RoleAssignments
Create, delete, and query roles assigned to users.
Table Specific Information
Select
To get a list of all the roles assigned to users, the CustomerId column is required. If not specified, the CustomerId of the current account will be used. The driver processes other queries client-side in memory.
For example, the following query is processed server side by the Google Directory APIs:
SELECT * FROM RoleAssignments
Insert
To assign a role to a user, the following columns are required: RoleId, UserId, ScopeType, and CustomerId. If not specified, the CustomerId of the current account will be used.
ScopeType has only two acceptable values : CUSTOMER and ORG_UNIT.
INSERT INTO RoleAssignments (RoleId, UserId, ScopeType) VALUES ('12345', '123456', 'CUSTOMER')
Update
Updates are not supported for this table.
Delete
To remove an assigned role from a user, the Id and CustomerId columns are required. If not specified, the CustomerId of the current account will be used.
DELETE FROM RoleAssignments WHERE Id = '12345'
Columns
Name | Type | ReadOnly | Description |
Id [KEY] | String | True |
The unique identifier of the role assignment. |
RoleId | String | False |
The Id of the role that is assigned. |
UserId | String | False |
The Id of the user this role is assigned to. |
OrgUnitId | String | False |
If the role is restricted to an organizational unit, this contains the ID for the organizational unit the exercise of this role is restricted to. |
ScopeType | String | False |
The scope in which this role is assigned. Acceptable values are |
Etag | String | True |
Etag of the resource. |
Pseudo-Columns
Pseudo column fields are used in the WHERE clause of SELECT statements and offer a more granular control over the tuples that are returned from the data source.
Name | Type | Description |
CustomerId | String |
Id of the customer |