|
| 1 | +#### |
| 2 | +# This script demonstrates how to query for permissions using TSC |
| 3 | +# To run the script, you must have installed Python 3.7 or later. |
| 4 | +# |
| 5 | +# Example usage: 'python query_permissions.py -s https://10ax.online.tableau.com --site |
| 6 | +# devSite123 -u tabby@tableau.com b4065286-80f0-11ea-af1b-cb7191f48e45' |
| 7 | +#### |
| 8 | + |
| 9 | +import argparse |
| 10 | +import logging |
| 11 | + |
| 12 | +import tableauserverclient as TSC |
| 13 | + |
| 14 | + |
| 15 | +def main(): |
| 16 | + parser = argparse.ArgumentParser(description="Query permissions of a given resource.") |
| 17 | + # Common options; please keep those in sync across all samples |
| 18 | + parser.add_argument("--server", "-s", help="server address") |
| 19 | + parser.add_argument("--site", "-S", help="site name") |
| 20 | + parser.add_argument("--token-name", "-p", help="name of the personal access token used to sign into the server") |
| 21 | + parser.add_argument("--token-value", "-v", help="value of the personal access token used to sign into the server") |
| 22 | + parser.add_argument( |
| 23 | + "--logging-level", |
| 24 | + "-l", |
| 25 | + choices=["debug", "info", "error"], |
| 26 | + default="error", |
| 27 | + help="desired logging level (set to error by default)", |
| 28 | + ) |
| 29 | + parser.add_argument("resource_id") |
| 30 | + |
| 31 | + args = parser.parse_args() |
| 32 | + # Convert Namespace to dictionary |
| 33 | + args_dict = vars(args) |
| 34 | + |
| 35 | + # Format the dictionary as a string |
| 36 | + args_str = ', '.join(f'{key}={value}' for key, value in args_dict.items()) |
| 37 | + |
| 38 | + print(args_str) |
| 39 | + # Set logging level based on user input, or error by default |
| 40 | + logging_level = getattr(logging, args.logging_level.upper()) |
| 41 | + logging.basicConfig(level=logging_level) |
| 42 | + |
| 43 | + # Sign in |
| 44 | + tableau_auth = TSC.PersonalAccessTokenAuth(args.token_name, args.token_value, site_id=args.site) |
| 45 | + server = TSC.Server(args.server, use_server_version=True) |
| 46 | + with server.auth.sign_in(tableau_auth): |
| 47 | + # Mapping to grab the handler for the user-inputted resource type |
| 48 | + # endpoint = { |
| 49 | + # "workbook": server.workbooks, |
| 50 | + # "datasource": server.datasources, |
| 51 | + # "flow": server.flows, |
| 52 | + # "table": server.tables, |
| 53 | + # "database": server.databases, |
| 54 | + # }.get("datasource") |
| 55 | + endpoint = server.datasources |
| 56 | + |
| 57 | + # Get the resource by its ID |
| 58 | + resource = endpoint.get_by_id(args.resource_id) |
| 59 | + |
| 60 | + # Populate permissions for the resource |
| 61 | + endpoint.populate_permissions(resource) |
| 62 | + permissions = resource.permissions |
| 63 | + |
| 64 | + # Print result |
| 65 | + print(f"\n{len(permissions)} permission rule(s) found for workbook {args.resource_id}.") |
| 66 | + |
| 67 | + for permission in permissions: |
| 68 | + grantee = permission.grantee |
| 69 | + capabilities = permission.capabilities |
| 70 | + print(f"\nCapabilities for {grantee.tag_name} {grantee.id}:") |
| 71 | + |
| 72 | + for capability in capabilities: |
| 73 | + print(f"\t{capability} - {capabilities[capability]}") |
| 74 | + |
| 75 | + |
| 76 | +if __name__ == "__main__": |
| 77 | + main() |
| 78 | + |
| 79 | + |
0 commit comments