occurred, some non-2xx code will be returned. Check the HTTP Status Code that is returned in the response's HTTP headers for the specific error. The following errors may be returned in response to the Get request:

Error (Status Code)

Meaning

Returned When

400

Bad Request

If any of the arguments are invalid

401

Unauthorized

The client submitting the request is not a member of the Bamboo Trust Federation group or does not have privileges on the stem

500

Internal Server Error

A service error prevented the resource from being returned

Update a Group

An authenticated user can update an existing group under the Bamboo Groups stem. They can also update a group under another stem as long as:

  • The stem in question is a descendant of the Bamboo Groups stem
  • The user has the necessary privileges to update a group under said stem

The user must provide one or both of a name or description for the group.

Calling Method and Arguments

Invoked as an HTTP PUT method. Send an HTTPS request of the form:

PUT <url root>/bsp/groups/{groupid}/?&name={value}&description={value} HTTP/1.1

Parameters:.

Parameter

Meaning

groupid

Identifier of the group

descriptionA description for the group
nameA name for the group


Example:

PUT <url root>/bsp/groups/2b845688-88f8-4728-980a-071353b528e3/?name=MyGroupName&description=A better description

Response

On success, a response with a "201 Created" HTTP status code will be returned.

Example HTTP Body:

<WsGroupSaveResults>
    <results>
        <WsGroupSaveResult>
            <wsGroup>
                <extension>2b845688-88f8-4728-980a-071353b528e3</extension>
                <typeOfGroup>group</typeOfGroup>
                <displayExtension>MyGroupName</displayExtension>
                <description>A better description</description>
                <displayName>bamboo:groups:MyGroupName</displayName>
                <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:2b845688-88f8-4728-980a-071353b528e3</name>
                <uuid>dac85da9850040cf9f88814e498ce4e4</uuid>
            </wsGroup>
            <resultMetadata>
                <resultCode>SUCCESS_UPDATED</resultCode>
                <success>T</success>
            </resultMetadata>
        </WsGroupSaveResult>
    </results>
    <resultMetadata>
        <resultCode>SUCCESS</resultCode>
        <resultMessage>Success for: clientVersion: 2.1.2, wsGroupToSaves: Array size: 1: [0]:
            WsGroupToSave[
            wsGroupLookup=WsGroupLookup[groupName=458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:2b845688-88f8-4728-980a-071353b528e3],
            wsGroup... , actAsSubject:
            WsSubjectLookup[subjectId=urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418], txType: NONE,
            paramNames: , params: null</resultMessage>
        <success>T</success>
    </resultMetadata>
    <responseMetadata>
        <resultWarnings/>
        <millis>72</millis>
        <serverVersion>2.1.2</serverVersion>
    </responseMetadata>
</WsGroupSaveResults>

Exceptions

If an error occurred, some non-2xx code will be returned. Check the HTTP Status Code that is returned in the response's HTTP headers for the specific error. The following errors may be returned in response to the Get request:

Error (Status Code)

Meaning

Returned When

400

Bad Request

If any of the arguments are invalid

401

Unauthorized

The client submitting the request is not a member of the Bamboo Trust Federation group or does not have privileges on the group or stem

500

Internal Server Error

A service error prevented the resource from being returned

Read a Group

An authenticated user can read a group.

Calling Method and Arguments

Invoked as an HTTP GET method. Send an HTTPS request of the form:

GET <url root>/bsp/groups/{groupid} HTTP/1.1

Parameters:.

Parameter

Meaning

groupid

Identifier of the group

Example:

GET <url root>/bsp/groups/2b845688-88f8-4728-980a-071353b528e3

Response

On success, a response with a "200 OK" HTTP status code will be returned.

Example HTTP Body:

<WsFindGroupsResults>
    <groupResults>
        <WsGroup>
            <extension>2b845688-88f8-4728-980a-071353b528e3</extension>
            <typeOfGroup>group</typeOfGroup>
            <displayExtension>MyGroupName</displayExtension>
            <description>A better description</description>
            <displayName>bamboo:groups:MyGroupName</displayName>
            <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:2b845688-88f8-4728-980a-071353b528e3</name>
            <uuid>dac85da9850040cf9f88814e498ce4e4</uuid>
            <detail>
                <hasComposite>F</hasComposite>
                <typeNames/>
                <createSubjectId>urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418</createSubjectId>
                <createTime>2013/03/12 11:53:07.984</createTime>
                <isCompositeFactor>F</isCompositeFactor>
                <modifySubjectId>urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418</modifySubjectId>
                <modifyTime>2013/03/12 11:55:03.416</modifyTime>
            </detail>
        </WsGroup>
    </groupResults>
    <resultMetadata>
        <resultCode>SUCCESS</resultCode>
        <resultMessage>Success for: clientVersion: 2.1.2, wsQueryFilter:
            WsQueryFilter[queryFilterType=FIND_BY_GROUP_NAME_APPROXIMATE,groupName=2b845688-88f8-4728-980a-071353b528e3]
            , includeGroupDetail: true, actAsSubject:
            WsSubjectLookup[subjectId=urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418], paramNames: ,
            params: null , wsGroupLookups: null</resultMessage>
        <success>T</success>
    </resultMetadata>
    <responseMetadata>
        <resultWarnings/>
        <millis>61</millis>
        <serverVersion>2.1.2</serverVersion>
    </responseMetadata>
</WsFindGroupsResults>

Exceptions

If an error occurred, some non-2xx code will be returned. Check the HTTP Status Code that is returned in the response's HTTP headers for the specific error. The following errors may be returned in response to the Get request:

Error (Status Code)

Meaning

Returned When

404

Not Found

If the group does not exist

401

Unauthorized

The client submitting the request is not a member of the Bamboo Trust Federation group or does not have privileges on the group

500

Internal Server Error

A service error prevented the resource from being returned

Add a Bamboo Person to a Group

An authenticated user can add a Bamboo Person as a member to a group.

Calling Method and Arguments

Invoked as an HTTP PUT method. Send an HTTPS request of the form:

PUT <url root>/bsp/groups/{groupid}/members/{bpid} HTTP/1.1

Parameters:.

