Table of Contents

Role Creation using GraphiQL

Mitchell Paul-Soumis Updated by Mitchell Paul-Soumis

In our User Role Creation & Best Practices article, we introduced you to one of the ways you could create new roles and set their permissions. While using the in-app interface is perfectly serviceable, we also offer the ability to create these roles using the GraphQL API through the GraphiQL interface, available in your instance by accessing [your instance url]/graphiql.

If you aren't familiar with GraphiQL, we have an introductory article here | How To Use GraphiQL to Understand the Sonar API

Below, we'll provide some example roles, their permissions, and the mutations and parameters needed to create the role using GraphiQL.

Support Agent

Mutation

mutation ($supportAgent: CreateRoleMutationInput) {
  createRole(input: $supportAgent) {
    id
name
  }
}

Parameters

{
"supportAgent": {
"name": "Support Agent",
"applied_permissions": [
"READ_ALL_INVENTORY",
"ASSIGN_ACCOUNT_INVENTORY",
"MODIFY_ACCOUNT_SERVICES",
"UPDATE_ACCOUNT_SERVICE_PARAMETERS",
"UPDATE_ACCOUNT_BILLING_PARAMETERS",
"CREATE_ACCOUNT_TRANSACTIONS",
"READ_ACCOUNT_TRANSACTIONS",
"UPDATE_ACCOUNT_TRANSACTIONS",
"REVERSE_ACCOUNT_TRANSACTIONS",
"CREATE_ACCOUNT",
"READ_ACCOUNT",
"UPDATE_ACCOUNT",
"READ_ACCOUNT_GROUP",
"READ_ACCOUNT_STATUS",
"READ_ACCOUNT_TYPE",
"CREATE_SERVICEABLE_ADDRESS",
"READ_ADDRESS_LIST",
"READ_SERVICEABLE_ADDRESS",
"READ_BILLING_DEFAULT",
"READ_CALL_LOG",
"READ_CANNED_REPLY",
"CREATE_CALL_LOG",
"UPDATE_CALL_LOG",
"UPDATE_CANNED_REPLY",
"CREATE_CANNED_REPLY",
"CREATE_CONTACT",
"UPDATE_CONTACT",
"DELETE_CONTACT",
"READ_CONTRACT",
"CREATE_CUSTOM_FIELD",
"READ_CUSTOM_FIELD",
"UPDATE_CUSTOM_FIELD",
"DELETE_CUSTOM_FIELD",
"READ_DATA_USAGE_HISTORY",
"UPDATE_DATA_USAGE_HISTORY",
"CREATE_EMAIL_MESSAGE",
"READ_EMAIL_MESSAGE",
"UPDATE_EMAIL_MESSAGE",
"CREATE_INVENTORY_ITEM",
"UPDATE_INVENTORY_ITEM",
"DELETE_INVENTORY_ITEM",
"READ_JOB",
"UPDATE_JOB",
"CREATE_JOB",
"DELETE_JOB",
"READ_JOB_TYPE",
"READ_MASS_EMAIL",
"READ_NETWORK_SITE",
"CREATE_NOTE",
"UPDATE_NOTE",
"DELETE_NOTE",
"READ_PACKAGE",
"UPDATE_PACKAGE",
"CREATE_PACKAGE",
"READ_PAYMENT_PROCESSOR",
"CREATE_PAYMENT_METHOD",
"READ_PAYMENT_METHOD",
"UPDATE_PAYMENT_METHOD",
"DELETE_PAYMENT_METHOD",
"CREATE_PAYMENT",
"READ_RADIUS_ACCOUNT",
"CREATE_RADIUS_ACCOUNT",
"UPDATE_RADIUS_ACCOUNT",
"READ_SCHEDULED_EVENT",
"UPDATE_SCHEDULED_EVENT",
"CREATE_SCHEDULED_EVENT",
"READ_SERVICE",
"READ_TICKET",
"CREATE_TICKET",
"UPDATE_TICKET",
"READ_TICKET_CATEGORY",
"CREATE_FILE",
"UPDATE_FILE",
"DELETE_FILE",
"READ_FILE",
"REFUND_PAYMENTS",
"CREATE_DATA_USAGE_TOP_OFF",
"READ_INBOUND_MAILBOX"
]
}
}

