Service - Role

Class: VMware.Hv.Role
See also: MapEntry, RoleBase, RoleId, RoleInfo
Since: Horizon View 6.0

Service Description

Information about a role. This represents a name and description tied to a set of admin privileges. Privileges represents certain actions allowed by an admin on various resources. Roles may either be system defined (builtin) or admin created (custom). Different sets of privileges may be defined depending on the role type. Only custom roles may be edited.

Methods

Methods defined in this Service
Role_Create, Role_Delete, Role_Get, Role_List, Role_Update

Role_Create

Add a new custom role.

Privileges

Privilege	Description
GLOBAL_ROLE_MANAGEMENT	Role management privilege is required to create a role.

Parameters

Name	Type	Description
_this	ManagedObjectReference	A reference to the Role used to make the method call.
base	RoleBase	attributes needed to add a role

Return Value

Type	Description
RoleId	unique identifier

Faults

Type	Description
EntityNotFound	Thrown if any specified entity cannot be found.
InsufficientPermission	Thrown if the user does not have sufficient permission to perform the operation.
InvalidArgument	Thrown if any specified argument is invalid.
InvalidType	Thrown if the type of any specified argument is invalid.
UnexpectedFault	Thrown if an unexpected error occurs while performing the operation.

Events

Event	Description
ADMIN_ROLE_ADDED	Sent when a role is successfully created.
ADMIN_ROLE_ADD_FAILED	Sent when a role fails to be created.

Show WSDL type definition

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vdi="urn:vdi" xmlns:vim25="urn:vim25" name="Role_Create" type="vdi:Role_CreateRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vdi="urn:vdi" xmlns:vim25="urn:vim25" name="Role_CreateResponse">
            <complexType>
               <sequence>
                  <element name="returnval" type="vdi:RoleId"/>
               </sequence>
            </complexType>
         </element>

Role_Delete

Delete a given role and all permissions associated with it. This is only allowed for custom roles. Attempting to delete a builtin role will result in an InvalidRequest exception.

Privileges

Privilege	Description
GLOBAL_ROLE_MANAGEMENT	Role management privilege is necessary to delete a role.
GLOBAL_PERMISSION_VIEW	Permission read access privilege is necessary to delete a role.

Parameters

Name	Type	Description
_this	ManagedObjectReference	A reference to the Role used to make the method call.
id	RoleId	RoleId of entity to delete.

Return Value

Type	Description
None

Faults

Type	Description
EntityNotFound	Thrown if any specified entity cannot be found.
InsufficientPermission	Thrown if the user does not have sufficient permission to perform the operation.
InvalidArgument	Thrown if any specified argument is invalid.
InvalidType	Thrown if the type of any specified argument is invalid.
UnexpectedFault	Thrown if an unexpected error occurs while performing the operation.

Events

Event	Description
ADMIN_ROLE_REMOVED	Sent when a role is successfully deleted.
ADMIN_ROLE_REMOVE_FAILED	Sent when a role fails to be deleted.

Show WSDL type definition

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vdi="urn:vdi" xmlns:vim25="urn:vim25" name="Role_Delete" type="vdi:Role_DeleteRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vdi="urn:vdi" xmlns:vim25="urn:vim25" name="Role_DeleteResponse">
            <complexType/>
         </element>

Role_Get

Get an role by Id.

Privileges

Privilege	Description
GLOBAL_ROLE_VIEW	Role read access privilege is required to read a role.
GLOBAL_PERMISSION_VIEW	Permission read access privilege is required to include any permission information in a role.

Parameters

Name	Type	Description
_this	ManagedObjectReference	A reference to the Role used to make the method call.
id	RoleId	RoleId of entity to get.

Return Value

Type	Description
RoleInfo	requested role entity.

Faults

Type	Description
EntityNotFound	Thrown if any specified entity cannot be found.
InsufficientPermission	Thrown if the user does not have sufficient permission to perform the operation.
InvalidArgument	Thrown if any specified argument is invalid.
InvalidType	Thrown if the type of any specified argument is invalid.
UnexpectedFault	Thrown if an unexpected error occurs while performing the operation.

Show WSDL type definition

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vdi="urn:vdi" xmlns:vim25="urn:vim25" name="Role_Get" type="vdi:Role_GetRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vdi="urn:vdi" xmlns:vim25="urn:vim25" name="Role_GetResponse">
            <complexType>
               <sequence>
                  <element name="returnval" type="vdi:RoleInfo"/>
               </sequence>
            </complexType>
         </element>

Role_List

Lists all the roles.

Privileges

Privilege	Description
GLOBAL_ROLE_VIEW	Role read access privilege is required to read all role.
GLOBAL_PERMISSION_VIEW	Permission read access privilege is required to include any permission information in any roles.

Parameters

Name	Type	Description
_this	ManagedObjectReference	A reference to the Role used to make the method call.

Return Value

Type	Description
RoleInfo[]	The list of roles.

Faults

Type	Description
EntityNotFound	Thrown if any specified entity cannot be found.
InsufficientPermission	Thrown if the user does not have sufficient permission to perform the operation.
InvalidArgument	Thrown if any specified argument is invalid.
InvalidType	Thrown if the type of any specified argument is invalid.
UnexpectedFault	Thrown if an unexpected error occurs while performing the operation.

Show WSDL type definition

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vdi="urn:vdi" xmlns:vim25="urn:vim25" name="Role_List" type="vdi:Role_ListRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vdi="urn:vdi" xmlns:vim25="urn:vim25" name="Role_ListResponse">
            <complexType>
               <sequence>
                  <element name="returnval" type="vdi:RoleInfo" minOccurs="0" maxOccurs="unbounded"/>
               </sequence>
            </complexType>
         </element>

Role_Update

Update given role with the set of attributes in the map. This is only allowed on custom roles. Attempting to update a builtin role will result in an InvalidRequest exception. Note that certain privileges expand into selectable child privileges upon creation. These child privileges must be removed as well if the parent is removed in an update.

Privileges

Privilege	Description
GLOBAL_ROLE_MANAGEMENT	Role management privilege is required to update a role.

Parameters

Name

Type

Description

_this

ManagedObjectReference

A reference to the Role used to make the method call.

RoleId

RoleId of entity to update.

updates

MapEntry[]

key value pairs describing attributes to be updated

This parameter is an update map based on RoleInfo.

Return Value

Type	Description
None

Faults

Type	Description
EntityNotFound	Thrown if any specified entity cannot be found.
InsufficientPermission	Thrown if the user does not have sufficient permission to perform the operation.
InvalidArgument	Thrown if any specified argument is invalid.
InvalidType	Thrown if the type of any specified argument is invalid.
UnexpectedFault	Thrown if an unexpected error occurs while performing the operation.

Events

Event	Description
ADMIN_ROLE_PRIV_UPDATED	Sent when a role is successfully updated.
ADMIN_ROLE_PRIV_UPDATE_FAILED	Sent when a role fails to be updated.

Show WSDL type definition

         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vdi="urn:vdi" xmlns:vim25="urn:vim25" name="Role_Update" type="vdi:Role_UpdateRequestType"/>
         <element xmlns="http://www.w3.org/2001/XMLSchema" xmlns:vdi="urn:vdi" xmlns:vim25="urn:vim25" name="Role_UpdateResponse">
            <complexType/>
         </element>