Parameter

Meaning

groupid

Identifier of the group

bpidIdentifier for a Bamboo Person

Example:

PUT <url root>/bsp/groups/2b845688-88f8-4728-980a-071353b528e3/members/urn:uuid:04574969-e851-4fbf-8535-0b81b9b3f2f3

Response

On success, a response with a "201 CREATED" HTTP status code will be returned.

Example HTTP Body:

<WsAddMemberResults>
    <results>
        <WsAddMemberResult>
            <wsSubject>
                <resultCode>SUCCESS</resultCode>
                <success>T</success>
                <id>urn:uuid:04574969-e851-4fbf-8535-0b81b9b3f2f3</id>
                <name>earnest adams</name>
                <sourceId>postgresSubjectSource</sourceId>
            </wsSubject>
            <resultMetadata>
                <resultCode>SUCCESS</resultCode>
                <success>T</success>
            </resultMetadata>
        </WsAddMemberResult>
    </results>
    <wsGroupAssigned>
        <extension>2b845688-88f8-4728-980a-071353b528e3</extension>
        <typeOfGroup>group</typeOfGroup>
        <displayExtension>MyGroupName</displayExtension>
        <description>A better description</description>
        <displayName>bamboo:groups:MyGroupName</displayName>
        <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:2b845688-88f8-4728-980a-071353b528e3</name>
        <uuid>dac85da9850040cf9f88814e498ce4e4</uuid>
    </wsGroupAssigned>
    <resultMetadata>
        <resultCode>SUCCESS</resultCode>
        <resultMessage>Success for: clientVersion: 2.1.2, wsGroupLookup:
            WsGroupLookup[pitGroups=[],groupName=458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:2b845688-88f8-4728-980a-071353b528e3],
            subjectLookups: Array size: 1: [0]:
            WsSubjectLookup[subjectId=urn:uuid:04574969-e851-4fbf-8535-0b81b9b3f2f3] ,
            replaceAllExisting: false, actAsSubject:
            WsSubjectLookup[subjectId=urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418], fieldName:
            null, txType: NONE, includeGroupDetail: false, includeSubjectDetail: false,
            subjectAttributeNames: null , params: null , disabledDate: null, enabledDate:
            null</resultMessage>
        <success>T</success>
    </resultMetadata>
    <responseMetadata>
        <resultWarnings/>
        <millis>119</millis>
        <serverVersion>2.1.2</serverVersion>
    </responseMetadata>
</WsAddMemberResults>

Exceptions

If an error occurred, some non-2xx code will be returned. Check the HTTP Status Code that is returned in the response's HTTP headers for the specific error. The following errors may be returned in response to the Get request:

Error (Status Code)

Meaning

Returned When

404

Not Found

If the group or Bamboo Person does not exist

401

Unauthorized

The client submitting the request is not a member of the Bamboo Trust Federation group or does not have privileges on the group

500

Internal Server Error

A service error prevented the resource from being returned

Delete a Bamboo Person from a Group

An authenticated user can remove a Bamboo Person as a member from a group.

Calling Method and Arguments

Invoked as an HTTP DELETE method. Send an HTTPS request of the form:

DELETE <url root>/bsp/groups/{groupid}/members/{bpid} HTTP/1.1

Parameters:.

Parameter

Meaning

groupid

Identifier of the group

bpidIdentifier for a Bamboo Person

Example:

DELETE <url root>/bsp/groups/2b845688-88f8-4728-980a-071353b528e3/members/urn:uuid:04574969-e851-4fbf-8535-0b81b9b3f2f3

Response

On success, a response with a "200 OK" HTTP status code will be returned.

Example HTTP Body:

<WsDeleteMemberResults>
    <results>
        <WsDeleteMemberResult>
            <wsSubject>
                <resultCode>SUCCESS</resultCode>
                <success>T</success>
                <id>urn:uuid:04574969-e851-4fbf-8535-0b81b9b3f2f3</id>
                <name>earnest adams</name>
                <sourceId>postgresSubjectSource</sourceId>
            </wsSubject>
            <resultMetadata>
                <resultCode>SUCCESS</resultCode>
                <success>T</success>
            </resultMetadata>
        </WsDeleteMemberResult>
    </results>
    <wsGroup>
        <extension>2b845688-88f8-4728-980a-071353b528e3</extension>
        <typeOfGroup>group</typeOfGroup>
        <displayExtension>MyGroupName</displayExtension>
        <description>A better description</description>
        <displayName>bamboo:groups:MyGroupName</displayName>
        <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:2b845688-88f8-4728-980a-071353b528e3</name>
        <uuid>dac85da9850040cf9f88814e498ce4e4</uuid>
    </wsGroup>
    <resultMetadata>
        <resultCode>SUCCESS</resultCode>
        <resultMessage>Success for: clientVersion: 2.1.2, wsGroupLookup:
            WsGroupLookup[pitGroups=[],groupName=458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:2b845688-88f8-4728-980a-071353b528e3],
            subjectLookups: Array size: 1: [0]:
            WsSubjectLookup[subjectId=urn:uuid:04574969-e851-4fbf-8535-0b81b9b3f2f3] , actAsSubject:
            WsSubjectLookup[subjectId=urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418], fieldName:
            null, txType: NONE , params: null</resultMessage>
        <success>T</success>
    </resultMetadata>
    <responseMetadata>
        <resultWarnings/>
        <millis>100</millis>
        <serverVersion>2.1.2</serverVersion>
    </responseMetadata>
</WsDeleteMemberResults>

Exceptions

If an error occurred, some non-2xx code will be returned. Check the HTTP Status Code that is returned in the response's HTTP headers for the specific error. The following errors may be returned in response to the Get request:

Error (Status Code)

Meaning

Returned When

404

Not Found

If the group or Bamboo Person does not exist

401

Unauthorized

The client submitting the request is not a member of the Bamboo Trust Federation group or does not have privileges on the group

500

Internal Server Error

A service error prevented the resource from being returned

Add a Group to a Group

An authenticated user can add a group as a member to another group.

