Template Management: Role Profile

Role Profile Template helps to divide the roles of the users according to their profiles. It is capable of applying settings to restrict certain users and to provide access to some.

API Calls

/V5/templates/ROLE_PROFILE

/V5/templates/{templateId}/ROLE_PROFILE

/V5/templates

/V5/templates/copy/{templateId}/ROLE_PROFILE

/V5/templates

/V5/templates/{tempalteId}/ROLE_PROFILE

Get All Role Profiles

Description Fetches the primary information about all role profiles for the specified location.
Who Can Execute? Superuser, Administrator, Operator, and Viewer.
Syntax
GET <Base_URL>/templates/ROLE_PROFILE?locationid=<value>&
minimalinforequired =<value>&fields=<value>&filter=<value>&fetchSubTreeTemplates=<value>
  • locationid

    Is used to specify location Id for which information is requested. It takes an integer
    value. To retrieve the value for location id refer Location call.

  • minimalinforequired

    Is used to retrieve minimal information. For false all attributes are populated
    else minimal information is retrieved. It takes a boolean value. It is a mandatory attribute.

  • fields

    List of selective fields which will be returned in the response. It takes String value.

  • fetchSubTreeTemplates

    If set to true, templates created above, at and below the given location will be returned. If false, only templates created above and at the given location will be returned. It takes a boolean value.

Sample code
GET https://training.mojonetworks.com/new/webservice/V5/templates/ROLE_PROFILE?locationid=1&minimalinforequired=true
Request Body This API call does not require any request body parameters.
Response Body If the API call is successful, the HTTP response status is 200.
The response body contains the detailed information about all role profiles for the specified location. The response is in the application/JSON format.

Get Details of a Role Profile

Description Fetches the complete details of a role profile.
Who Can Execute? Superuser, Administrator, Operator, and Viewer.
Syntax
GET <Base_URL>/templates/{templateId}/ROLE_PROFILE?locationid=<value>&fields=<value>
  • templateid

    It is Id to identify the template. It takes an integer value.

  • locationid

    Is used to specify location Id for which information is requested.
    It takes an integer value. To retrieve the value for location id refer Location call.

  • fields

    List of selective fields which will be returned in the response. It takes String value.

Sample code
GET https://training.mojonetworks.com/new/webservice/templates/4/ROLE_PROFILE?locationid=0
Request Body This API call does not require any request body parameters.
Response Body If the API call is successful, the HTTP response status is 200.
The response body contains detailed information of the specified role profile.
The response is in the application/JSON format.

Add a Role Profile

Description Adds a template at the specified location.
Who Can Execute? Superuser, Administrator, and Operator.
Syntax
PUT <Base_URL>/templates?locationid=<value>
  • locationid

    It is the parameter that specifies the location at which the template must be added.
    The parameter value is specified in the application/json format. To fetch the appropriate location ID you can use Locations call.

Sample code
PUT https://training.mojonetworks.com/new/webservice/V5/templates?
locationid=1
Request Body The API call requires the details of the Role Profile. You must provide the appropriate
values for the following mandatory attributes:

  • type
  • templateName
  • ssid
  • role
  • vlanEnabled/inheritFromSSID

A sample request body is as follows:

{
        "type": "roletemplate",
        "templateName": "test ssid",
        "ssid": "test ssid",
        "role": "Test Role",
        "vlanEnabled": true
}
Response Body If the API call is successful, the HTTP response status is 200.
The response body contains details of the newly created role profile. The response is in the application/json format.

Copy a Role Profile

Description Copies a role profile template at the specified location.
Who Can Execute? Superuser, Administrator, and Operator.
Syntax
PUT <Base_URL>/templates/copy/{templateId}ROLE_PROFILE/?locationid=<value>&nodeId=<value>
  • templateid

    Is the ID of the template. It takes an integer value.

  • locationid

    This takes an integer value specifying the location at which the template exists.
    To retrieve the value for location id refer Location call.

  • nodeid

    This takes an integer value specifying the node in a cluster deployment on which the location exists.

Sample code
PUT https://training.mojonetworks.com/new/webservice/V5/templates/copy/2/ROLE_PROFILE?
locationid=0&nodeid=1
Request Body This API call requires the details of the location to which the Network Interface Profile must be copied. The destination location information is passed as parameters in the request body.
The parameters are passed in the application/json format. You must provide appropriate values for the childId JSON attribute in the case of a cluster deployment.
A sample request body is as follows:

{

  "type": "locallocationid",
  "id": 2

}
Response Body If the API call is successful, the HTTP response status is 200.
The response body contains detailed information of the copied Role Profile. The response is in
the application/json format.

Edit a Role Profile

Description Modifies the details of the specified role profile template.
Who Can Execute? Superuser, Administrator, and Operator.
Syntax
POST <Base_URL>/templates
Sample code
POST https://training.mojonetworks.com/new/webservice/V5/templates
Request Body Parameters This API call requires the details of the role profile to be modified, which is passed as
parameters in the request body. The templateId attribute is generated by the system when you
add a template. To modify the template, you must provide the same system-generated
template ID. You must provide the appropriate values for the following mandatory attributes:

  • type
  • templateName
  • role
  • vlanEnabled/inheritFromSSID

A sample request body is as follows:

{
        "type": "roletemplate",
        "templateName": "test ssid1",
        "role": "Test Role",
        "vlanEnabled": true,
        "inheritFromSSID": false
}
Response Body If the API call is successful, the HTTP response status is 200.
The response body contains modified role profile details.
The response is in the application/json format.

Delete a Role Profile

Description Deletes the specified role profile template.
Who Can Execute? Superuser, Administrator, and Operator.
Syntax
DELETE <Base_URL>/templates/{templateId}/ROLE_PROFILE?locationid=<value>
  • templateid

    It is id to identify the template. It takes an integer value.

