User specific data

irtaza9

I want to retrieve user data by calling an API using an admin API token for all requests. With this token, I want to fetch data for individual users that I have created on XO.

Token: Admin privileges
Medium: REST APIs
Users: User1, User2

I want to pass the username of the desired user and receive their corresponding data in the response.

olivierlambert

Hi,

Pinging @MathieuRA

Danp

@irtaza9 What have you tried? Do you have the token already generated?

Here's an example of retrieving user information generated from Postman --

curl --location '192.168.1.xx/rest/v0/users/3b480e98-af4e-4dbf-xxxx-29ac59d6364f' \
--header 'Cookie: authenticationToken=Xqi6ERHsu7I9-xxxx-joJ-tYogiXhPZgM06lioO3EGo'

{
  "id": "3b480e98-af4e-4dbf-xxxx-29ac59d6364f",
  "email": "admin@admin.net",
  "groups": [],
  "permission": "admin",
  "preferences": {
    "filters": {
      "VM": {
        "> 2 snapshots": "snapshots:length:>2",
        "Autostart Off": "!other:auto_poweron:\"true\" ",
        "Deletion blocked": "blockedOperations:destroy:true",
        "< 2GB memory": "memory:size:<2147483648",
        "No HA": "high_availability:\"\"",
        "Windows VMs": "os_version:name: windows",
        "Backup Group": "power_state:running tags:/^backup$/",
        "UEFI firmware": "boot:firmware:uefi"
      },
      "host": {
        "More than 10 running VMs": "residentVms:length:>10",
        "Reboot required": "rebootRequired?"
      },
      "SR": {
        "Hide UDEV": "!\"SR_type\":\"udev\""
      }
    },
    "defaultHomeFilters": {
      "SR": "Hide UDEV"
    },
    "sshKeys": [
      {
        "title": "xxx@gmail.com",
        "key": "ssh-ed25519 xxx+6+DL+WUPZT1L xxx@gmail.com"
      }
    ]
  },
  "authentication_tokens_href": "/rest/v0/users/3b480e98-af4e-4dbf-9f1e-29ac59d6364f/authentication_tokens",
  "groups_href": "/rest/v0/users/3b480e98-af4e-4dbf-9f1e-29ac59d6364f/groups"
}

irtaza9

@Danp

This is not what I'm looking for, /users endpoint will give you info about the users but I want to extract the vms of the user by using admin token. If you need more info, I will provide you.

Danp

@irtaza9 Yes, I suggest that you provide a better description of what you want to achieve because I read your original post as wanting to retrieve information of specific users ("corresponding data"), not pulling a list of VMs associated with a user ("extract the vms of the user").

Please explain how the VMs are tied to a specific user or group. How are you identifying this in XO?

irtaza9

@Danp

rn in XO each user can create VMs. When user logged In to the XO he see the list of vms or he uses the token then he fetches the vms via apis. But In my case I want to fetch the vms of other users by using the admin account token.

I have created a resource group in self service and add newly created user to that resource group.

login as test.irtaza : I created a vm in that resource set.

Now I want to fetch the vms of test.irtaza by using the token of admin account.

Danp

So you want to retrieve information related to the Self Service portal, correct?

he uses the token then he fetches the vms via apis.

Can you elaborate on this? What specific API is the user calling to retrieve this information?

irtaza9

@Danp yes we are testing self service.

Can you elaborate on this? What specific API is the user calling to retrieve this information?

we want to retrieve and perform these > vm list, vm stats, console, actions etc

we do not want to using each user token to access their objects. we want a single point to get the data

Danp

@irtaza9 I'm not sure if this is currently possible with the REST API.

irtaza9

@Danp said in User specific data:

currently possible with the REST API.

can we do this using JSON-RPC?

Danp

@irtaza9 Yes, I imagine that is what XO is using. Calling resourceSet.get will return an array of objects associated with the resource set as well as an array of subjects (users / groups).