Calling Method and Arguments

Invoked as an HTTP PUT method. Send an HTTPS request of the form:

PUT <url root>/bsp/groups/{groupid}/groups/{groupmemberid} HTTP/1.1

Parameters:.

Parameter

Meaning

groupid

Identifier of the group

groupmemberid uuid of the group (and no hyphens) for a group

Example:

PUT <url root>/bsp/groups/44edfe53-088c-4c22-be14-cabbc61a2546/groups/73d64e2e64334d4d9f1c555c07269a13

Response

On success, a response with a "201 CREATED" HTTP status code will be returned.

Example HTTP Body:

 <WsAddMemberResults>
    <results>
        <WsAddMemberResult>
            <wsSubject>
                <resultCode>SUCCESS</resultCode>
                <success>T</success>
                <id>73d64e2e64334d4d9f1c555c07269a13</id>
                <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:0b19b547-91a6-46e1-bda1-18c7286049ee</name>
                <sourceId>g:gsa</sourceId>
            </wsSubject>
            <resultMetadata>
                <resultCode>SUCCESS</resultCode>
                <success>T</success>
            </resultMetadata>
        </WsAddMemberResult>
    </results>
    <wsGroupAssigned>
        <extension>44edfe53-088c-4c22-be14-cabbc61a2546</extension>
        <typeOfGroup>group</typeOfGroup>
        <displayExtension>romp-1</displayExtension>
        <displayName>bamboo:groups:romp-1</displayName>
        <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:44edfe53-088c-4c22-be14-cabbc61a2546</name>
        <uuid>121b716b7f714aa5a5c263fdc766348a</uuid>
    </wsGroupAssigned>
    <resultMetadata>
        <resultCode>SUCCESS</resultCode>
        <resultMessage>Success for: clientVersion: 2.1.2, wsGroupLookup:
            WsGroupLookup[pitGroups=[],groupName=458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:44edfe53-088c-4c22-be14-cabbc61a2546],
            subjectLookups: Array size: 1: [0]:
            WsSubjectLookup[subjectId=73d64e2e64334d4d9f1c555c07269a13] , replaceAllExisting: false,
            actAsSubject: WsSubjectLookup[subjectId=urn:uuid:41c8f60f-7287-4ac2-bec1-cd9fd3b85b69],
            fieldName: null, txType: NONE, includeGroupDetail: false, includeSubjectDetail: false,
            subjectAttributeNames: null , params: null , disabledDate: null, enabledDate:
            null</resultMessage>
        <success>T</success>
    </resultMetadata>
    <responseMetadata>
        <resultWarnings/>
        <millis>180</millis>
        <serverVersion>2.1.2</serverVersion>
    </responseMetadata>
</WsAddMemberResults>

Exceptions

If an error occurred, some non-2xx code will be returned. Check the HTTP Status Code that is returned in the response's HTTP headers for the specific error. The following errors may be returned in response to the Get request:

Error (Status Code)

Meaning

Returned When

404

Not Found

If the group does not exist

401

Unauthorized

The client submitting the request is not a member of the Bamboo Trust Federation group or does not have privileges on the group

500

Internal Server Error

A service error prevented the resource from being returned

Delete a Group from a Group

An authenticated user can remove a group as a member from a group.

Calling Method and Arguments

Invoked as an HTTP DELETE method. Send an HTTPS request of the form:

DELETE <url root>/bsp/groups/{groupid}/groups/{groupmemberid} HTTP/1.1

Parameters:.

Parameter

Meaning

groupid

Identifier of the group

groupmemberid uuid of the group (and no hyphens) for a group

Example:

DELETE <url root>/bsp/groups/44edfe53-088c-4c22-be14-cabbc61a2546/groups/73d64e2e64334d4d9f1c555c07269a13

Response

On success, a response with a "200 OK" HTTP status code will be returned.

Example HTTP Body:

 <WsDeleteMemberResults>
    <results>
        <WsDeleteMemberResult>
            <wsSubject>
                <resultCode>SUCCESS</resultCode>
                <success>T</success>
                <id>73d64e2e64334d4d9f1c555c07269a13</id>
                <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:0b19b547-91a6-46e1-bda1-18c7286049ee</name>
                <sourceId>g:gsa</sourceId>
            </wsSubject>
            <resultMetadata>
                <resultCode>SUCCESS</resultCode>
                <success>T</success>
            </resultMetadata>
        </WsDeleteMemberResult>
    </results>
    <wsGroup>
        <extension>44edfe53-088c-4c22-be14-cabbc61a2546</extension>
        <typeOfGroup>group</typeOfGroup>
        <displayExtension>romp-1</displayExtension>
        <displayName>bamboo:groups:romp-1</displayName>
        <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:44edfe53-088c-4c22-be14-cabbc61a2546</name>
        <uuid>121b716b7f714aa5a5c263fdc766348a</uuid>
    </wsGroup>
    <resultMetadata>
        <resultCode>SUCCESS</resultCode>
        <resultMessage>Success for: clientVersion: 2.1.2, wsGroupLookup:
            WsGroupLookup[pitGroups=[],groupName=458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:44edfe53-088c-4c22-be14-cabbc61a2546],
            subjectLookups: Array size: 1: [0]:
            WsSubjectLookup[subjectId=73d64e2e64334d4d9f1c555c07269a13] , actAsSubject:
            WsSubjectLookup[subjectId=urn:uuid:41c8f60f-7287-4ac2-bec1-cd9fd3b85b69], fieldName:
            null, txType: NONE , params: null</resultMessage>
        <success>T</success>
    </resultMetadata>
    <responseMetadata>
        <resultWarnings/>
        <millis>158</millis>
        <serverVersion>2.1.2</serverVersion>
    </responseMetadata>
</WsDeleteMemberResults>

Exceptions

If an error occurred, some non-2xx code will be returned. Check the HTTP Status Code that is returned in the response's HTTP headers for the specific error. The following errors may be returned in response to the Get request:

Error (Status Code)

Meaning

Returned When

404

Not Found

If the group does not exist

401

Unauthorized

The client submitting the request is not a member of the Bamboo Trust Federation group or does not have privileges on the group

500

Internal Server Error

A service error prevented the resource from being returned

List a Group's Members

An authenticated user can retrieve a list of the members for a group.