Sales Agent

Mutation

mutation ($salesAgent: CreateRoleMutationInput) {
  createRole(input: $salesAgent) {
    id
name
  }
}

Parameters

{
"salesAgent": {
"name": "Sales Agent",
"applied_permissions": [
"ASSIGN_ACCOUNT_INVENTORY",
"READ_ALL_INVENTORY",
"MODIFY_ACCOUNT_SERVICES",
"UPDATE_ACCOUNT_SERVICE_PARAMETERS",
"UPDATE_ACCOUNT_BILLING_PARAMETERS",
"CREATE_ACCOUNT_TRANSACTIONS",
"READ_ACCOUNT_TRANSACTIONS",
"UPDATE_ACCOUNT_TRANSACTIONS",
"REVERSE_ACCOUNT_TRANSACTIONS",
"CREATE_ACCOUNT",
"READ_ACCOUNT",
"UPDATE_ACCOUNT",
"READ_ACCOUNT_GROUP",
"READ_ACCOUNT_STATUS",
"READ_ACCOUNT_TYPE",
"CREATE_SERVICEABLE_ADDRESS",
"READ_SERVICEABLE_ADDRESS",
"UPDATE_SERVICEABLE_ADDRESS",
"DELETE_SERVICEABLE_ADDRESS",
"READ_CALL_LOG",
"CREATE_CALL_LOG",
"UPDATE_CALL_LOG",
"READ_CANNED_REPLY",
"CREATE_CONTACT",
"UPDATE_CONTACT",
"DELETE_CONTACT",
"READ_CONTRACT",
"UPDATE_CONTRACT",
"CREATE_CONTRACT",
"DELETE_CONTRACT",
"READ_CONTRACT_TEMPLATE",
"READ_CUSTOM_FIELD",
"CREATE_FILE",
"UPDATE_FILE",
"READ_FILE",
"READ_JOB",
"UPDATE_JOB",
"CREATE_JOB",
"DELETE_JOB",
"READ_JOB_TYPE",
"CREATE_NOTE",
"UPDATE_NOTE",
"DELETE_NOTE",
"READ_PACKAGE",
"READ_PAYMENT_PROCESSOR",
"CREATE_PAYMENT_METHOD",
"READ_PAYMENT_METHOD",
"UPDATE_PAYMENT_METHOD",
"DELETE_PAYMENT_METHOD",
"CREATE_PAYMENT",
"READ_RADIUS_ACCOUNT",
"CREATE_RADIUS_ACCOUNT",
"UPDATE_RADIUS_ACCOUNT",
"READ_SCHEDULED_EVENT",
"UPDATE_SCHEDULED_EVENT",
"CREATE_SCHEDULED_EVENT",
"READ_SERVICE",
"READ_TICKET",
"CREATE_TICKET",
"UPDATE_TICKET",
"READ_TICKET_CATEGORY",
"UPDATE_ACCOUNT_LINK",
"REFUND_PAYMENTS"
]
}
}

Field Technician

These are also the minimum role permissions that would be expected for any user that is using the Sonar field app

Mutation

mutation ($fieldTech: CreateRoleMutationInput) {
  createRole(input: $fieldTech) {
    id
name
  }
}

