I need to add a specific role to a user using the Splunk SDK.
I can list the users and find the roles owned by the user I want to add a role to. But, I can't work out how to access and update that user object. I've tried to use a number of variations on "services.user.name", "service.user.content" etc etc, but can't get anything with "service.user.xxxxxx" to work. The calls to service.roles.xxxxxx and service.users.xxxxxx both work as advertised.
Does anyone have any examples as to how to use the splunklib.client.User class? Any help to point me in the right direction greatly appreciated.
newrolename="new_role"
newrole = service.roles.create(newrolename)
kwargs = {"sort_key": "realname", "sort_dir": "asc"}
users = service.users.list(count=-1,**kwargs)
for user in users:
username=user.name
logger.info(username)
logger.info("username="+username+", current_user="+current_user)
if user.name == current_user:
logger.info("username==current_user")
user_roles=[newrolename]
for role in user.role_entities:
user_roles.append(role.name)
logger.info(user_roles)
#service.user.name # - seems to do nothing (when uncommented)
#TODO: get user object?? update user object to add role to user??
Hi @aldonnelley,
As you want to add role to user, so here I am assuming that you have local user on splunk not LDAP user, right ?
If you have LDAP users in that case you can't assign role directly to user because role based access is mapped with LDAP group.
Hi, @harsmarvania57
Thanks for your response. That's an excellent point. I will have both local and LDAP users...
So I guess I'm going to have to come up with a way for the app to manage its own local permissions for the feature. Which is fine - it's not a critical security feature, more just about keeping low-level users from meddling with a few things they shouldn't.
Thanks again.