3 Replies Latest reply on Feb 2, 2012 6:36 AM by Vero NameToUpdate

    get Instance's access control list

      Hello, we have some custom property classes with their instances set.

      What I need is a blcli script to retrieve the Control Access List (permissions) of those instances.

       

      Untitled.gif

       

      So far, I've only achieved to retrieve the role used to create an instance, but not the control access list:

       

      blcli_execute PropertySetInstance findVisiblePropertySetInstanceByFullyQualifiedName "Class://SystemObject/ClassName/InstanceName"

       

      blcli_execute Utility storeTargetObject propInst

      blcli_execute PropertySetInstance getRoleCreated

       

      I also used the method getAllPropertyNameValuesMap to retrieve instance's properties and values, but control access list is not there.

       

      blcli_execute PropertySetInstance getAllPropertyNameValuesMap "Class://SystemObject/ClassName/InstanceName"


      Any ideas?

      Thanks in advanced

      Vero

        • 1. Re: get Instance's access control list

          Hello, I am finally getting something:

           

          blcli_execute PropertySetInstance findVisiblePropertySetInstanceByFullyQualifiedName "Class://SystemObject/ClassName/InstanceName"


          blcli_execute Utility storeTargetObject propInst

          blcli_execute PropertySetInstance getBlAcl

          blcli_execute Utility setTargetObject

          blcli_execute Utility storeTargetObject instAcl

          blcli_execute BlAcl aclToString NAMED_OBJECT=instAcl

           

          What I get is this:

           

          com.bladelogic.model.rbac.BlAclImpl@1b4e0080com.bladelogic.model.rbac.BlAclImpl@1b4e0080com.bladelogic.model.rbac.BlAclImpl@1b4e0080

          Everyone    PropertyInstance.Read

          BLAdmins    PropertyInstance.*

           

          I would prefer to get a list, but I couldn't  figure out how to do this. Anyways, I can manage with this data.

          The problem is that I need a python script, but I can't make it work:

           

          jli.run(['PropertySetInstance', 'findVisiblePropertySetInstanceByFullyQualifiedName', str(instanceName)])

          jli.run(['Utility','storeTargetObject', 'propInst'])

          jli.run(['PropertySetInstance', 'getBlAcl'])

          jli.run(['Utility','setTargetObject'])

          jli.run(['Utility','storeTargetObject', 'instAcl'])

          cmdRespCLI = jli.run(['BlAcl', 'aclToString', 'NAMED_OBJECT=instAcl'])

           

          if(cmdRespCLI.success()):

                    print cmdRespCLI.returnValue

          else

                    print "Error"


          I cant get the final result, I always get "Error" printed. Any ideas?

          Thanks in advanced.

          Vero


          • 2. get Instance's access control list

            In that case, have you tried looking at other methods available aob object cmdRespCLI , like getError() and see if it is returnign any error or something.

            Just use that and see what is happening in the else part of it.

            If you get the error string I may be able to tell you whats wrong ?

             

             

             

            • 3. Re: get Instance's access control list

              Finally I found it, I am using another method to retrieve the Control Access list (BlAcl.getAceIterator):

               

              #get instance object

              jli.run(['PropertySetInstance', 'findVisiblePropertySetInstanceByFullyQualifiedName', str(instanceName)])

              jli.run(['Utility','setTargetObject'])

               

               

              #get ACL related to Instance

              jli.run(['PropertySetInstance', 'getBlAcl'])

              jli.run(['Utility','setTargetObject'])

               

               

              #get ACEs related to ACL

              cmdRespCLIitr = jli.run(['BlAcl', 'getAceIterator'])

               

              #iterate through ACEs

              if(cmdRespCLIitr.success()):

                        for objElement in cmdRespCLIitr.returnValue:

                                  print str(objElement)

              else

                        print "Error"

               

               

              Thanks everyone!

              Vero