irtaza9

@Danp

I have two users test.irtaza, testirtaza1 in a resource set named customer. And when login any of the account this is the output of resourceSet.getAll

login via test.irtaza

{
    "id": -9007199254740984,
    "jsonrpc": "2.0",
    "result": [
        {
            "id": "V7Gr0uoqGwE",
            "ipPools": [],
            "limits": {
                "cpus": {
                    "usage": 1
                },
                "disk": {
                    "usage": 10737418240
                },
                "memory": {
                    "usage": 4294967296
                },
                "vms": {
                    "usage": 1
                }
            },
            "name": "customer",
            "objects": [
                "d4515c45-71ca-7675-ea70-0fe0a8f7dbe4-7aa32be8-a06c-4ade-8a1d-49e51e03e9d2",
                "d4515c45-71ca-7675-ea70-0fe0a8f7dbe4-09d6b4cc-dd4b-4619-aacb-01576ccd5b0f",
                "20e6d987-f8cb-d1b6-2b49-744a87358ae3",
                "ca780b00-fd77-4a2a-fbb2-6f2859e6b4a7"
            ],
            "subjects": [
                "78f3286b-f4a1-4ba5-80a4-bda4967d47a8"
            ],
            "shareByDefault": false,
            "tags": []
        }
    ]
}

login via testirtaza1

{
    "id": -9007199254740984,
    "jsonrpc": "2.0",
    "result": [
        {
            "id": "V7Gr0uoqGwE",
            "ipPools": [],
            "limits": {
                "cpus": {
                    "usage": 2
                },
                "disk": {
                    "usage": 21474836480
                },
                "memory": {
                    "usage": 8589934592
                },
                "vms": {
                    "usage": 2
                }
            },
            "name": "customer",
            "objects": [
                "d4515c45-71ca-7675-ea70-0fe0a8f7dbe4-7aa32be8-a06c-4ade-8a1d-49e51e03e9d2",
                "d4515c45-71ca-7675-ea70-0fe0a8f7dbe4-09d6b4cc-dd4b-4619-aacb-01576ccd5b0f",
                "20e6d987-f8cb-d1b6-2b49-744a87358ae3",
                "ca780b00-fd77-4a2a-fbb2-6f2859e6b4a7"
            ],
            "subjects": [
                "78f3286b-f4a1-4ba5-80a4-bda4967d47a8",
                "f2858952-b02a-403a-98ca-d94e4cdaa57e"
            ],
            "shareByDefault": false,
            "tags": []
        }
    ]
}

is the array of subjects are the users and array of objects are those things which these subjects have access on?

Also

session.signIn method returns the id of user

{
    "id": -9007199254740991,
    "jsonrpc": "2.0",
    "result": {
        "id": "f2858952-b02a-403a-98ca-d94e4cdaa57e",
        "email": "testirtaza1",
        "groups": [],
        "permission": "none",
        "preferences": {}
    }
}

and, acl.getCurrentPermissions method returns those things which belongs to the current loggedIn user?

to call acl.getCurrentPermissions method we have signin by the user credentials(username,password/token)

{
    "id": -9007199254740711,
    "jsonrpc": "2.0",
    "result": {
        "58fdee6c-ed56-8a83-31d5-505748165658": {
            "view": 1,
            "operate": 1,
            "administrate": 1
        },
        "89fd8cc9-6fa1-a7cb-a492-19eefd689631": {
            "view": 1,
            "operate": 1,
            "administrate": 1
        }
    }
}

means I have to create the user first then store these credentials at my space so that I can call acl.getCurrentPermissions method and get his VM's and then list those vm's to my portal and allow him to manage their vms from my custom built portal? Is my thinking is correct?

Danp

@irtaza9 IDK. Maybe @julien-f will have some ideas on the best way to do this.

MathieuRA

Hi @irtaza9
FYI, for about 2 years, VMs expose a creation field:

"creation": {
    "date": string,
    "template": string,
    "user": string
  },

With this you can filter VMs by creation.user to list only VMs created by a user.
/rest/v0/vms?filter=creation:user:<user-id>

irtaza9

@MathieuRA

you saved my life bro, thank you so much. I got the right way.

olivierlambert

Is your issue solved @irtaza9 ?

irtaza9

@MathieuRA endpoint is not returning vms created by user but that user have vms and it's shown in XO when login by testirtaza1 user.

MathieuRA

@irtaza9 you need to use the user-id, not the username

irtaza9

@MathieuRA

user-id

bg: when you call session.signIn you get the user-id and that id is used to fetch user specific vms.

{
    "id": -9007199254740991,
    "jsonrpc": "2.0",
    "result": {
        "id": "f2858952-b02a-403a-98ca-d94e4cdaa57e",
        "email": "testirtaza1",
        "groups": [],
        "permission": "none",
        "preferences": {}
    }
}

@olivierlambert yes, issue is resolved. Thanks to @MathieuRA and @Danp