SOAPUI method setOfferingPermission for CA Service Catalog

Document ID : KB000125364
Last Modified Date : 28/01/2019
Show Technical Document Details
Introduction:
SOAPUI method setOfferingPermission for CA Service Catalog
To set the correct permissions for an offering.
WEBservices wsdl: http://host:port/usm/services/CatalogService?wsdl
Method: setOfferingPermission
Question:
How to set permissions for an SC offering through (SOAPUI) webservices.
Environment:
Windows
Answer:
FYI:
Application groups should be given like the way it's shown i.e. groupname prefixed with 'ug:'. grp1 and grp2 are application groups.
Global groups can also be used. To use global groups prefix with gug: before group name.

Information and Examples:
<offeringID xsi:type="xsd:int">?</offeringID>
<aclInfo xsi:type="xsd:string">?</aclInfo>
<updateChildren xsi:type="xsd:boolean">?</updateChildren>
"businessunit:|groups:spadministrator|acgroups:|permits:L|appgroups:ug:grp1¬ug:grp2"
 businessunit:BUcat01|groups:spadministrator|acgroups:|permits:L|appgroups:ug:grp1¬ug:grp2 (for global group use gug:grp1)
 
MSSQL usm_offering:
10167 10153 Copy of Analog/Fax Line Analog/Fax Line Request
 
You may set the following properties and possible values 
for constructing the aclInfo string businessunit:<Leave it blank for the root business unit or define the sub business unit name>
 
groups:<Define the Service Catalog user roles that you want to grant the permission.
 You may use any of the role names,
 administrator
 catadministrator
 catalogenduser
 enduser
 requestmanager
 servicemanager
 spadministrator
 stadministrator
To assign multiple user roles, use ^ to separate them.>
  
acgroups:<You may simple leave this blank>

permits:<Use L for the listing permission>
 
appgroups:<Use gug as the prefix for the global groups or ug as the prefix for the application groups.
 Use ^ to separate each group if multiple groups are defined.
 You do not need this property if no group is required.>
 
In addition, you 
use a | to separate each property and value pair, 
and a ! to separate each individual set (different business unit or group)
 
Here are some examples. 
Based on these examples, you may modify them to fulfill your requirements.
To grant full permission to all user roles from the sub business unit, 
say, MySubBU
 businessunit:MySubBU|groups:administrator^catadministrator^catalogenduser
 ^enduser^requestmanager^servicemanager^spadministrator^stadministrator
 |acgroups:|permits:L
 
To grant full permission to requestmanager and servicemanager 
from the sub business unit, 
say, MySubBU
 businessunit:MySubBU|groups:requestmanager^servicemanager^spadministrator
 |acgroups:|permits:L
 
To grant full permission to all user roles from the root business unit 
and only to requestmanager, servicemanager, and spadministrator 
from the sub business, 
say, MySubBU
 businessunit:|groups:administrator^catadministrator^catalogenduser^enduser
 ^requestmanager^servicemanager^spadministrator^stadministrator
 |acgroups:|permits:L!businessunit:MySubBU|groups:requestmanager
 ^servicemanager^spadministrator|acgroups:|permits:L
 
To grant full permission to all user roles from the root business unit 
and only to requestmanager, servicemanager, and spadministrator 
from the sub business, 
say, MySubBU, 
and to grant full permission to the global groups, group1 and group2.
 businessunit:|groups:administrator^catadministrator^catalogenduser
 ^enduser^requestmanager^servicemanager^spadministrator^stadministrator
 |acgroups:|permits:L!businessunit:MySubBU
 |groups:requestmanager^servicemanager^spadministrator
 |acgroups:|permits:L!businessunit:|groups:|acgroups:|permits:L
 |appgroups:gug:group1^group2