Skip to content

Home

Jump to bottom
Alexander Pilz edited this page May 24, 2019 · 1 revision

Welcome to the cws-python wiki!

Use Cases supported by the client

Management Processes

The following processes is part of the Management part of CWS.

Create Account

As the system administrator, I can add a new user - so that user can store encrypted files.

// CWS SOAP call to create a new User Account
addUser(adminCredential:bytes, userName:string, userCredential:bytes)
    // First, the data for the requesting user (must be the System Administrator)
    user = 'accountName="admin"'
    cred = 'credential=$adminCredential'
    credtype = 'credentialType="PASSPHRASE"'

    // Now the request specific details
    action = 'action="CREATE"'
    user = 'newAccountName=$userName'
    usercred = 'newAccountCredential=$userCredential'

    // Invoke the SOAP request to make CWS add the new user
    result = management.processMember($user, $cred, $credtype, $action, $user, $usercred)

    if result.returnCode == 200: // HTTP Success
        return result.memberId
    else
        // Warning: 4xx: Request problem, see return message for details
        // Error 5xx: Internal CWS problem, may require Administrator support)
        log.error(result.returnMessage)
        return None

Return Codes:

  • 200: Success
  • 401: Authorization warning, the requesting user could not be found
  • 403: Authentication warning, the request is not permitted for the requesting user
  • 404: Constraint warning, the Account already exists
  • 406: Verification warning, request is missing information
  • 500: Internal Error, if an unidentified problem occurred.

Create Circle

As a content editor, I can add a new workspace representing a new circle - so that all members of that workspace can read all files encrypted within that workspace.

// CWS SOAP call to create a new Circle
createCircle(userName:string, userCredential:bytes, name:string)
    // First, the data for the requesting user
    user = 'accountName=$userName'
    cred = 'credential=$userCredential'
    credtype = 'credentialType="PASSPHRASE"'

    // Now the request specific details
    action = 'action="CREATE"'
    circle = 'circleName=$name'

    // Invoke the SOAP request to make CWS add a new Circle
    result = management.processCircle($user, $cred, $credtype, $action, $circle)

    if result.returnCode == 200: // HTTP Success
        return result.circleId
    else
        // Warning: 4xx: Request problem, see return message for details
        // Error 5xx: Internal CWS problem, may require Administrator support)
        log.error(result.returnMessage)
        return None

Return Codes:

  • 200: Success
  • 401: Authorization warning, the requesting user could not be found
  • 403: Authentication warning, the request is not permitted for the requesting user
  • 404: Constraint warning, a Circle with this name already exists
  • 500: Internal Error, if an unidentified problem occurred.

Add Trustee

As a workspace admin, I can add a new user to my workspace - so that user is automatically in the circle.

// CWS SOAP call to add a Member to a Circle as a Trustee
addTrustee(userName:string, userCredential:bytes, circleId:string, memberId:string)
    // First, the data for the requesting user
    user = 'accountName=$userName'
    cred = 'credential=$userCredential'
    credtype = 'credentialType="PASSPHRASE"'

    // Now the request specific details
    action = 'action="ADD"'
    circle = 'circleId=$circleId'
    member = 'memberId=$memberId'
    trust = 'trustLevel="WRITE"' // set to ADMIN if the Trustee should also add/remove trustees

    // Invoke the SOAP request to make CWS add a Trustee
    result = management.processTrustee($user, $cred, $credtype, $action, $circle, $member, $trust)

    if result.returnCode != 200: // HTTP Warning/Error
        // Warning: 4xx: Request problem, see return message for details
        // Error 5xx: Internal CWS problem, may require Administrator support)
        log.error(result.returnMessage)

    return None

Return Codes:

  • 200: Success
  • 401: Authorization warning, the requesting user could not be found
  • 403: Authentication warning, the request is not permitted for the requesting user
  • 404: Constraint warning, if the trustee already exists
  • 500: Internal Error, if an unidentified problem occurred.

Remove Trustee

As a workspace admin, I can remove a user from my workspace - so that user is no longer in the circle.