Calling Method and Arguments

Invoked as an HTTP GET method. Send an HTTPS request of the form:

GET <url root>/bsp/groups/{groupid}/members HTTP/1.1


Example:

GET <url root>/bsp/groups/cbd01854-0261-49c0-96eb-c816f0c6da8c:c101f936-d16a-49ef-b86c-c60e7c1771ec/members

Response

On success, a response with a "200 OK" HTTP status code will be returned.

Example HTTP Body:

<WsGetMembersResults>
    <subjectAttributeNames>
        <string>description</string>
        <string>name</string>
    </subjectAttributeNames>
    <resultMetadata>
        <resultCode>SUCCESS</resultCode>
        <resultMessage>Success for: clientVersion: 2.1.2, wsGroupLookups: Array size: 1: [0]:
            WsGroupLookup[groupName=458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:cbd01854-0261-49c0-96eb-c816f0c6da8c:c101f936-d16a-49ef-b86c-c60e7c1771ec]
            , memberFilter: All, includeSubjectDetail: false, actAsSubject:
            WsSubjectLookup[subjectId=urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418], fieldName:
            null, subjectAttributeNames: Array size: 2: [0]: description [1]: name , paramNames: ,
            params: null , sourceIds: null , pointInTimeFrom: null, pointInTimeTo:
            null</resultMessage>
        <success>T</success>
    </resultMetadata>
    <responseMetadata>
        <resultWarnings/>
        <millis>57</millis>
        <serverVersion>2.1.2</serverVersion>
    </responseMetadata>
    <results>
        <WsGetMembersResult>
            <wsGroup>
                <extension>c101f936-d16a-49ef-b86c-c60e7c1771ec</extension>
                <typeOfGroup>group</typeOfGroup>
                <displayExtension>A groupname</displayExtension>
                <description>A group description</description>
                <displayName>bamboo:groups:cbd01854-0261-49c0-96eb-c816f0c6da8c:A
                    groupname</displayName>
                <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:cbd01854-0261-49c0-96eb-c816f0c6da8c:c101f936-d16a-49ef-b86c-c60e7c1771ec</name>
                <uuid>cafe50ab623d4af98b7faedf8b99563d</uuid>
            </wsGroup>
            <wsSubjects>
                <WsSubject>
                    <resultCode>SUCCESS</resultCode>
                    <success>T</success>
                    <id>urn:uuid:04574969-e851-4fbf-8535-0b81b9b3f2f3</id>
                    <name>earnest adams</name>
                    <sourceId>postgresSubjectSource</sourceId>
                    <attributeValues>
                        <string>Ernie Adams from the Voronoi Project</string>
                        <string>earnest adams</string>
                    </attributeValues>
                </WsSubject>
            </wsSubjects>
            <resultMetadata>
                <resultCode>SUCCESS</resultCode>
                <success>T</success>
            </resultMetadata>
        </WsGetMembersResult>
    </results>
</WsGetMembersResults>

Exceptions

If an error occurred, some non-2xx code will be returned. Check the HTTP Status Code that is returned in the response's HTTP headers for the specific error. The following errors may be returned in response to the Get request:

Error (Status Code)

Meaning

Returned When

404

Not Found

If the group or Bamboo Person does not exist

401

Unauthorized

The client submitting the request is not a member of the Bamboo Trust Federation group or does not have privileges on the group

500

Internal Server Error

A service error prevented the resource from being returned

Determine if a Bamboo Person is a Member of  a Group

An authenticated user can determine if a group contains a Bamboo Person.

Calling Method and Arguments

Invoked as an HTTP GET method. Send an HTTPS request of the form:

GET <url root>/bsp/groups/{groupid}/members/{bpid} HTTP/1.1

Example:

GET <url root>/bsp/groups/cbd01854-0261-49c0-96eb-c816f0c6da8c:c101f936-d16a-49ef-b86c-c60e7c1771ec/members/urn:uuid:04574969-e851-4fbf-8535-0b81b9b3f2f3

Response

On success, a response with a "200 OK" HTTP status code will be returned.

Example HTTP Body:

 <WsHasMemberResults>
    <results>
        <WsHasMemberResult>
            <wsSubject>
                <resultCode>SUCCESS</resultCode>
                <success>T</success>
                <id>urn:uuid:04574969-e851-4fbf-8535-0b81b9b3f2f3</id>
                <name>earnest adams</name>
                <sourceId>postgresSubjectSource</sourceId>
            </wsSubject>
            <resultMetadata>
                <resultCode>IS_MEMBER</resultCode>
                <success>T</success>
            </resultMetadata>
        </WsHasMemberResult>
    </results>
    <wsGroup>
        <extension>c101f936-d16a-49ef-b86c-c60e7c1771ec</extension>
        <typeOfGroup>group</typeOfGroup>
        <displayExtension>A groupname</displayExtension>
        <description>A group description</description>
        <displayName>bamboo:groups:cbd01854-0261-49c0-96eb-c816f0c6da8c:A groupname</displayName>
        <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:cbd01854-0261-49c0-96eb-c816f0c6da8c:c101f936-d16a-49ef-b86c-c60e7c1771ec</name>
        <uuid>cafe50ab623d4af98b7faedf8b99563d</uuid>
    </wsGroup>
    <resultMetadata>
        <resultCode>SUCCESS</resultCode>
        <resultMessage>Success for: clientVersion: 2.1.2, wsGroupLookup:
            WsGroupLookup[pitGroups=[],groupName=458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:cbd01854-0261-49c0-96eb-c816f0c6da8c:c101f936-d16a-49ef-b86c-c60e7c1771ec],
            subjectLookups: Array size: 1: [0]:
            WsSubjectLookup[subjectId=urn:uuid:04574969-e851-4fbf-8535-0b81b9b3f2f3] memberFilter:
            All, actAsSubject:
            WsSubjectLookup[subjectId=urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418], fieldName:
            null, includeGroupDetail: false, includeSubjectDetail: false, subjectAttributeNames:
            null ,params: null ,pointInTimeFrom: null, pointInTimeTo: null</resultMessage>
        <success>T</success>
    </resultMetadata>
    <responseMetadata>
        <resultWarnings/>
        <millis>88</millis>
        <serverVersion>2.1.2</serverVersion>
    </responseMetadata>
</WsHasMemberResults>

