IAM in Service Catalog
Unknown compatibility. Contributed in 2008. For other PHP code samples see Sample Client Code for the similar Business Web Services.
This code sample uses the cURL and DOM libraries for PHP. The cURL library is not OO or anything, but cURL is common, fast, and supports the openSSL certs necessary for using the groups Web service.
The sample was written as a library, but I haven't implemented all of the methods of changing members that the Groups API supports. The sample also outputs information about what it's doing. I didn't add a way of disabling this in order to limit its applicability as a library out of the box.
The code sample instantiates the class groupsClient and calls a bunch of methods. They're in a sequence such that they create a group, run some queries on it, update it, and then delete it. Output is provided on these actions as they happen.
Here is the php source an HTML file containing the PHPDoc-generated documentation for the code sample.
I don't know if there is precedent for an "s" on the normal CRUD, but it seemed apropos here, so I added it.
For the create and update operations, I have an XML template that I begin with. The create method then adds the group names, updaters, creaters, and admins passed to the method by creating XML elements and appending them to the appropriate place in the template.
The finished XML string becomes the payload of the PUT request. This is done by creating a temp file containing the string, because that's how cURL wants it done. This doesn't seem very efficient to me, but that's how cURL wants it. The method also sets a Content-Length header to the size of the temp file.
Once the request is assembled, it is sent using a generalized request helper method called sendRequest.
Keep in mind that when you create a group, you might want to make the client you're using to create it an admin so that it can update the group.
This is a simple method. It's a basic call to the sendRequest method, and a bunch of code for processing the response XML from the groups server.
The parts of this method that process the response XML might be useful as examples for this sort of thing.
Used to check if a group has a specific member or members.
This is a simple method. The request is short and returns either an error or a list of members.
Another simple request, this tells you the members of a group.
This is implemented as a call to createGroup, but with an If-Match header set to the group you want to update before createGroup is called.
Keep in mind that when you update a group, you might want to make the client you're using to update it an admin so that it can update the group in the future.
This just adds a list of members to a group. The return is either an error or an "OK". You can use readGroupMembership to check the membership of the group after using this method.
Very simple, this just requests deletion of a group. Of course the client will need to have admin authorization on a group in order to delete it.
Exactly like addMembers, but deletes the list of members provided. Again, you must call readGroupMembership to check the group's membership.
The search method takes a key and a value. The key is what type of search you want to do (stem, member, type, or owner) and the value is the search string.