VMware Cloud Community
befreeman
Enthusiast
Enthusiast
‎03-11-2015 09:39 AM
Jump to solution

Trying to find the array of administrators for a fabric group (EnterpriseAdminGroups)

Hi,

I'm not having much luck finding a way to determine the list of users in the "Fabric Administrators" shown in VRA (VCAC) using a script in VCO.  Does anyone have any insight on how I can go about getting the array of users?


I've been able to do it with business groups:

var groups = vCACCAFEEntitiesFinder.getBusinessGroups(vCACHost);

for (i in groups) {

    System.debug("groups[" + i + "]=" + groups[i]);

    var admins = groups[i].administrators;

}

So I'm looking for something similar but related to EnterpriseAdminGroups, which does not have the "administrators" property.

So far I only have this code, which isn't getting me the administrators:

var entities = vCACEntityManager.readModelEntitiesByCustomFilter(vCACHost.id, "ManagementModelEntities.svc", "EnterpriseAdminGroups", null, null);

System.log("Enterprise Admin Groups found: "+entities.length);

var prop = new Properties();

for each (var entity in entities) {

    System.debug("\n\nentity: " + entity);

    prop.put(entity.getProperty("AdminName"));

}

Thanks!

0 Kudos
1 Solution

Accepted Solutions
befreeman
Enthusiast
Enthusiast
‎04-01-2015 08:19 AM
Jump to solution

Ok I think I eventually figured it out.  The action created is getFabricGroupAdminByVirtualMachine(vCAC:VCACHost vCACHost, vCACCAFE:VCACHost vCACCAFEHost, vCAC:VirtualMachine virtualMachine).  The method will return a String value of the username found as a fabric admin for one of the fabric groups for the compute resource that the VM belongs to.

Here is the code:

if (!vCACHost) {

    throw "Missing vCACHost (vCAC:VCACHost)";

}

if (!vCACCAFEHost) {

    throw "Missing vCACCAFEHost (vCACCAFE:VCACHost)";

}

if (!virtualMachine) {

    throw "Missing virtualMachine (vCAC:VirtualMachine)";

}

var vchost = virtualMachine.getEntity().getLink(vCACHost, 'Host')[0];

var fabricGroups = vchost.getLink(vCACHost, 'EnterpriseAdminGroups');

var tenantName = vCACCAFEHost.tenant;

var authorClient = vCACCAFEHost.createAuthorizationClient();

var authorPrincipalSvc = authorClient.getAuthorizationPrincipalService();

var currPage = 1;

var numPages = 1;

var maxItemsPerPage = 25;

// loop through each page

while (currPage <= numPages) {

  var page = new vCACCAFEPageOdataRequest(currPage, maxItemsPerPage);

  var princExtResult = authorPrincipalSvc.getPrincipalExtensions(tenantName, page);

  // update with the resulting number of pages

  numPages = princExtResult.getMetadata().getTotalPages();

  for (var i in princExtResult.getContent()) {

     var princExt = princExtResult.getContent()[i];

     var scopes = princExt.getScopes();

     for (var j in scopes) {

         var scope = scopes[j];

            for (k in fabricGroups) {

         if (scope.getName() === fabricGroups[k].getProperty('AdminName')) {

             var scopeRoles = scope.getPrincipalScopeRole();

             for (var x in scopeRoles) {

                 if (scopeRoles[x].getName() === "Enterprise Administrator") {

                     // found a fabric admin

                     System.debug("Found fabric group admin: " + princExt.getDisplayName());

                     return princExt.getDisplayName();

                 }

         }

     }

  }

     }

  }

  currPage++;

}

// no user found

return null;

View solution in original post

0 Kudos
2 Replies
befreeman
Enthusiast
Enthusiast
‎03-11-2015 04:25 PM
Jump to solution

Ok, this seems to be working for me:

var fabricGroup = "MyFabricGroup";

var authorClient = myVcacCafeVcacHost.createAuthorizationClient();

var authorPrincipalSvc = authorClient.getAuthorizationPrincipalService();

// I think this will break if there are multiple pages

var princExtResult = authorPrincipalSvc.getPrincipalExtensions('vsphere.local');

var fabricGroupAdmins = new Array();

for (i in princExtResult.getContent()) {

    var princExt = princExtResult.getContent()[i];

    var scopes = princExt.getScopes();

    eachuser:for (j in scopes) {

        var scope = scopes[j];

        if (scope.getName() === fabricGroup) {

            var scopeRoles = scope.getPrincipalScopeRole();

            for (x in scopeRoles) {

                if (scopeRoles[x].getName() === "Enterprise Administrator") {

                    // found a fabric admin

                    fabricGroupAdmins.push(princExt.getDisplayName());

                    break eachuser;

                }

            }

        }

    }

}

System.log("found users = " + fabricGroupAdmins);

I don't like the nested loops though.  I tried getting a query to work but I've never done that before and couldn't get it to work for getPrincipalExtensions(?_tenant, ?_pageable).  Anyone have experience with using pageable?

0 Kudos
befreeman
Enthusiast
Enthusiast
‎04-01-2015 08:19 AM
Jump to solution

Ok I think I eventually figured it out.  The action created is getFabricGroupAdminByVirtualMachine(vCAC:VCACHost vCACHost, vCACCAFE:VCACHost vCACCAFEHost, vCAC:VirtualMachine virtualMachine).  The method will return a String value of the username found as a fabric admin for one of the fabric groups for the compute resource that the VM belongs to.

Here is the code:

if (!vCACHost) {

    throw "Missing vCACHost (vCAC:VCACHost)";

}

if (!vCACCAFEHost) {

    throw "Missing vCACCAFEHost (vCACCAFE:VCACHost)";

}

if (!virtualMachine) {

    throw "Missing virtualMachine (vCAC:VirtualMachine)";

}

var vchost = virtualMachine.getEntity().getLink(vCACHost, 'Host')[0];

var fabricGroups = vchost.getLink(vCACHost, 'EnterpriseAdminGroups');

var tenantName = vCACCAFEHost.tenant;

var authorClient = vCACCAFEHost.createAuthorizationClient();

var authorPrincipalSvc = authorClient.getAuthorizationPrincipalService();

var currPage = 1;

var numPages = 1;

var maxItemsPerPage = 25;

// loop through each page

while (currPage <= numPages) {

  var page = new vCACCAFEPageOdataRequest(currPage, maxItemsPerPage);

  var princExtResult = authorPrincipalSvc.getPrincipalExtensions(tenantName, page);

  // update with the resulting number of pages

  numPages = princExtResult.getMetadata().getTotalPages();

  for (var i in princExtResult.getContent()) {

     var princExt = princExtResult.getContent()[i];

     var scopes = princExt.getScopes();

     for (var j in scopes) {

         var scope = scopes[j];

            for (k in fabricGroups) {

         if (scope.getName() === fabricGroups[k].getProperty('AdminName')) {

             var scopeRoles = scope.getPrincipalScopeRole();

             for (var x in scopeRoles) {

                 if (scopeRoles[x].getName() === "Enterprise Administrator") {

                     // found a fabric admin

                     System.debug("Found fabric group admin: " + princExt.getDisplayName());

                     return princExt.getDisplayName();

                 }

         }

     }

  }

     }

  }

  currPage++;

}

// no user found

return null;

0 Kudos