changeUserAndGroupRolesForSearchDomain()

The changeUserAndGroupRolesForSearchDomain() GraphQL mutation field is used to change the user and group roles for a search domain.

For more information on roles in LogScale, see the Manage users & permissions documentation page. You may also want to look at Manage users & permissions for related information.

Syntax

Below is the syntax for the changeUserAndGroupRolesForSearchDomain() mutation field:

graphql

changeUserAndGroupRolesForSearchDomain(
      searchDomainId: string!
      groups: [GroupRoleAssignment!]!
      users: [UserRoleAssignment!]!
   ): [UserOrGroup!]!

Given Datatypes

For the input (i.e., GroupRoleAssignment), there are several parameters that may be given. Below is a list of them along with their datatypes and a description of each:

Table: GroupRoleAssignment

Parameter	Type	Required	Description
Some arguments may be required, as indicated in the Required column. For some fields, this column indicates that a result will always be returned for this column.
Table last updated: Sep 18, 2024
`groupId`	string	yes	The unique identifier for the group related to the role.
`roleId`	string	yes	The unique identifier of the role.

Another special given parameter is the UserRoleAssignment data type. Below is a list of parameters for it, along with their datatypes and a description of each:

Table: UserRoleAssignment

Parameter	Type	Required	Description
Some arguments may be required, as indicated in the Required column. For some fields, this column indicates that a result will always be returned for this column.
Table last updated: Sep 23, 2024
`userId`	string	yes	The unique identifier of the user for which to assign the role.
`roleId`	string	yes	The unique identifier for the role to assign.

Returned Datatypes

The returned results are sets of users and groups. This is a union between two other datatypes: group() and user(). The parameters for those are listed in the tables below:

Table: Group

Parameter	Type	Required	Description
Some arguments may be required, as indicated in the Required column. For some fields, this column indicates that a result will always be returned for this column.
Table last updated: Sep 25, 2024
`assetPermissions`	multiple	yes	Get asset permissions assigned to the group for the specific asset. The datatype consists of `(assetId: string!, assetType: AssetPermissionsAssetType!, searchDomainId: string): AssetPermissionsForGroup!`. See `AssetPermissionsAssetType` and `AssetPermissionsForGroup`.
`defaultQueryPrefix`	string		The default prefix for queries.
`defaultRole`	`Role`		The default role associated with the group (see `Role`).
`defaultSearchDomainCount`	integer	yes	The default search domain count.
`displayName`	string	yes	The display name of the group.
`id`	string	yes	The identifier of the group.
`lookupName`	string		The look-up name for the group.
`organizationRoles`	[`GroupOrganizationRole`]	yes	The roles of the organization associated with the group (see `GroupOrganizationRole` Table).
`queryPrefixes`	[`QueryPrefixes`]	yes	The query prefixes for the group. queryPrefixes(onlyIncludeRestrictiveQueryPrefixes: Boolean, onlyForRoleWithId: String): [QueryPrefixes!]! See `QueryPrefixes`.
`roles`	[`SearchDomainRole`]	yes	The roles for the group (see `SearchDomainRole`).
`searchAssetPermissions`	multiple	yes	Search for asset permissions for the group. This is a preview and subject to change. The datatype consists of `(searchFilter: string, skip: integer, limit: integer, orderBy: OrderBy, sortBy: SortBy, assetTypes: [AssetPermissionsAssetType!], searchDomainIds: [string!], permissions: [AssetPermissionInputEnum!], includeUnassignedAssets: boolean): AssetPermissionSearchResultSet!`. See `AssetPermissionsAssetType` `AssetPermissionInputEnum`, and `AssetPermissionSearchResultSet`.
`searchDomainCount`	integer	yes	The number of search domains for the group.
`searchDomainRoles`	(searchDomainId: string): [`SearchDomainRole`]	yes	The search domain roles assigned to the group (see`SearchDomainRole`).
`searchDomainRolesByName`	(searchDomainName: string): `SearchDomainRole`	yes	The search domain roles assigned to the group, by name. The searchDomainName is a string value, not a complex datatype (see `SearchDomainRole`).
`searchDomainRolesBySearchDomainName`	string	yes	The domain roles by search domain name. The datatype consists of `(searchDomainName: string!): [SearchDomainRole!]`. See `SearchDomainRole`.
`searchUsers`	multiple	yes	Used to search the list of users in the group. The datatype consists of `(searchFilter: string, skip: integer, limit: integer, sortBy: OrderByUserField, orderBy: OrderBy): UserResultSetType!`. See `OrderByUserField`, `OrderBy`, `UserResultSetType`.
`systemRoles`	[`GroupSystemRole`]	yes	The system roles of the group (see `GroupSystemRole` Table).
`userCount`	integer	yes	The number of users that are part of the group.
`users`	[`User`]	yes	The list of users in the group (see `User` Table).

