List of roles (all roles)

BrandonSHill · August 12, 2016, 8:07pm

Is there a way to get a list of all roles on the gateway under the a specified user source? Not just a specific user, but all roles? Working on building out a tree view that is stored all in the DB and creating an administration screen for it. But needing to be able to pull a list of roles to finish it out.

Kevin.Herron · August 12, 2016, 8:11pm

Like this? docs.inductiveautomation.com:84 … r.getRoles

hachjessed · July 10, 2020, 5:58pm

Is it possible to return a list of roles(not Ignition created roles) per user from an Active Directory user source? If I use a system.security.getRoles() and the Gateway User Source is set to the desired source is the only way to return these values. Is there any other way of accessing roles(not Ignition created) from an Active Directory user source that is not set as the Gateway User Source?

code_skin · July 10, 2020, 6:07pm

You can achieve this with system.user.getUsers()
You’ll specify the user data source (ex. ‘AD User Source’) and from there you can getRoles() for a specific user or all users.
https://docs.inductiveautomation.com/display/DOC80/system.user.getUser
https://docs.inductiveautomation.com/display/DOC80/system.user.getUsers

Edit Example, this will print the role for the currently logged in user:

userName = system.security.getUsername()
user = system.user.getUser("AD User Source", userName)
print user.getRoles()

hachjessed · July 10, 2020, 6:49pm

This definitely works to return the Ignition added User Information. Maybe a better question would be, how am I returning Microsoft AD(LDAP) related information when using system.security.getRoles()?

code_skin · July 10, 2020, 6:55pm

I'm not following.

system.security.getRoles() returns my AD roles no problems.

If you have multiple user sources in your gateway and your projects default user source is NOT the AD user source then system.security.getRoles() will not work. You'll need to make use of system.user.getUser()/Users()

code_skin · July 10, 2020, 7:26pm

Here's an example that should do just that:

users = system.user.getUsers('MY AD USERSOURCE NAME')
for user in users:
	print user.get('username'), user.getRoles()

Please change "MY AD USERSOURCE NAME" to match your AD user source name.

hachjessed · July 10, 2020, 7:27pm

Let me try another explanation.
The User Source I am attempting to access has no users or roles added.

When I use the system.security.getRoles() function I return a tuple of string values, which are our companies AD groups that the user is a member of. These are the values I am looking for, but I would like to know why/how these values are being accessed and how to replicate this if the Gateway User Source is not set to the User Source I’m looking to getRoles from.

hachjessed · July 10, 2020, 7:37pm

This returns no results with ADUSERSOURCE1. If I use a ADUSERSOURCE2 that contains Ignition created users and roles, it does return these usernames and roles.

code_skin · July 10, 2020, 7:51pm

Sounds like your Active Directory Properties and/or LDAP Settings are not correctly setup for your environment?
By configuring your Active Directory Properties and/or LDAP Settings to retrieve your AD users the above script would print each user and roles.