Parameters

{
"fieldTech": {
"name": "Field Technician",
"applied_permissions": [
"UPDATE_TASK",
"CREATE_NOTE",
"UPDATE_NOTE",
"DELETE_NOTE",
"READ_FILE",
"CREATE_FILE",
"UPDATE_FILE",
"DELETE_FILE",
"CHECK_IN_OWN_JOB",
"COMPLETE_OWN_JOB",
"READ_DATA_USAGE_HISTORY",
"MODIFY_ACCOUNT_SERVICES",
"CREATE_PAYMENT_METHOD",
"CREATE_ACCOUNT_TRANSACTIONS",
"CREATE_PAYMENT",
"ASSIGN_ACCOUNT_INVENTORY",
"CREATE_IP_ASSIGNMENT",
"CREATE_RADIUS_ACCOUNT",
"CREATE_SNMP_OVERRIDE",
"READ_ACCOUNT",
"READ_PAYMENT_METHOD",
"READ_ACCOUNT_TRANSACTIONS",
"READ_ALL_INVENTORY",
"READ_IP_ASSIGNMENT",
"READ_RADIUS_ACCOUNT",
"READ_SNMP_OVERRIDE",
"UPDATE_ACCOUNT",
"UPDATE_PAYMENT_METHOD",
"UPDATE_ACCOUNT_TRANSACTIONS",
"UPDATE_CONTACT",
"UPDATE_IP_ASSIGNMENT",
"UPDATE_RADIUS_ACCOUNT",
"DELETE_PAYMENT_METHOD",
"DELETE_ACCOUNT_TRANSACTIONS",
"DELETE_CONTACT",
"DELETE_IP_ASSIGNMENT",
"DELETE_RADIUS_ACCOUNT",
"UPDATE_SNMP_OVERRIDE",
"DELETE_SNMP_OVERRIDE",
"UPDATE_INVENTORY_ITEM",
"READ_NETWORK_SITE",
"READ_ADDRESS_LIST",
"READ_NETWORK_MONITORING_TEMPLATE",
"READ_POLLER",
"READ_ALERTING_ROTATION",
"READ_JOB",
"UPDATE_JOB",
"READ_TICKET",
"UPDATE_TICKET",
"READ_SERVICE",
"UPDATE_SERVICE",
"READ_SERVICEABLE_ADDRESS",
"UPDATE_SERVICEABLE_ADDRESS",
"READ_INLINE_DEVICE",
"UPDATE_NETWORK_SITE",
"READ_PACKAGE",
"READ_PHONE_NUMBER_TYPE",
"READ_DHCP_SERVER",
"COMPLETE_OTHERS_TASKS",
"READ_SCHEDULED_EVENT",
"READ_CONTRACT",
"READ_CALL_LOG",
"CREATE_TICKET",
"UPDATE_DRIVERS"
]
}
}

Customer Portal User

Mutation

mutation createRole($customer_portal: CreateRoleMutationInput) {
createRole(input: $customer_portal) {
name
}
}

Parameters

{
"customer_portal"
:
{
"name": "Customer Portal",
"applied_permissions": [
"READ_DATA_USAGE_HISTORY",
"CREATE_TICKET",
"READ_TICKET",
"UPDATE_TICKET",
"CREATE_PAYMENT_METHOD",
"CREATE_PAYMENT",
"READ_ACCOUNT",
"READ_PAYMENT_METHOD",
"READ_ACCOUNT_TRANSACTIONS",
"READ_CONTRACT",
"UPDATE_PAYMENT_METHOD",
"UPDATE_ACCOUNT_TRANSACTIONS",
"UPDATE_CONTACT",
"UPDATE_CONTRACT",
"DELETE_PAYMENT_METHOD",
"CREATE_ACCOUNT_TRANSACTIONS",
"READ_INVOICE_ATTACHMENT",
"READ_INVOICE_MESSAGE",
"READ_SERVICE",
"CREATE_DATA_USAGE_TOP_OFF",
"READ_PACKAGE",
"MODIFY_ACCOUNT_SERVICES",
"READ_PAYMENT_PROCESSOR",
"UPDATE_ACCOUNT",
"READ_INBOUND_MAILBOX"
],
"note": {
"message": "Customer Portal",
"priority": "NORMAL"
}
}
}

How did we do?

Application Firewall: General Overview and Best Practices

Contact