assignRoleToGroup()

Security Requirements and Controls

Manage users API permission

API Stability Long-Term

The assignRoleToGroup() GraphQL mutation assigns a role to a group for a given view.

For more information on roles in LogScale, see the Manage Users and Permissions documentation page. To assign roles to a group with the user interface instead of GraphQL, see Assign Roles to Groups.

Syntax

Below is the syntax for the assignRoleToGroup() mutation field:

graphql

assignRoleToGroup(
      input: AssignRoleToGroupInput!
   ): AssignRoleToGroupMutation!

Below is an example of how this mutation field might be used:

Raw

graphql

mutation {
  assignRoleToGroup(input: 
          { viewId: "aK9GKAsTnMXfRxT8Fpecx3fX",
            groupId: "Kj3SzghhYxdjz8X6XIxZ2EhaVTrMuSpo", 
            roleId: "pFLOxe7C8zkNbWOSP8VartJ0I6Kz0eK2"} )
     { group { role {id, displayName, viewPermissions} } }
}

Mac OS or Linux (curl)

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
  assignRoleToGroup(input: 
          { viewId: \"aK9GKAsTnMXfRxT8Fpecx3fX\",
            groupId: \"Kj3SzghhYxdjz8X6XIxZ2EhaVTrMuSpo\", 
            roleId: \"pFLOxe7C8zkNbWOSP8VartJ0I6Kz0eK2\"} )
     { group { role {id, displayName, viewPermissions} } }
}"
}
EOF

Mac OS or Linux (curl) One-line

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql \
    -H "Authorization: Bearer $TOKEN" \
    -H "Content-Type: application/json" \
    -d @- << EOF
{"query" : "mutation {
  assignRoleToGroup(input: 
          { viewId: \"aK9GKAsTnMXfRxT8Fpecx3fX\",
            groupId: \"Kj3SzghhYxdjz8X6XIxZ2EhaVTrMuSpo\", 
            roleId: \"pFLOxe7C8zkNbWOSP8VartJ0I6Kz0eK2\"} )
     { group { role {id, displayName, viewPermissions} } }
}"
}
EOF

Windows Cmd and curl

shell

curl -v -X POST $YOUR_LOGSCALE_URL/graphql ^
    -H "Authorization: Bearer $TOKEN" ^
    -H "Content-Type: application/json" ^
    -d @'{"query" : "mutation { ^
  assignRoleToGroup(input:  ^
          { viewId: \"aK9GKAsTnMXfRxT8Fpecx3fX\", ^
            groupId: \"Kj3SzghhYxdjz8X6XIxZ2EhaVTrMuSpo\",  ^
            roleId: \"pFLOxe7C8zkNbWOSP8VartJ0I6Kz0eK2\"} ) ^
     { group { role {id, displayName, viewPermissions} } } ^
}" ^
} '

Windows Powershell and curl

powershell

curl.exe -X POST 
    -H "Authorization: Bearer $TOKEN"
    -H "Content-Type: application/json"
    -d '{"query" : "mutation {
  assignRoleToGroup(input: 
          { viewId: \"aK9GKAsTnMXfRxT8Fpecx3fX\",
            groupId: \"Kj3SzghhYxdjz8X6XIxZ2EhaVTrMuSpo\", 
            roleId: \"pFLOxe7C8zkNbWOSP8VartJ0I6Kz0eK2\"} )
     { group { role {id, displayName, viewPermissions} } }
}"
}'
    "$YOUR_LOGSCALE_URL/graphql"

Perl

perl

#!/usr/bin/perl

use HTTP::Request;
use LWP;

my $TOKEN = "TOKEN";

my $uri = '$YOUR_LOGSCALE_URL/graphql';

my $query = "mutation {
  assignRoleToGroup(input: 
          { viewId: \"aK9GKAsTnMXfRxT8Fpecx3fX\",
            groupId: \"Kj3SzghhYxdjz8X6XIxZ2EhaVTrMuSpo\", 
            roleId: \"pFLOxe7C8zkNbWOSP8VartJ0I6Kz0eK2\"} )
     { group { role {id, displayName, viewPermissions} } }
}";
$query =~ s/\n/ /g;
my $json = sprintf('{"query" : "%s"}',$query);
my $req = HTTP::Request->new("POST", $uri );

