Skip to content
This repository was archived by the owner on May 24, 2019. It is now read-only.

Home

Jump to bottom
Kim Jensen edited this page Jul 26, 2018 · 11 revisions

Welcome to the cws-python wiki!

Use Cases supported by the client

Create Account

As the system administrator, I can add a new user - so that user can store encrypted files.

// CWS SOAP call to create a new User Account
addUser(adminCredential:bytes, userName:string, userCredential:bytes)
    // First, the data for the requesting user (must be the System Administrator)
    user = 'accountName="admin"'
    cred = 'credential=adminCredential'
    credtype = 'credentialType="PASSPHRASE"'

    // Now the request specific details
    action = 'action="CREATE"'
    user = 'newAccountName=$userName'
    usercred = 'newAccountCredential=$userCredential'

    // Invoke the SOAP request to make CWS add the new user
    result = management.processMember(user, cred, credtype, action, user, usercred)

    if result.returnCode == 200: // HTTP Success
        return result.memberId
    else
        // Warning: 4xx: Request problem, see return message for details
        // Error 5xx: Internal CWS problem, may require Administrator support)
        log.error(result.returnMessage)
        return None

Return Codes:

  • 200: Success
  • 401: Authorization warning, the requesting user could not be found
  • 403: Authentication warning, the request is not permitted for the requesting user
  • 404: Constraint warning, the account already exists
  • 406: Verification warning, request is missing information

Create Circle

As a content editor, I can add a new workspace representing a new circle - so that all members of that workspace can read all files encrypted within that workspace.

// CWS SOAP call to create a new Circle
createCircle(userName:string, userCredential:bytes, name:string)
    // First, the data for the requesting user
    user = 'accountName=$userName'
    cred = 'credential=userCredential'
    credtype = 'credentialType="PASSPHRASE"'

    // Now the request specific details
    action = 'action="CREATE"'
    circle = 'circleName=$name'

    // Invoke the SOAP request to make CWS add a new Circle
    result = management.processCircle(user, cred, credtype, action, circle)

    if result.returnCode == 200: // HTTP Success
        return result.circleId
    else
        // Warning: 4xx: Request problem, see return message for details
        // Error 5xx: Internal CWS problem, may require Administrator support)
        log.error(result.returnMessage)
        return None

Return Codes:

  • 200: Success
  • 401: Authorization warning, the requesting user could not be found
  • 403: Authentication warning, the request is not permitted for the requesting user
  • 404: Constraint warning, a Circle with this name already exists

Add Trustee

As a workspace admin, I can add a new user to my workspace - so that user is automatically in the circle.

// CWS SOAP call to add a Member to a Circle as a Trustee
addTrustee(userName:string, userCredential:bytes, circleId:string, memberId:string)
    // First, the data for the requesting user
    user = 'accountName=$userName'
    cred = 'credential=userCredential'
    credtype = 'credentialType="PASSPHRASE"'

    // Now the request specific details
    action = 'action="ADD"'
    circle = 'circleId=$circleId'
    member = 'memberId=$memberId'
    trust = 'trustLevel="WRITE"' // set to ADMIN if the Trustee should also add/remove trustees

    // Invoke the SOAP request to make CWS add a Trustee
    result = management.processTrustee(user, cred, credtype, action, circle, member, trust)

    if result.returnCode != 200: // HTTP Warning/Error
        // Warning: 4xx: Request problem, see return message for details
        // Error 5xx: Internal CWS problem, may require Administrator support)
        log.error(result.returnMessage)

    return None

Return Codes:

  • 200: Success
  • 401: Authorization warning, the requesting user could not be found
  • 403: Authentication warning, the request is not permitted for the requesting user
  • 404: Constraint warning, if the trustee already exists

As a workspace admin, I can remove a user from my workspace so that user is no longer in the circle.

As a content editor in a workspace(having a circle) I can add a crypted file to that workspace so that all others can read that file but noone else

As the asyncronous worker I am creating previews for a file in a delayed fashion using the original users credentials which I also store crypted so that every user having access to the file also has access to the previews.

As a member of a workspace supporting encryption (having a circle) I can retrieve a crypted files in that workspace to read it unencrypted.

As a member of a workspace supporting encryption I can delete a file in that workspace to remove it without any trace from everyones access.

Clone this wiki locally