Workflows And Tickets
Note
Refer to Authentication for ways to authenticate to the TPP WebSDK.
Note
Refer to Applying And Removing Workflows for applying workflows.
Creating, Applying, & Deleting A Standard Workflow
from pytpp import Authenticate, Features, Attributes
api = Authenticate(...)
features = Features(api)
#### CREATE AND APPLY ####
workflow = features.workflow.standard.create(
name='Awesome Workflow',
parent_folder=r'\VED\Policy\Administration\Workflow',
stage=300,
injection_command="/bin/bash /run/something.sh",
application_class_name=Attributes.application.apache.__config_class__,
approvers=['local:AwesomeUser', 'AD+AwesomeAD:user123'],
macro='$Config[$Config[$WorkflowtargetDN$,"Owner Object"]$,"Contact"|"Approver"]$',
reason_code=100
)
features.folder.apply_workflow(
folder=r'\VED\Policy\Certificates\Awesome Team',
workflow=workflow
)
#### DELETE ####
features.workflow.standard.delete(workflow=r'\VED\Policy\Administration\Workflow\Awesome Workflow')
Creating, Applying, & Deleting An Adaptable Workflow
from pytpp import Authenticate, Features
api = Authenticate(...)
features = Features(api)
# Read in the file stream as bytes.
with open('SuperAwesomeScript.ps1', 'rb') as f:
script_content_in_bytes = f.read()
#### CREATE ####
workflow = features.workflow.adaptable.create(
name='Awesome Workflow',
parent_folder=r'\VED\Policy\Administration\Workflow',
stage=300,
approvers=['local:AwesomeUser', 'AD+AwesomeAD:user123'],
reason_code=100,
powershell_script_name='SuperAwesomeScript', # Name of the script minus the extension.
powershell_script_content=script_content_in_bytes,
use_approvers_from_powershell_script=True
)
#### APPLY ####
features.folder.apply_workflow(
folder=r'\VED\Policy\Certificates\Awesome Team',
workflow=workflow
)
#### DELETE ####
features.workflow.adaptable.delete(workflow=workflow)
Managing Workflow Tickets
Creating, Getting, & Deleting A Workflow Ticket
from pytpp import Authenticate, Features
api = Authenticate(...)
features = Features(api)
#### CREATE ####
features.workflow.ticket.create(
obj=r'\VED\Policy\Certificates\Awesome Team\awesome_cert.com',
workflow=r'\VED\Policy\Administration\Workflow\Awesome Workflow',
approvers=['local:AwesomeUser', 'AD+AwesomeAD:user123'],
reason=42
)
#### GET ####
# Multiple tickets can possibly exist on an object.
tickets = features.workflow.ticket.get(obj=r'\VED\Policy\Certificates\Awesome Team\awesome_cert.com')
#### DELETE ####
# This neither approves nor rejects the ticket.
features.workflow.ticket.delete(ticket_name=ticket)
Getting All Workflow Tickets Pending My Approval
from pytpp import Authenticate, Features, AttributeValues
api = Authenticate(...)
features = Features(api)
# Get all tickets pending my approval.
tickets = [
features.workflow.ticket.details(ticket)
for ticket in features.workflow.ticket.get()
]
pending_my_approval = [
ticket for ticket in tickets
if ticket.status == AttributeValues.Workflow.Status.pending
]
Approving And Rejecting Workflow Tickets
from pytpp import Authenticate, Features, AttributeValues
api = Authenticate(...)
features = Features(api)
# Get all tickets assigned to me. This includes all tickets of all statuses
# and not just pending tickets.
tickets = features.workflow.ticket.get()
# Decide whether to approve/reject each ticket based on a minimum RSA key size of 2048.
for ticket in tickets:
details = features.workflow.ticket.details(ticket_name=ticket)
certificate = features.certificate.details(details.issued_due_to)
if details.status == AttributeValues.Workflow.Status.pending:
if certificate.key_algorithm == AttributeValues.Certificate.KeyAlgorithm.rsa and \
certificate.key_size >= 2048:
features.workflow.ticket.update_status(
ticket_name=ticket, status=AttributeValues.Workflow.Status.approved,
explanation="I trust this certificate request."
)
else:
features.workflow.ticket.update_status(
ticket_name=ticket, status=AttributeValues.Workflow.Status.rejected,
explanation="This certificate does not meet the key size requirements.",
)
Creating & Deleting Reason Codes
from pytpp import Authenticate, Features
api = Authenticate(...)
features = Features(api)
#### CREATE ####
reason_code = features.workflow.reason_code.create(
code=42,
description='The answer to everything.',
name='Awesome Reason Code'
)
#### DELETE ####
features.workflow.reason_code.delete(
code=42,
name='Awesome Reason Code'
)