Class Account
The Account class represents a set of credentials that is used to access IT systems. Most users (actual people) will have several accounts associated with their computing identity. Additionally, in many cases a single account may have multiple possible representations, as for example a Windows account may have a domain notation and an LDAP notation.
When using Sentinel to store identity data, you can associate accounts with that identity using the Identity.attachAccounts() method.
Accounts are exported to a map that is used by the Mapping Service to inject identity
information into real-time events.
Defined in: account.js.
Constructor Attributes | Constructor Name and Description |
---|---|
Account(properties)
Creates a new Account object.
|
Field Attributes | Field Name and Description |
---|---|
The authority (namespace/domain/container) within which this account exists.
|
|
The customer ID that owns this account.
|
|
Stores the UUID of the associated Identity.
|
|
The base name (not including any authority information such as namespace/domain/container) of the account.
|
|
The status of the account.
|
Method Attributes | Method Name and Description |
---|---|
attachTrust(trust)
This method attaches a trust to an account.
|
|
<static> |
Account.find(params)
Finds the account(s) with the same attributes as the passed-in filter.
|
Retrieves the trust(s) currently associated with this account.
|
|
save()
This method saves the Account object.
|
Class Detail
Account(properties)
Creates a new Account object.
You can pass in a JSON string or a prototype Account object.
- Parameters:
- {JSON} properties
- Initial properties to define account
Field Detail
{String}
Authority
The authority (namespace/domain/container) within which this account exists.
{String}
CustomerId
The customer ID that owns this account. Should match the MSSP Customer information
injected into event data gathered from the same customer.
- See:
- Customer
{UUID}
IdentityGuid
Stores the UUID of the associated Identity.
{String}
Name
The base name (not including any authority information such as namespace/domain/container) of the account.
{Enum}
Status
The status of the account.
- A - Active
- I - Inactive
- D - Deleted (we never delete entries, but record them as deleted)
- U - Undefined
Method Detail
attachTrust(trust)
This method attaches a trust to an account.
Example:
var myAcct = Account.find({IdentityGuid: "5CECEA10-E3DF-102A-91F5-005056C00008"}); var acct = new Account(myAcct[0]); acct.attachTrust(new Trust({Name: "Admin", Authority: "Unix", Type: "Role"}); acct.save();
- Parameters:
- trust
- Throws:
- {String}
- Throws an string exception describing the error.
<static>
{Account[]}
Account.find(params)
Finds the account(s) with the same attributes as the passed-in filter.
All attributes are matched as with an AND operator. You can pass in a string in JSON
notation or a prototype Account object.
Example:
var myAccts = Account.find({IdentityGuid: "cn=JoeSmith,ou=Active,ou=Users,o=Vault"}); var myAccts = Account.find({Name : "Joe Smith", Authority : "Novell"});
- Parameters:
- {JSON} params
- notation of the account attributes
- Throws:
- {String}
- Throws an string exception describing the error.
- Returns:
- {Account[]} Returns an array of Accounts found. The array could be of size 0 if no accounts match the search criteria.
getTrusts()
Retrieves the trust(s) currently associated with this account. If no trusts are
attached, an empty array ([]) will be returned.
Example:
var trust1 = new Trust({ Name:"Developer", Authority:"SAP", Description:"SAP Role", Type:"Role", CustomerId:"345"}); trust1.save(); var acc = new Account({Name: "ssouth", Authority: "NOVELL", Status: "Active", CustomerId: 17 }); acc.attachTrust(trust1); var attachedTrusts = acc.getTrusts();
{Boolean}
save()
This method saves the Account object.
Example:
var myAcct = Account.find({IdentityGuid: "5CECEA10-E3DF-102A-91F5-005056C00008"}); var acct = new Account(myAcct[0]); acct["Authority"] = "New_Authority"; acct.save();
- Throws:
- {String}
- Throws an string exception describing the error.
- Returns:
- {Boolean} Result