Table: User

Parameter	Type	Required	Description
Some arguments may be required, as indicated in the Required column. For some fields, this column indicates that a result will always be returned for this column.
`allowedOrganizationActions`	[`OrganizationAction`]	yes	Returns the actions the user is allowed to perform in the organization. See `OrganizationAction`.
`allowedSystemActions`	[`SystemAction`]	yes	Returns the actions the user is allowed to perform in the system. See `SystemAction` Table.
`assetPermissions`	multiple	yes	Get asset permissions assigned to the user for the specific asset. This is a preview and subject to change. The multiple datatype consists of (assetId: string, assetType: AssetPermissionsAssetType, searchDomainId: string): AssetPermissionsForUser. See `AssetPermissionsAssetType` and `AssetPermissionsForUser`.
`company`	string		The name of the company for the user account.
`countryCode`	string		The two-letter ISO 3166-1 Alpha-2 code for the country of residence (e.g., us).
`createdAt`	datetime	yes	The data and time the account was created.
`displayName`	string	yes	The value of the fullName if used, otherwise the username.
`email`	string		The user account's email address for communications from LogScale.
`firstName`	string		The user's actual first name (e.g., Bob). Don't use with fullName.
`fullName`	string		The user's full name (e.g., Bob Smith). Don't use if using other name parameters.
`group`	[`Group`]	yes	The groups of which the user is a member. See `Group`.
`groupSearchDomainRoles`	[`GroupSearchDomainRole`]	yes	The group search domain roles. See `GroupSearchDomainRole`.
`groupsV2`	multiple		The groups of which the user is a member. This is a preview and subject to change. The multiple datatype consists of (search: string, typeFilter: [PermissionType], limit: integer, skip: integer, searchInRoles: boolean): GroupResultSetType. See `PermissionType`, and `GroupResultSetType`.
`id`	string	yes	The identifier or token for the user.
`isOrgRoot`	boolean	yes	Whether the organization is granted root access.
`isRoot`	boolean	yes	Whether the user account is granted root access.
`lastName`	string		The user's actual last name or family name (e.g., Smith). Don't use with fullName.
`phoneNumber`	string		The telephone number for LogScale to use for telephone text messages.
`picture`	string		File name of an image file for the account.
`searchAssetPermissions`	multiple		Search for asset permissions for the user. This is a preview and subject to change. The multiple datatype consists of (searchFilter: string, skip: integer, limit: integer, orderBy: OrderBy, sortBy: SortBy, assetTypes: [AssetPermissionsAssetType], searchDomainIds: [string], permissions: [AssetPermissionInputEnum] = [UpdateAsset], includeUnassignedAssets: boolean): AssetPermissionSearchResultSet. See `AssetPermissionsAssetType`, `AssetPermissionInputEnum`, and `AssetPermissionSearchResultSet`.
`searchDomainRoles`	multiple		The search domain roles assigned to the user. The multiple datatype consists of (searchDomainId: string): [SearchDomainRole]. See `SearchDomainRole`.
`searchDomainRolesByName`	multiple	yes	The search domain roles for the user, by name. The multiple datatype consists of (searchDomainName: string): SearchDomainRole. See `SearchDomainRole`. This is deprecated because when multiple roles per view is enabled, this field will return only the first of possibly multiple roles matching the name for the view. Therefore, use instead searchDomainRoles or searchDomainRolesBySearchDomainName.
`searchDomainRolesBySearchDomainName`	multiple		The search domain roles assigned to the user by search domain name. The multiple datatype consists of (searchDomainName: string): [SearchDomainRole]. See `SearchDomainRole`.
`stateCode`	string		The two-letter, ISO 3166-2 country sub-division code for the state of residence (e.g., ny).
`permissions`	multiple	yes	Permissions of the user. The multiple datatype consists of (viewName: string): [UserPermissions]. See `UserPermissions`.
`permissionsPage`	multiple	yes	A page of user permissions. The multiple datatype consists of (search: string, pageNumber: integer, pageSize: integer): UserPermissionsPage. See `UserPermissionsPage`.
`rolesV2`	multiple		The roles assigned to the user through a group. This is a preview and subject to change. The multiple datatype consists of (search: string, typeFilter: [PermissionType], limit: integer, skip: integer, searchInGroups: boolean): RolesResultSetType. See `PermissionType`, and `RolesResultSetType`.
`username`	string	yes	The user name for the account.
`userOrGroupSearchDomainRoles`	multiple	yes	The user or group search domain roles. The multiple datatype consists of (search: string, skip: integer, limit: integer): UserOrGroupSearchDomainRoleResultSet. See `UserOrGroupSearchDomainRoleResultSet`.

GraphQL Mutation Fields

GraphQL Queries

GraphQL Datatypes