Splunk Dev
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How do you add a role to a user with Splunk Python SDK?

aldonnelley
Explorer
‎09-18-2018 07:01 PM

I need to add a specific role to a user using the Splunk SDK.

I can list the users and find the roles owned by the user I want to add a role to. But, I can't work out how to access and update that user object. I've tried to use a number of variations on "services.user.name", "service.user.content" etc etc, but can't get anything with "service.user.xxxxxx" to work. The calls to service.roles.xxxxxx and service.users.xxxxxx both work as advertised.

Does anyone have any examples as to how to use the splunklib.client.User class? Any help to point me in the right direction greatly appreciated.

newrolename="new_role"
newrole = service.roles.create(newrolename)
kwargs = {"sort_key": "realname", "sort_dir": "asc"}
users = service.users.list(count=-1,**kwargs)
for user in users:
    username=user.name
    logger.info(username)
    logger.info("username="+username+", current_user="+current_user)
    if user.name == current_user:
        logger.info("username==current_user")
        user_roles=[newrolename]
        for role in user.role_entities:
            user_roles.append(role.name)
            logger.info(user_roles)
            #service.user.name # - seems to do nothing (when uncommented)
            #TODO: get user object?? update user object to add role to user??
0 Karma
Reply

harsmarvania57
Ultra Champion
‎09-20-2018 07:03 AM

Hi @aldonnelley,

As you want to add role to user, so here I am assuming that you have local user on splunk not LDAP user, right ?
If you have LDAP users in that case you can't assign role directly to user because role based access is mapped with LDAP group.

0 Karma
Reply

aldonnelley
Explorer
‎09-20-2018 03:16 PM

Hi, @harsmarvania57

Thanks for your response. That's an excellent point. I will have both local and LDAP users...
So I guess I'm going to have to come up with a way for the app to manage its own local permissions for the feature. Which is fine - it's not a critical security feature, more just about keeping low-level users from meddling with a few things they shouldn't.

Thanks again.

0 Karma
Reply
Get Updates on the Splunk Community!

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...

Introducing the 2024 Splunk MVPs!

We are excited to announce the 2024 cohort of the Splunk MVP program. Splunk MVPs are passionate members of ...