  • locationid

    Is used to specify location Id for which information is requested.
    It takes an integer value. To retrieve the value for location id refer Location call.

Sample code
DELETE  https://training.mojonetworks.com/new/webservice/V5/templates/47/ROLE_PROFILE
Request Body Parameters This API call does not require any request body parameters.
Response Body If the API call is successful, the HTTP response status is 204.
The response body does not contain any other information
JSON Table

Attribute Data Type Description
type String Template type. Applicable value is roletemplate.
templateId int System generated value to identify the template.
templateName String Name of the template.
createdAtLocationId application/json ID of location at which the template is created. The value is of the
type Location ID JSON.
description String For internal use only.
templateType String Template type. The applicable value is ROLE_PROFILE
mncTemplateId int System-generated ID of the template provided via the parent server
to the child server.
role String Role asigned to a user.
inheritFromSSID boolean True role profile configurations that are not defined will be inherited form SSID.
vlanEnabled boolean True indicates VLAN is enabled. If inheritFromSSID is set to true,
vlanEnabled must also be set to true.
vlanId int VLAN IDs available to user sessions on which the role is applied.
firewallEnabled boolean True indiactes firewall is enabled.
applicationFirewallEnabled boolean True indiactes application firewall is enabled.
firewallProfile application/json Firewall settings
firewallProfile/ssid int A read-only field for internal use.
firewallProfile/hostName String IP address or FQDN of a host for which the firewall rule applies.
firewallProfile/direction String Direction for which the firewall will be enabled. The applicable values
are:

  • 0 for ANY
  • 1 for IN
  • 2 for OUT
firewallProfile/protocol int Protocol. The applicable values:

0 for any (default value)
1 for TCP
2 for UDP
For any other protocol, set protocol value + 3. For example, if you
want to specify 22 for ssh, add 25.

firewallProfile/action int Actions to allow or block the traffic. The applicable values are:

1 for allow
2 for block

firewallProfile/port String Port number
firewallProfile/orderId int Order ID
firewallProfile/mncOid int System-generated unique ID of the firewall profile.
firewallProfile/markDirection String Direction of network traffic. The applicable values are:

  • To_wireless
  • To _wired.
  • Both
firewallProfile/dscpValue int Specifies the Differentiated Services Code Point (DSCP) value for
a firewall rule set.
firewallProfile/defaultRule boolean A true or false value indicating whether this is the default rule.
firewallProfile/oid int System-generated unique ID of the firewall rule.
firewallProfile/name String Name of the firewall rule.
applicationFirewallRules application/json Controls incoming and outgoing traffic for specifed applications.
applicationFirewallRules/orderId int Order ID
applicationFirewallRules/action String Actions to allow or block the traffic. The applicable values are:

1 for allow
2 for block

applicationFirewallRules/markDirection String Direction of network traffic. The applicable values are:

  • To_wireless
  • To _wired.
  • Both

 

applicationFirewallRules/dscpValue int Specifies the Differentiated Services Code Point (DSCP) value for
a application firewall rule set.
applicationFirewallRules/category String Category of application. Possible values are

  • Messaging
  • Mail
  • etc.
applicationFirewallRules/applicationIds int
applicationFirewallRules/ruleName String Name of the application firewall rule.
perUserTrafficControlEnabled boolean True indicates traffic control is enabled.
trafficControlDownloadLimit int Traffic control download limit
trafficControlDownloadLimitUnit int Bandwidth control download limit
trafficControlUploadLimitUnit int The possible values are:
0:kbps
1:mbps
trafficControlUploadLimit int Bandwidth control upload limit
redirection application/json Redirection settings
redirection/redirectUrl String Redirection URL
redirection/exemptedWebHostList String IP address that are to be exempted from redirection.
redirection/webQuarantineOption int
redirection/webQuarantineEnabled boolean
mnctemplate boolean True indicates this has been pushed by the parent server.

Sample JSON
{
	"type": "roletemplate",
	"templateId": 1,
	"templateName": "Test Role Profile",
	"createdAtLocationId": {
		"type": "locallocationid",
		"id": 0
	},
	"description": "",
	"templateType": "ROLE_PROFILE",
	"mncTemplateId": 0,
	"role": "Test Role",
	"inheritFromSSID": false,
	"vlanEnabled": true,
	"vlanId": 3,
	"firewallEnabled": true,
	"applicationFirewallEnabled": true,
	"firewallProfile": [{
		"ssid": 1,
		"hostName": "",
		"direction": 0,
		"protocol": 0,
		"action": 2,
		"port": "",
		"orderId": -1,
		"mncOid": 0,
		"markDirection": "TO_WIRELESS",
		"dscpValue": -100,
		"defaultRule": true,
		"oid": 1,
		"name": null
	}],
	"applicationFirewallRules": [{
		"orderId": 1,
		"action": "BLOCK",
		"markDirection": "TO_WIRELESS",
		"dscpValue": -100,
		"category": "File Transfer",
		"applicationIds": [102, 831],
		"ruleName": "test rule3"
	}],
	"perUserTrafficControlEnabled": true,
	"trafficControlDownloadLimit": 100,
	"trafficControlDownloadLimitUnit": 0,
	"trafficControlUploadLimitUnit": 0,
	"trafficControlUploadLimit": 100,
	"redirection": {
		"redirectUrl": "https://abc.com",
		"exemptedWebHostList": ["abc.com:80,443", "xyz.com:80,443"],
		"webQuarantineOption": 1,
		"webQuarantineEnabled": true
	},
	"mnctemplate": false
}