{ 
    id: string 
    The database key of the component; an incoming component can be identified either by its database key, or by its unique name, or by its name with qualifiers which are unique when combined; when this database key is present, it takes precedence and componentName and qualifiers(when present) are used to verify the retrieved component 

     componentName: string 
    The name of the component; an incoming component can be identified either by its database key, or by its unique name, or by its name with qualifiers which are unique when combined; this name is used to verify any component retrieved by database key, and is used if there is no database key or if the database key fails to resolve; for componentType Configuration and HardwareInventory, componentName is the created timestamp (in milliseconds); for componentType SecurityVulnerability, componentName is the securityVulnerabilityID; for componentType SnmpManagerStation, componentName is the address 

     componentType: string * 
    The type of the component, used to verify what is retrieved by key/name; valid values are: Combogroup, Condition, Configuration, Device, DeviceAdapter, DeviceAgent, DeviceSecurityProfile DynamicField, EmailDistributionList, Group, HardwareInventory, JobApprovalType, Keyword, Model, OsImage, PredefinedJob, Realm, RemoteFileServer, Role, Rule, RuleSet, SecurityVulnerability, SnmpManagerStation, Template, and User 

     qualifiers: { 
      Any additional single qualifier needed to identify the component uniquely, when the name alone is not sufficient; the map key is the extra attribute name string; the map value string completes the identification of the component; for componentType Configuration and HardwareInventory: key=deviceKey, value=database key of the device the item belongs to, key=deviceName, value=name of the device the item belongs to, key=timestamp, value=creation date/time in server display format; for componentType DeviceAdapter: key=adapterType, value=type of the device adapter, key=parent, value=parent or owner used for organizing certain types of adapters, key=vendorName, value=name of the vendor that owns a device type; for componentType DynamicField: key=type, value=base class name of the component associated with the dynamic field; for componentType Group, ComboGroup: key=realmName, value=name of the realm the group belongs to; for componentType Model: key=vendorGuid, value=the vendor GUID; for componentType OsImage: key=filename, value=name of the file(s) making up the image; for componentType SecurityVulnerability: key=vendorGuid, value=the vendor GUID 
    } 
}

{ 
    id: string 
    The database key of the dynamic field whose value this is (read-only) 

     name: string 
    The name of the dynamic field (read-only) 

     values: [ 
      The value(s) for the dynamic field; for a single-value field, only the first entry is relevant; read-only for Auto Derived and Configuration Profiled types 

       string 
    ] 

     dynamicFieldDetailsLink: string 
    Link to get more detailed information about the dynamic field (read-only) 
}

[ 
    A list of JSON Patch operations 

     JsonPatch.OneOperation
  ]

{ 
}

string 
  Pointer or path to an element or property

{ 
    op: string * 
   Enum: [
     "add"
   ]
    value: any * 
    path: JsonPatch.Pointer*
}

{ 
    op: string * 
   Enum: [
     "remove"
   ]
    path: JsonPatch.Pointer*
}

{ 
    op: string * 
   Enum: [
     "replace"
   ]
    value: any * 
    path: JsonPatch.Pointer*
}

{ 
    op: string * 
   Enum: [
     "move"
   ]
    path: JsonPatch.Pointer*
    from: JsonPatch.Pointer*
}

{ 
    op: string * 
   Enum: [
     "copy"
   ]
    path: JsonPatch.Pointer*
    from: JsonPatch.Pointer*
}

{ 
    op: string * 
   Enum: [
     "test"
   ]
    value: any * 
    path: JsonPatch.Pointer*
}

{ 
    realm: ComponentId
    The realm 

     rights: [ 
      The network rights granted to the realm 

       string 
    ] 
}

{ 
    id: string 
    The role's unique database key (read-only) 

     name: string * 
    The role's unique display name 

     associatedUsernames: string 
    The users who belong to this role (read-only) 

     canCopyFlag: boolean 
    Whether or not the user is allowed to copy this role (read-only) 

     canDeleteFlag: boolean 
    Whether or not the user is allowed to delete this role (read-only) 

     canEditFlag: boolean 
    Whether or not the user is allowed to edit this role (read-only) 

     fullNetworkRightsFlag: boolean 
    Whether or not this role has access to all network rights in all current and future realms; read-only and always true for the root role 

     networkRights: [ 
      The network rights granted to each specified realm, with no rights granted to any realm that does not appear; used only when the fullNetworkRightsFlag is false 

       NetworkRightsDTO
    ] 

     restrictedToReportingSystemFlag: boolean 
    Whether or not this role exists only to support an external reporting system which imports users and their role associations which are meaningful to that reporting system; when true, the role is intended to control access within an external reporting system that has no means for creating its own users and roles (hence they are imported); the role cannot have any system or network rights; when false, the role is a normal role for use within TSNA proper; read-only and always false for the root role 

     rootRoleFlag: boolean 
    Whether or not this is the root role, which grants universal access; true only for the Administrator role; false for all other roles (read-only) 

     systemRights: [ 
      System rights granted to this role; read-only for the root role 

       string 
    ] 

     dynamicFields: [ 
      The dynamic fields 

       DynamicFieldValueDTO
    ] 
}

{ 
    roles: [ 
      The roles to be modified; cannot include any role that has full network rights 

       ComponentId
    ] * 

     realms: [ 
      The realms whose network rights are to be modified in the selected roles; required when network rights are to be modified 

       ComponentId
    ] 

     networkRights: { 
      The changes to be made to the network rights in the selected realms in the selected roles; this is a map where the key is a network right string, and the value is a flag indicating the type of change to make to the right; for the flag value, a null means no change, a true means grant the right, and a false means revoke the right 
    } 

     systemRights: { 
      The changes to be made to the system rights in the selected roles; this is a map where the key is a system right string, and the value is a flag indicating the type of change to make to the right; for the flag value, a null means no change, a true means grant the right, and a false means revoke the right 
    } 
}

{ 
    copyFullNetworkRightsFlag: boolean 
    Whether or not to enable full network rights in the destination role; allowed only when the source role has full network rights 

     copyGroupAclsFlag: boolean 
    Whether or not all static groups are updated to copy the source role's rights to the destination role 

     copyNetworkRightsToAllRealmsFlag: boolean 
    Whether or not the source realm's network right are copied to all the realms in the destination role 

     copyRuleSetAclsFlag: boolean 
    Whether or not all rule sets are updated to copy the source role's rights to the destination role 

     copySystemRightsFlag: boolean 
    Whether or not system rights are copied from the source role to the destination role 

     copyTemplateAclsFlag: boolean 
    Whether or not all templates are updated to copy the source role's rights to the destination role 

     destinationRole: ComponentId*
    The role whose rights are updated to be the same as the selected rights in the source role 

     networkRightsDestinationRealms: [ 
      When not copying to all realms, which specific destination realms are updated 

       ComponentId
    ] 

     networkRightsSourceRealm: ComponentId
    The realm within the source role whose network rights are to be copied into the selected realms in the destination role; can be used only when the source role does not have full network rights 

     sourceRole: ComponentId*
    The role whose rights are to be copied 
}