Exceptions

If an error occurred, some non-2xx code will be returned. Check the HTTP Status Code that is returned in the response's HTTP headers for the specific error. The following errors may be returned in response to the Get request:

Error (Status Code)

Meaning

Returned When

404

Not Found

If the group or Bamboo Person does not exist

401

Unauthorized

The client submitting the request is not a member of the Bamboo Trust Federation group or does not have privileges on the group

500

Internal Server Error

A service error prevented the resource from being returned

Add or Remove Privileges of a Bamboo Person for a Group

An authenticated user can grant or deny privileges for a Bamboo Person for a group if they have the privileges to do so.

Calling Method and Arguments

Invoked as an HTTP PUT method. Send an HTTPS request of the form:

PUT <url root>/bsp/groups/{groupid}/privileges/{bpid}/?privilegetype="value"&privilegename="value"&allowed="value" HTTP/1.1

Parameters:.

Parameter

Meaning

privilegetype

the privilege type, always ACCESS for operating on groups

privilegenamethe privilege name, e.g. ADMIN 
allowedT or F, depending on whether privilege is to be added or removed

Allowed values for the parameter privilegename:

  • ADMIN - can assign access privileges and manage all group information,
  • UPDATE - can manage membership of the group (implies READ),
  • READ - can see the membership of the group (implies VIEW), and
  • VIEW - can see the group.
  • OPTIN - can add self to the membership, and
  • OPTOUT - can remove self from membership.

Example:

PUT <url root>/bsp/groups/cbd01854-0261-49c0-96eb-c816f0c6da8c/privileges/urn:uuid:04574969-e851-4fbf-8535-0b81b9b3f2f3/?privilegetype=ACCESS&privilegename=ADMIN&allowed=T

Response

On success, a response with a "200 OK" HTTP status code will be returned.

Example HTTP Body:

<WsAssignGrouperPrivilegesResults>
    <resultMetadata>
        <resultCode>SUCCESS</resultCode>
        <resultMessage>Success for: clientVersion: 2.1.2, wsSubjects: Array size: 1: [0]:
            WsSubjectLookup[subjectId=urn:uuid:04574969-e851-4fbf-8535-0b81b9b3f2f3] , group:
            WsGroupLookup[groupName=458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:2b845688-88f8-4728-980a-071353b528e3],
            stem: null, privilege: ACCESS-Array size: 1: [0]: admin , allowed? true, actAsSubject:
            WsSubjectLookup[subjectId=urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418],
            replaceAllExisting: false , params: null</resultMessage>
        <success>T</success>
    </resultMetadata>
    <responseMetadata>
        <resultWarnings/>
        <millis>108</millis>
        <serverVersion>2.1.2</serverVersion>
    </responseMetadata>
    <wsGroup>
        <extension>2b845688-88f8-4728-980a-071353b528e3</extension>
        <typeOfGroup>group</typeOfGroup>
        <displayExtension>MyGroupName</displayExtension>
        <description>A better description</description>
        <displayName>bamboo:groups:MyGroupName</displayName>
        <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:2b845688-88f8-4728-980a-071353b528e3</name>
        <uuid>dac85da9850040cf9f88814e498ce4e4</uuid>
    </wsGroup>
    <results>
        <WsAssignGrouperPrivilegesResult>
            <resultMetadata>
                <resultCode>SUCCESS_ALLOWED</resultCode>
                <success>T</success>
            </resultMetadata>
            <privilegeName>admin</privilegeName>
            <privilegeType>access</privilegeType>
            <wsSubject>
                <resultCode>SUCCESS</resultCode>
                <success>T</success>
                <id>urn:uuid:04574969-e851-4fbf-8535-0b81b9b3f2f3</id>
                <name>earnest adams</name>
                <sourceId>postgresSubjectSource</sourceId>
            </wsSubject>
        </WsAssignGrouperPrivilegesResult>
    </results>
</WsAssignGrouperPrivilegesResults>

Exceptions

If an error occurred, some non-2xx code will be returned. Check the HTTP Status Code that is returned in the response's HTTP headers for the specific error. The following errors may be returned in response to the Get request:

Error (Status Code)

Meaning

Returned When

404

Not Found

If the group or Bamboo Person does not exist

401

Unauthorized

The client submitting the request is not a member of the Bamboo Trust Federation group or does not have privileges on the group

500

Internal Server Error

A service error prevented the resource from being returned

Delete a Group

An authenticated user can delete a group if they have the privilege.

Calling Method and Arguments

Invoked as an HTTP DELETE method. Send an HTTPS request of the form:

DELETE <url root>/bsp/groups/{groupid} HTTP/1.1


Example:

DELETE <url root>/bsp/groups/2b845688-88f8-4728-980a-071353b528e3

Response

On success, a response with a "200 OK" HTTP status code will be returned.

Example HTTP Body:

<WsGroupDeleteResults>
    <results>
        <WsGroupDeleteResult>
            <wsGroup>
                <extension>2b845688-88f8-4728-980a-071353b528e3</extension>
                <typeOfGroup>group</typeOfGroup>
                <displayExtension>MyGroupName</displayExtension>
                <description>A better description</description>
                <displayName>bamboo:groups:MyGroupName</displayName>
                <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:2b845688-88f8-4728-980a-071353b528e3</name>
                <uuid>dac85da9850040cf9f88814e498ce4e4</uuid>
            </wsGroup>
            <resultMetadata>
                <resultCode>SUCCESS</resultCode>
                <resultMessage>Group
                    &apos;458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:2b845688-88f8-4728-980a-071353b528e3&apos;
                    was deleted.</resultMessage>
                <success>T</success>
            </resultMetadata>
        </WsGroupDeleteResult>
    </results>
    <resultMetadata>
        <resultCode>SUCCESS</resultCode>
        <resultMessage>Success for: clientVersion: 2.1.2, wsGroupLookups: Array size: 1: [0]:
            WsGroupLookup[groupName=458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:2b845688-88f8-4728-980a-071353b528e3]
            , actAsSubject:
            WsSubjectLookup[subjectId=urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418], txType: NONE,
            includeGroupDetail: false, paramNames: , params: null</resultMessage>
        <success>T</success>
    </resultMetadata>
    <responseMetadata>
        <resultWarnings/>
        <millis>185</millis>
        <serverVersion>2.1.2</serverVersion>
    </responseMetadata>
</WsGroupDeleteResults>