$req->header("Authorization" => "Bearer $TOKEN");
$req->header("Content-Type" => "application/json");

$req->content( $json );

my $lwp = LWP::UserAgent->new;

my $result = $lwp->request( $req );

print $result->{"_content"},"\n";

Python

python

#! /usr/local/bin/python3

import requests

url = '$YOUR_LOGSCALE_URL/graphql'
mydata = r'''{"query" : "mutation {
  assignRoleToGroup(input: 
          { viewId: \"aK9GKAsTnMXfRxT8Fpecx3fX\",
            groupId: \"Kj3SzghhYxdjz8X6XIxZ2EhaVTrMuSpo\", 
            roleId: \"pFLOxe7C8zkNbWOSP8VartJ0I6Kz0eK2\"} )
     { group { role {id, displayName, viewPermissions} } }
}"
}'''

resp = requests.post(url,
                     data = mydata,
                     headers = {
   "Authorization" : "Bearer $TOKEN",
   "Content-Type" : "application/json"
}
)

print(resp.text)

Node.js

javascript

const https = require('https');

const data = JSON.stringify(
    {"query" : "mutation {
  assignRoleToGroup(input: 
          { viewId: \"aK9GKAsTnMXfRxT8Fpecx3fX\",
            groupId: \"Kj3SzghhYxdjz8X6XIxZ2EhaVTrMuSpo\", 
            roleId: \"pFLOxe7C8zkNbWOSP8VartJ0I6Kz0eK2\"} )
     { group { role {id, displayName, viewPermissions} } }
}"
}
);


const options = {
  hostname: '$YOUR_LOGSCALE_URL',
  path: 'graphql',
  port: 443,
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    'Content-Length': data.length,
    Authorization: 'BEARER ' + process.env.TOKEN,
    'User-Agent': 'Node',
  },
};

const req = https.request(options, (res) => {
  let data = '';
  console.log(`statusCode: ${res.statusCode}`);

  res.on('data', (d) => {
    data += d;
  });
  res.on('end', () => {
    console.log(JSON.parse(data).data);
  });
});

req.on('error', (error) => {
  console.error(error);
});

req.write(data);
req.end();

Example Responses

Success (HTTP Response Code 200 OK)

json

{
  "data": {
    "assignRoleToGroup": {
      "group": {
        "role": {
          "id": "pFLOxe7C8zkNbWOSP8VartJ0I6Kz0eK2",
          "displayName": "Member",
          "viewPermissions": [
            "ChangeDashboards",
            "ChangeSavedQueries",
            "ChangeTriggers",
            "ChangeFiles",
            "ChangeParsers",
            "ReadAccess"
          ]
        }
      }
    }
  }
}

Given Datatypes

For AssignRoleToGroupInput, there are a few parameters that may be given. Below is a list of them along with a description of each:

Table: AssignRoleToGroupInput

Parameter	Type	Required	Stability	Description
Some arguments may be required, as indicated in the Required column. For return datatypes, this indicates that you must specify which fields you want returned in the results.
Table last updated: Sep 17, 2024
groupId	string	yes	`Long-Term`	The unique identifier of the group being assigned.
overrideExistingAssignmentsForView	boolean		`Long-Term`	Whether to override any existing assignments for a view.
roleId	string	yes	`Long-Term`	The unique identifier of the role being assigned.
viewId	string	yes	`Long-Term`	The unique identifier of the view.

Returned Datatypes

AssignRoleToGroupMutation has one parameter, with some sub-parameters:

Table: AssignRoleToGroupMutation

Parameter	Type	Required	Stability	Description
Some arguments may be required, as indicated in the Required column. For return datatypes, this indicates that you must specify which fields you want returned in the results.
Table last updated: Sep 23, 2024
group	SearchDomainRole	yes	`Long-Term`	The group for which to assign role. See SearchDomainRole.

Versions of this Page

GraphQL Mutations

GraphQL API Stability

GraphQL Groups

GraphQL Queries

GraphQL Datatypes