VMware vSphere SDKs and Tools 6.5

8.0 7.0 6.7 6.5

Setting, Changing, or Deleting Permissions

The
Permission
 data object associates the privileges required to perform an action on an object with the principals (user, group). Principals have privileges through their role. To set or update permissions on an object, use the
AuthorizationManager.SetEntityPermissions
 method.
To set permissions on an entity, use the following steps.
  1. Obtain a reference to the
    AuthorizationManager
     for the server from the
    ServiceContent
     object associated with the
    ServiceInstance
    . For example: 
    ManagedObjectReference hostAuthorizationManager = service.getAuthorizationManager();
  2. Create a
    Permission
     data object that identifies the user (or group) name, the role, the entity to which the permission should apply, and whether the permission should be applied to the entity’s children.
    For example, the following code fragment creates a permission on the root folder of the inventory granting a user Administrator role to the root folder and all its children. 
    Permission per = new Permission();
per.setGroup(false);
per.setPrincipal(“new_user_name”);
per.setRoleId(-1);
per.setPropagate(true);
per.setEntity(rootFolder);
    Permissions cannot be set directly on children in a complex entity. For complex entities, set permissions on the parent entity and set the
    propagate
     flag to true to apply permissions to the child entities.
    To replace existing permissions with a new set of permissions, use the
    AuthorizationManager.ResetEntityPermissions
     method.

Content feedback and comments