Exceptions

If an error occurred, some non-2xx code will be returned. Check the HTTP Status Code that is returned in the response's HTTP headers for the specific error. The following errors may be returned in response to the Get request:

Error (Status Code)

Meaning

Returned When

404

Not Found

If the group does not exist

401

Unauthorized

The client submitting the request is not a member of the Bamboo Trust Federation group or does not have privileges on the group

500

Internal Server Error

A service error prevented the resource from being returned

Subject

Find Subject related Data for a Bamboo Person

An authenticated user can retrieve data about a Bamboo Person in a Groups Service context.

Calling Method and Arguments

Invoked as an HTTP GET method. Send an HTTPS request of the form:

GET <url root>/bsp/groups/subjects/?name="value" HTTP/1.1

Parameters:.

Parameter

Meaning

name

Bamboo Person name

Example:

GET <url root>/bsp/groups/subjects/?name=fred

Response

On success, a response with a "200 OK" HTTP status code will be returned.

Example HTTP Body:

 <WsGetSubjectsResults>
    <subjectAttributeNames>
        <string>description</string>
        <string>name</string>
    </subjectAttributeNames>
    <wsSubjects>
        <WsSubject>
            <resultCode>SUCCESS</resultCode>
            <success>T</success>
            <id>urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418</id>
            <name>fred farkle</name>
            <sourceId>postgresSubjectSource</sourceId>
            <attributeValues>
                <string>Freddie Farkle from the Voronoi Project</string>
                <string>fred farkle</string>
            </attributeValues>
        </WsSubject>
    </wsSubjects>
    <resultMetadata>
        <resultCode>SUCCESS</resultCode>
        <resultMessage>Queried 1 subjects</resultMessage>
        <success>T</success>
    </resultMetadata>
    <responseMetadata>
        <resultWarnings/>
        <millis>71</millis>
        <serverVersion>2.1.2</serverVersion>
    </responseMetadata>
</WsGetSubjectsResults>

Exceptions

If an error occurred, some non-2xx code will be returned. Check the HTTP Status Code that is returned in the response's HTTP headers for the specific error. The following errors may be returned in response to the Get request:

Error (Status Code)

Meaning

Returned When

400

Bad Request

If any of the arguments are invalid

500

Internal Server Error

A service error prevented the resource from being returned

Returns a Bamboo Person's Group Memberships

An authenticated user can obtain a Bamboo Person's groups memberships.

Calling Method and Arguments

Invoked as an HTTP GET method. Send an HTTPS request of the form:

GET <url root>/bsp/groups/subjects/{bpid} HTTP/1.1

Parameters:.

Parameter

Meaning

bpid

Bamboo Person identifier

Example:

GET <url root>/bsp/groups/subjects/urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418

Response

On success, a response with a "200 OK" HTTP status code will be returned.

Example HTTP Body:

<WsGetGroupsResults>
    <results>
        <WsGetGroupsResult>
            <wsGroups>
                <WsGroup>
                    <extension>87ba3c94-12b3-4e7e-96fc-3d5de3996bc0</extension>
                    <typeOfGroup>group</typeOfGroup>
                    <displayExtension>87ba3c94-12b3-4e7e-96fc-3d5de3996bc0</displayExtension>
                    <description>Group created by
                        urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418</description>
                    <displayName>bamboo:groups:1700997f-39c2-4241-b381-0373c9507f07:87ba3c94-12b3-4e7e-96fc-3d5de3996bc0</displayName>
                    <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:1700997f-39c2-4241-b381-0373c9507f07:87ba3c94-12b3-4e7e-96fc-3d5de3996bc0</name>
                    <uuid>781819e61e2640df8a353eae7ddd2a49</uuid>
                </WsGroup>
                <WsGroup>
                    <extension>0b19b547-91a6-46e1-bda1-18c7286049ee</extension>
                    <typeOfGroup>group</typeOfGroup>
                    <displayExtension>romp-2</displayExtension>
                    <displayName>bamboo:groups:romp-2</displayName>
                    <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:0b19b547-91a6-46e1-bda1-18c7286049ee</name>
                    <uuid>73d64e2e64334d4d9f1c555c07269a13</uuid>
                </WsGroup>
                <WsGroup>
                    <extension>xyz</extension>
                    <typeOfGroup>group</typeOfGroup>
                    <displayExtension>xyz</displayExtension>
                    <displayName>bamboo:groups:xyz</displayName>
                    <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:xyz</name>
                    <uuid>fcbbecbc6ecc47fa9b34898406aa5810</uuid>
                </WsGroup>
                <WsGroup>
                    <extension>xyz-3</extension>
                    <typeOfGroup>group</typeOfGroup>
                    <displayExtension>xyz-3</displayExtension>
                    <displayName>bamboo:groups:xyz-3</displayName>
                    <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:xyz-3</name>
                    <uuid>b14c776117d9499b8bc7822870d81c27</uuid>
                </WsGroup>
                <WsGroup>
                    <extension>cc4cf564-5a36-40e4-89c1-a44d7a40ebc5</extension>
                    <typeOfGroup>group</typeOfGroup>
                    <displayExtension>xyz-4</displayExtension>
                    <description>another xyz group</description>
                    <displayName>bamboo:groups:xyz-4</displayName>
                    <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:cc4cf564-5a36-40e4-89c1-a44d7a40ebc5</name>
                    <uuid>14f9fc1a9fc84e1dad31ce0e1bbdf6cf</uuid>
                </WsGroup>
                <WsGroup>
                    <extension>93bab6f0-666a-11e2-bcfd-0800200c9a66</extension>
                    <typeOfGroup>group</typeOfGroup>
                    <displayExtension>xyz-5</displayExtension>
                    <description>xyz-5</description>
                    <displayName>bamboo:groups:xyz-5</displayName>
                    <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:93bab6f0-666a-11e2-bcfd-0800200c9a66</name>
                    <uuid>d0576c7a4422497b8f2417ffd2a051fc</uuid>
                </WsGroup>
            </wsGroups>
            <resultMetadata>
                <resultCode>SUCCESS</resultCode>
                <success>T</success>
            </resultMetadata>
            <wsSubject>
                <resultCode>SUCCESS</resultCode>
                <success>T</success>
                <id>urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418</id>
                <name>fred farkle</name>
                <sourceId>postgresSubjectSource</sourceId>
            </wsSubject>
        </WsGetGroupsResult>
    </results>
    <resultMetadata>
        <resultCode>SUCCESS</resultCode>
        <resultMessage>Success for: clientVersion: 2.1.2, subjectLookups: Array size: 1: [0]:
            WsSubjectLookup[subjectId=urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418] memberFilter:
            All, includeGroupDetail: false, actAsSubject:
            WsSubjectLookup[subjectId=urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418] , params: null
            fieldName1: null , scope: null, wsStemLookup: null , stemScope: null, enabled: null,
            pageSize: null, pageNumber: null, sortString: null, ascending: null , pointInTimeFrom:
            null, pointInTimeTo: null</resultMessage>
        <success>T</success>
    </resultMetadata>
    <responseMetadata>
        <resultWarnings/>
        <millis>76</millis>
        <serverVersion>2.1.2</serverVersion>
    </responseMetadata>
</WsGetGroupsResults>