// CWS SOAP call to remove a Trustee
removeTrustee(userName:string, userCredential:bytes, circleId:string, memberId:string)
    // First, the data for the requesting user
    user = 'accountName=$userName'
    cred = 'credential=$userCredential'
    credtype = 'credentialType="PASSPHRASE"'

    // Now the request specific details
    action = 'action="REMOVE"'
    circle = 'circleId=$circleId'
    member = 'memberId=$memberId'

    // Invoke the SOAP request to make CWS remove the Trustee
    result = management.processTrustee($user, $cred, $credtype, $action, $circle, $member, $trust)

    if result.returnCode != 200: // HTTP Warning/Error
        // Warning: 4xx: Request problem, see return message for details
        // Error 5xx: Internal CWS problem, may require Administrator support)
        log.error(result.returnMessage)

    return None

Return Codes:

  • 200: Success
  • 401: Authorization warning, the requesting user could not be found
  • 403: Authentication warning, the request is not permitted for the requesting user
  • 404: Constraint warning, if no such trustee exists
  • 500: Internal Error, if an unidentified problem occurred.

Share Processes

The following processes is part of the Share part of CWS.

Add Data

  • As a content editor in a workspace(having a circle), I can add an encrypted file to that workspace - so that all others can read that file but no-one else can read.
  • As the asynchronous worker, I am creating previews for a file in a delayed fashion using the original users credentials, which I also store encrypted - so that every user having access to the file also has access to the previews.
// CWS SOAP call to add data
addData(userName:string, userCredential:bytes, circleId:string, name:string, data:bytes)
    // First, the data for the requesting user
    user = 'accountName=$userName'
    cred = 'credential=$userCredential'
    credtype = 'credentialType="PASSPHRASE"'

    // Now the request specific details
    action = 'action="ADD"'
    circle = 'circleId=$circleId'
    dataname = 'dataName=$name'
    content = 'data=$bytes'

    // Invoke the SOAP request to make CWS add data
    result = share.processData($user, $cred, $credtype, $action, $circle, $dataname, $content)

    if result.returnCode == 200: // HTTP Success
        return result.dataId
    else
        // Warning: 4xx: Request problem, see return message for details
        // Error 5xx: Internal CWS problem, may require Administrator support)
        log.error(result.returnMessage)
        return None

Return Codes:

  • 200: Success
  • 401: Authorization warning, the requesting user could not be found
  • 403: Authentication warning, the request is not permitted for the requesting user
  • 404: Another record with the same name already exists.
  • 500: Internal Error, if an unidentified problem occurred.

Read Data

As a member of a workspace supporting encryption (having a circle), I can retrieve a crypted files in that workspace - to read it unencrypted.

// CWS SOAP call to read data
readData(userName:string, userCredential:bytes, dataId:string)
    // First, the data for the requesting user
    user = 'accountName=$userName'
    cred = 'credential=$userCredential'
    credtype = 'credentialType="PASSPHRASE"'

    // Now the request specific details
    id = 'dataId=$dataId'

    // Invoke the SOAP request to make CWS add data
    result = share.fetchData($user, $cred, $credtype, $id)

    if result.returnCode == 200: // HTTP Success
        return result.data
    else
        // Warning: 4xx: Request problem, see return message for details
        // Error 5xx: Internal CWS problem, may require Administrator support)
        log.error(result.returnMessage)
        return None

Return Codes:

  • 200: Success
  • 401: Authorization warning, the requesting user could not be found
  • 403: Authentication warning, the request is not permitted for the requesting user
  • 404: Identitication warning, the requested Data Object could not be found - either the user is not permitted to work with the given Circle, or the Data Object has already been removed
  • 500: Internal Error, if an unidentified problem occurred.

Delete Data

As a member of a workspace supporting encryption, I can delete a file in that workspace - to remove it without any trace from everyones access.

// CWS SOAP call to delete data
deleteData(userName:string, userCredential:bytes, dataId:string)
    // First, the data for the requesting user
    user = 'accountName=$userName'
    cred = 'credential=$userCredential'
    credtype = 'credentialType="PASSPHRASE"'

    // Now the request specific details
    action = 'action="DELETE"'
    id = 'dataId=$dataId'

    // Invoke the SOAP request to make CWS delete data
    result = share.processData($user, $cred, $credtype, $action, $id)

    if result.returnCode == 200: // HTTP Success
        return result.dataId
    else
        // Warning: 4xx: Request problem, see return message for details
        // Error 5xx: Internal CWS problem, may require Administrator support)
        log.error(result.returnMessage)
        return None

Return Codes:

  • 200: Success
  • 401: Authorization warning, the requesting user could not be found
  • 403: Authentication warning, the request is not permitted for the requesting user
  • 404: Identitication warning, the requested Data Object could not be found - either the user is not permitted to work with the given Circle, or the Data Object has already been removed
  • 500: Internal Error, if an unidentified problem occurred.
Clone this wiki locally