-
Notifications
You must be signed in to change notification settings - Fork 0
Home
Welcome to the cws-python wiki!
The following processes is part of the Management part of CWS.
As the system administrator, I can add a new user - so that user can store encrypted files.
// CWS SOAP call to create a new User Account
addUser(adminCredential:bytes, userName:string, userCredential:bytes)
// First, the data for the requesting user (must be the System Administrator)
user = 'accountName="admin"'
cred = 'credential=$adminCredential'
credtype = 'credentialType="PASSPHRASE"'
// Now the request specific details
action = 'action="CREATE"'
user = 'newAccountName=$userName'
usercred = 'newAccountCredential=$userCredential'
// Invoke the SOAP request to make CWS add the new user
result = management.processMember($user, $cred, $credtype, $action, $user, $usercred)
if result.returnCode == 200: // HTTP Success
return result.memberId
else
// Warning: 4xx: Request problem, see return message for details
// Error 5xx: Internal CWS problem, may require Administrator support)
log.error(result.returnMessage)
return None
Return Codes:
- 200: Success
- 401: Authorization warning, the requesting user could not be found
- 403: Authentication warning, the request is not permitted for the requesting user
- 404: Constraint warning, the Account already exists
- 406: Verification warning, request is missing information
- 500: Internal Error, if an unidentified problem occurred.
As a content editor, I can add a new workspace representing a new circle - so that all members of that workspace can read all files encrypted within that workspace.
// CWS SOAP call to create a new Circle
createCircle(userName:string, userCredential:bytes, name:string)
// First, the data for the requesting user
user = 'accountName=$userName'
cred = 'credential=$userCredential'
credtype = 'credentialType="PASSPHRASE"'
// Now the request specific details
action = 'action="CREATE"'
circle = 'circleName=$name'
// Invoke the SOAP request to make CWS add a new Circle
result = management.processCircle($user, $cred, $credtype, $action, $circle)
if result.returnCode == 200: // HTTP Success
return result.circleId
else
// Warning: 4xx: Request problem, see return message for details
// Error 5xx: Internal CWS problem, may require Administrator support)
log.error(result.returnMessage)
return None
Return Codes:
- 200: Success
- 401: Authorization warning, the requesting user could not be found
- 403: Authentication warning, the request is not permitted for the requesting user
- 404: Constraint warning, a Circle with this name already exists
- 500: Internal Error, if an unidentified problem occurred.
As a workspace admin, I can add a new user to my workspace - so that user is automatically in the circle.
// CWS SOAP call to add a Member to a Circle as a Trustee
addTrustee(userName:string, userCredential:bytes, circleId:string, memberId:string)
// First, the data for the requesting user
user = 'accountName=$userName'
cred = 'credential=$userCredential'
credtype = 'credentialType="PASSPHRASE"'
// Now the request specific details
action = 'action="ADD"'
circle = 'circleId=$circleId'
member = 'memberId=$memberId'
trust = 'trustLevel="WRITE"' // set to ADMIN if the Trustee should also add/remove trustees
// Invoke the SOAP request to make CWS add a Trustee
result = management.processTrustee($user, $cred, $credtype, $action, $circle, $member, $trust)
if result.returnCode != 200: // HTTP Warning/Error
// Warning: 4xx: Request problem, see return message for details
// Error 5xx: Internal CWS problem, may require Administrator support)
log.error(result.returnMessage)
return None
Return Codes:
- 200: Success
- 401: Authorization warning, the requesting user could not be found
- 403: Authentication warning, the request is not permitted for the requesting user
- 404: Constraint warning, if the trustee already exists
- 500: Internal Error, if an unidentified problem occurred.
As a workspace admin, I can remove a user from my workspace - so that user is no longer in the circle.