Exceptions

If an error occurred, some non-2xx code will be returned. Check the HTTP Status Code that is returned in the response's HTTP headers for the specific error. The following errors may be returned in response to the Get request:

Error (Status Code)

Meaning

Returned When

400

Bad Request

If any of the arguments are invalid

500

Internal Server Error

A service error prevented the resource from being returned

Returns Privileges for a Bamboo Person Against a Stem

An authenticated user can obtain a Bamboo Person's privileges for a stem.

Calling Method and Arguments

Invoked as an HTTP GET method. Send an HTTPS request of the form:

GET <url root>/bsp/groups/subjects/{bpid}/stem/privileges/{stemid} HTTP/1.1

Parameters:.

Parameter

Meaning

bpid

Bamboo Person identifier

stemidStem identifier

Example:

GET <url root>/bsp/groups/subjects/urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418/stem/privileges/cbd01854-0261-49c0-96eb-c816f0c6da8c

Response

On success, a response with a "200 OK" HTTP status code will be returned.

Example HTTP Body:

 <WsGetGrouperPrivilegesLiteResult>
    <resultMetadata>
        <resultCode>SUCCESS</resultCode>
        <success>T</success>
    </resultMetadata>
    <privilegeResults>
        <WsGrouperPrivilegeResult>
            <allowed>T</allowed>
            <ownerSubject>
                <resultCode>SUCCESS</resultCode>
                <success>T</success>
                <id>urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418</id>
                <name>fred farkle</name>
                <sourceId>postgresSubjectSource</sourceId>
            </ownerSubject>
            <privilegeName>create</privilegeName>
            <privilegeType>naming</privilegeType>
            <revokable>T</revokable>
            <wsStem>
                <extension>cbd01854-0261-49c0-96eb-c816f0c6da8c</extension>
                <displayExtension>cbd01854-0261-49c0-96eb-c816f0c6da8c</displayExtension>
                <description>A new description</description>
                <displayName>bamboo:groups:cbd01854-0261-49c0-96eb-c816f0c6da8c</displayName>
                <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:cbd01854-0261-49c0-96eb-c816f0c6da8c</name>
                <uuid>26b3ce457830493eb839f715c83c874b</uuid>
            </wsStem>
            <wsSubject>
                <resultCode>SUCCESS</resultCode>
                <success>T</success>
                <id>urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418</id>
                <name>fred farkle</name>
                <sourceId>postgresSubjectSource</sourceId>
            </wsSubject>
        </WsGrouperPrivilegeResult>
        <WsGrouperPrivilegeResult>
            <allowed>T</allowed>
            <ownerSubject>
                <resultCode>SUCCESS</resultCode>
                <success>T</success>
                <id>urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418</id>
                <name>fred farkle</name>
                <sourceId>postgresSubjectSource</sourceId>
            </ownerSubject>
            <privilegeName>stem</privilegeName>
            <privilegeType>naming</privilegeType>
            <revokable>T</revokable>
            <wsStem>
                <extension>cbd01854-0261-49c0-96eb-c816f0c6da8c</extension>
                <displayExtension>cbd01854-0261-49c0-96eb-c816f0c6da8c</displayExtension>
                <description>A new description</description>
                <displayName>bamboo:groups:cbd01854-0261-49c0-96eb-c816f0c6da8c</displayName>
                <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:cbd01854-0261-49c0-96eb-c816f0c6da8c</name>
                <uuid>26b3ce457830493eb839f715c83c874b</uuid>
            </wsStem>
            <wsSubject>
                <resultCode>SUCCESS</resultCode>
                <success>T</success>
                <id>urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418</id>
                <name>fred farkle</name>
                <sourceId>postgresSubjectSource</sourceId>
            </wsSubject>
        </WsGrouperPrivilegeResult>
    </privilegeResults>
    <responseMetadata>
        <resultWarnings/>
        <millis>65</millis>
        <serverVersion>2.1.2</serverVersion>
    </responseMetadata>
</WsGetGrouperPrivilegesLiteResult>

Exceptions

If an error occurred, some non-2xx code will be returned. Check the HTTP Status Code that is returned in the response's HTTP headers for the specific error. The following errors may be returned in response to the Get request:

Error (Status Code)

Meaning

Returned When

400

Bad Request

If any of the arguments are invalid

404Not FoundIf the stem does not exist

500

Internal Server Error

A service error prevented the resource from being returned

Returns Privileges for a Bamboo Person Against a Group

An authenticated user can obtain a Bamboo Person's privileges for a stem.

Calling Method and Arguments

Invoked as an HTTP GET method. Send an HTTPS request of the form:

GET <url root>/bsp/groups/subjects/{bpid}/group/privileges/{groupid} HTTP/1.1

Parameters:.

Parameter

Meaning

bpid

Bamboo Person identifier

groupidGroup identifier

Example:

GET <url root>/bsp/groups/subjects/urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418/group/privileges/cbd01854-0261-49c0-96eb-c816f0c6da8c:c101f936-d16a-49ef-b86c-c60e7c1771ec

Response

On success, a response with a "200 OK" HTTP status code will be returned.

Example HTTP Body:

 <WsGetGrouperPrivilegesLiteResult>
    <resultMetadata>
        <resultCode>SUCCESS</resultCode>
        <success>T</success>
    </resultMetadata>
    <privilegeResults>
        <WsGrouperPrivilegeResult>
            <allowed>T</allowed>
            <ownerSubject>
                <resultCode>SUCCESS</resultCode>
                <success>T</success>
                <id>urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418</id>
                <name>fred farkle</name>
                <sourceId>postgresSubjectSource</sourceId>
            </ownerSubject>
            <privilegeName>admin</privilegeName>
            <privilegeType>access</privilegeType>
            <revokable>T</revokable>
            <wsGroup>
                <extension>c101f936-d16a-49ef-b86c-c60e7c1771ec</extension>
                <typeOfGroup>group</typeOfGroup>
                <displayExtension>A groupname</displayExtension>
                <description>A group description</description>
                <displayName>bamboo:groups:cbd01854-0261-49c0-96eb-c816f0c6da8c:A
                    groupname</displayName>
                <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:cbd01854-0261-49c0-96eb-c816f0c6da8c:c101f936-d16a-49ef-b86c-c60e7c1771ec</name>
                <uuid>cafe50ab623d4af98b7faedf8b99563d</uuid>
            </wsGroup>
            <wsSubject>
                <resultCode>SUCCESS</resultCode>
                <success>T</success>
                <id>urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418</id>
                <name>fred farkle</name>
                <sourceId>postgresSubjectSource</sourceId>
            </wsSubject>
        </WsGrouperPrivilegeResult>
        <WsGrouperPrivilegeResult>
            <allowed>T</allowed>
            <ownerSubject>
                <resultCode>SUCCESS</resultCode>
                <success>T</success>
                <id>GrouperAll</id>
                <name>EveryEntity</name>
                <sourceId>g:isa</sourceId>
            </ownerSubject>
            <privilegeName>read</privilegeName>
            <privilegeType>access</privilegeType>
            <revokable>F</revokable>
            <wsGroup>
                <extension>c101f936-d16a-49ef-b86c-c60e7c1771ec</extension>
                <typeOfGroup>group</typeOfGroup>
                <displayExtension>A groupname</displayExtension>
                <description>A group description</description>
                <displayName>bamboo:groups:cbd01854-0261-49c0-96eb-c816f0c6da8c:A
                    groupname</displayName>
                <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:cbd01854-0261-49c0-96eb-c816f0c6da8c:c101f936-d16a-49ef-b86c-c60e7c1771ec</name>
                <uuid>cafe50ab623d4af98b7faedf8b99563d</uuid>
            </wsGroup>
            <wsSubject>
                <resultCode>SUCCESS</resultCode>
                <success>T</success>
                <id>urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418</id>
                <name>fred farkle</name>
                <sourceId>postgresSubjectSource</sourceId>
            </wsSubject>
        </WsGrouperPrivilegeResult>
        <WsGrouperPrivilegeResult>
            <allowed>T</allowed>
            <ownerSubject>
                <resultCode>SUCCESS</resultCode>
                <success>T</success>
                <id>GrouperAll</id>
                <name>EveryEntity</name>
                <sourceId>g:isa</sourceId>
            </ownerSubject>
            <privilegeName>view</privilegeName>
            <privilegeType>access</privilegeType>
            <revokable>F</revokable>
            <wsGroup>
                <extension>c101f936-d16a-49ef-b86c-c60e7c1771ec</extension>
                <typeOfGroup>group</typeOfGroup>
                <displayExtension>A groupname</displayExtension>
                <description>A group description</description>
                <displayName>bamboo:groups:cbd01854-0261-49c0-96eb-c816f0c6da8c:A
                    groupname</displayName>
                <name>458930f0-0716-11e2-892e-0800200c9a66:560d5c90-c23e-4e7c-903b-eab046b38cbc:cbd01854-0261-49c0-96eb-c816f0c6da8c:c101f936-d16a-49ef-b86c-c60e7c1771ec</name>
                <uuid>cafe50ab623d4af98b7faedf8b99563d</uuid>
            </wsGroup>
            <wsSubject>
                <resultCode>SUCCESS</resultCode>
                <success>T</success>
                <id>urn:uuid:c00f294d-651b-495b-9633-a900dd1a7418</id>
                <name>fred farkle</name>
                <sourceId>postgresSubjectSource</sourceId>
            </wsSubject>
        </WsGrouperPrivilegeResult>
    </privilegeResults>
    <responseMetadata>
        <resultWarnings/>
        <millis>68</millis>
        <serverVersion>2.1.2</serverVersion>
    </responseMetadata>
</WsGetGrouperPrivilegesLiteResult>

Exceptions

If an error occurred, some non-2xx code will be returned. Check the HTTP Status Code that is returned in the response's HTTP headers for the specific error. The following errors may be returned in response to the Get request:

Error (Status Code)

Meaning

Returned When

400

Bad Request

If any of the arguments are invalid

404Not FoundIf the group does not exist

500

Internal Server Error

A service error prevented the resource from being returned

SOA Layer API

See generated Javadoc for this service. Packages are org.projectbamboo.bsp.services.core.group.*.