// CWS SOAP call to remove a Trustee
removeTrustee(userName:string, userCredential:bytes, circleId:string, memberId:string)
// First, the data for the requesting user
user = 'accountName=$userName'
cred = 'credential=$userCredential'
credtype = 'credentialType="PASSPHRASE"'
// Now the request specific details
action = 'action="REMOVE"'
circle = 'circleId=$circleId'
member = 'memberId=$memberId'
// Invoke the SOAP request to make CWS remove the Trustee
result = management.processTrustee($user, $cred, $credtype, $action, $circle, $member, $trust)
if result.returnCode != 200: // HTTP Warning/Error
// Warning: 4xx: Request problem, see return message for details
// Error 5xx: Internal CWS problem, may require Administrator support)
log.error(result.returnMessage)
return None
Return Codes:
- 200: Success
- 401: Authorization warning, the requesting user could not be found
- 403: Authentication warning, the request is not permitted for the requesting user
- 404: Constraint warning, if no such trustee exists
- 500: Internal Error, if an unidentified problem occurred.
The following processes is part of the Share part of CWS.
- As a content editor in a workspace(having a circle), I can add an encrypted file to that workspace - so that all others can read that file but no-one else can read.
- As the asynchronous worker, I am creating previews for a file in a delayed fashion using the original users credentials, which I also store encrypted - so that every user having access to the file also has access to the previews.
// CWS SOAP call to add data
addData(userName:string, userCredential:bytes, circleId:string, name:string, data:bytes)
// First, the data for the requesting user
user = 'accountName=$userName'
cred = 'credential=$userCredential'
credtype = 'credentialType="PASSPHRASE"'
// Now the request specific details
action = 'action="ADD"'
circle = 'circleId=$circleId'
dataname = 'dataName=$name'
content = 'data=$bytes'
// Invoke the SOAP request to make CWS add data
result = share.processData($user, $cred, $credtype, $action, $circle, $dataname, $content)
if result.returnCode == 200: // HTTP Success
return result.dataId
else
// Warning: 4xx: Request problem, see return message for details
// Error 5xx: Internal CWS problem, may require Administrator support)
log.error(result.returnMessage)
return None
Return Codes:
- 200: Success
- 401: Authorization warning, the requesting user could not be found
- 403: Authentication warning, the request is not permitted for the requesting user
- 404: Another record with the same name already exists.
- 500: Internal Error, if an unidentified problem occurred.
As a member of a workspace supporting encryption (having a circle), I can retrieve a crypted files in that workspace - to read it unencrypted.
// CWS SOAP call to read data
readData(userName:string, userCredential:bytes, dataId:string)
// First, the data for the requesting user
user = 'accountName=$userName'
cred = 'credential=$userCredential'
credtype = 'credentialType="PASSPHRASE"'
// Now the request specific details
id = 'dataId=$dataId'
// Invoke the SOAP request to make CWS add data
result = share.fetchData($user, $cred, $credtype, $id)
if result.returnCode == 200: // HTTP Success
return result.data
else
// Warning: 4xx: Request problem, see return message for details
// Error 5xx: Internal CWS problem, may require Administrator support)
log.error(result.returnMessage)
return None
Return Codes:
- 200: Success
- 401: Authorization warning, the requesting user could not be found
- 403: Authentication warning, the request is not permitted for the requesting user
- 404: Identitication warning, the requested Data Object could not be found - either the user is not permitted to work with the given Circle, or the Data Object has already been removed
- 500: Internal Error, if an unidentified problem occurred.
As a member of a workspace supporting encryption, I can delete a file in that workspace - to remove it without any trace from everyones access.
// CWS SOAP call to delete data
deleteData(userName:string, userCredential:bytes, dataId:string)
// First, the data for the requesting user
user = 'accountName=$userName'
cred = 'credential=$userCredential'
credtype = 'credentialType="PASSPHRASE"'
// Now the request specific details
action = 'action="DELETE"'
id = 'dataId=$dataId'
// Invoke the SOAP request to make CWS delete data
result = share.processData($user, $cred, $credtype, $action, $id)
if result.returnCode == 200: // HTTP Success
return result.dataId
else
// Warning: 4xx: Request problem, see return message for details
// Error 5xx: Internal CWS problem, may require Administrator support)
log.error(result.returnMessage)
return None
Return Codes:
- 200: Success
- 401: Authorization warning, the requesting user could not be found
- 403: Authentication warning, the request is not permitted for the requesting user
- 404: Identitication warning, the requested Data Object could not be found - either the user is not permitted to work with the given Circle, or the Data Object has already been removed
- 500: Internal Error, if an unidentified problem occurred.