Fork me on GitHub Fork me on GitHub

user.UserManager


<%
var carbon = require('carbon');
var tenantId = -1234;
var url = 'https://10.100.0.49:9443/admin/services/';
var server = new carbon.server.Server(url);
var userManager = new carbon.user.UserManager(server, tenantId);

print('Current User List : ');
print(userManager.listUsers(false) );
print('<br>');

userManager.addUser('chamila', 'chamila123', ["admin","Internal/everyone"], {}, 'default')
print('Added new User Chamila.<br>');
	
print('New User List : ');
print(userManager.listUsers(false) );
print('<br>');

print('Get User : ');
print(userManager.getUser('chamila'));
print('<br>');

print('User Exists : ');
print(userManager.userExists('admin', 'default'));
print('<br>');

userManager.removeUser('chamila');
print('User Removed Chamila.<br>');

print('New User List : ');
print(userManager.listUsers(false) );
print('<br>');

print('Get Claims list of Admin : ');
print(userManager.getClaims('admin', 'default'));
print('<br>');

print('Role List : ');
print(userManager.allRoles() );
print('<br>');

print('Check If Role Exist : ');
print(userManager.roleExists('employee') );
%>

Overview

UserManager object allows to do operations on the Carbon user store in Jaggery.


Operations

Operation Returns Description
UserManager(serv, tenantId)ObjectFollowing parameters should be passed to the constructor:

  • serv : carbon server instance which we connect to the user store.
  • tenantId: tenant id of user
var carbon = require('carbon');
var tenantId = -1234;
var url = 'https://10.100.0.49:9443/admin/services/';
var server = new carbon.server.Server(url);
var userManager = new carbon.user.UserManager(server, tenantId);
addUser(userName String, password String, roles Array, claims Object, profile String)NoneThis method adds a new user to the user store. It accepts the following parameters:

  • username (String) : user name to be added. This name should be unique.
  • password (String) : password for the new user.
  • roles (Array) : Array of roles that user should be added. If there are no such roles, an empty array should be passed.
  • claims (Object) : A JSON object which contains claims to be added to new user and their respective values.
  • profile (String) :
This adds user with specified details to the user store.
getUser(userName String)ObjectThis method checks if a user with given username exists in user store or not. It accepts the following parameters:

  • username (String) : username of the required user.
This method returns a user object.
userExists(userName String)BooleanThis method retrives a user with specified username. It accepts the following parameters:

  • username (String) : username to be checked.
This method returns a boolean value. If user exists it will return “true”.
removeUser(userName String)NoneThis method removes a user with specified username from user store. It accepts the following parameters:

  • username (String) : username of the user to be removed.
listUsers(filter String)ArrayThis method retrieves a list of all user names which follows given filter. It accepts the following parameters:

  • filter (String) : The string to filter out user. If you give an emplty string as filter, it will return list of all users.
setClaims(username String, claims Object, profile String)NoneThis method is used to set few user claims of a user at single time. It accepts the following parameters:

  • username (String) : username of the user whos claims to be set.
  • claims (Object) : A JSON object which contains the claims to be set and values for them.
  • profile (String) : The profile name can be null. If null the default profile is considered.
getClaims(username String, profile String)ObjectThis method get all claim values of the user in the profile. It accepts the following parameters:

  • username (String) : username of the user whos claims to be get.
  • profile (String) :
This returns a JSON object with all claims that user has and their values.
getClaimsForSet(username String, claims Array, profile String)ObjectThis method get specified user claim values in the profile. It accepts the following parameters:

  • username (String) : username of the user whos claims to be get.
  • claims (Array) : Array of claim URIs of required claims.
  • profile (String) : The profile name can be null. If null the default profile is considered.
This returns a JSON object with requested claims of the user and their values.
getClaim(username String, claim String, profile String)StringThis method get a single user claim value in the profile. It accepts the following parameters:

  • username (String) : username of the user whos claim to be get.
  • claim (String) : Claim URI of required claim.
  • profile (String) : The profile name can be null. If null the default profile is considered.
This returns value of requested claim as a String.
addRole(role String, users Array, permissions Object)NoneThis method adds a new role to the user store. It accepts the following parameters:

  • role (String) : new role name.
  • users (Array) : user array to be added to new role.
  • permissions (Object) : permissions and action list which new role should be authorized.
    var permissions = { 
    '/permission/admin/manage/extensions/add': ['ui.execute'],
    '/permission/admin/manage/extensions/list': ['ui.execute']
    };
allRoles()ArrayThis method returns an array with all roles in user store.
roleExists(role String)BooleanThis method checks if a role is there in user store. It accepts the following parameters:

  • role (String) : role name.
  • This returns 'true' if role exists in user store.
updateRole(previousRoleName String, newRoleName String)NoneThis method update the role name of given role. It accepts the following parameters:

  • previousRoleName (String) :
  • newRoleName (String) :
authorizeRole(role String, permission String, action String)NoneThis method is used to give permissions to a role in an action. It accepts the following parameters:

  • role (String) : role name.
  • permission (String) : permission path in permission tree.
  • action (String) : The action that should be granted to the role.
isAuthorized(role String, permission String, action String)BooleanThis method checks if a given role is authorized for given action. It accepts the following parameters:

  • role (String) : role name.
  • permission (String) : permission path in permission tree.
  • action (String) : The action.
  • This methods returns 'true' if the 'role' is authorized to do 'action' on 'permission'
denyRole(role String, permission String, action String)NoneThis method is used to remove permissions of a role in an action. It accepts the following parameters:

  • role (String) : role name.
  • permission (String) : permission path in permission tree.
  • action (String) : The action.
updateRoleListOfUser(username String, deletedRoles Array, newRoles Array)NoneThis method update the list of roles of a given user. It accepts the following parameters:

  • username (String) : username of the user whose role has to be updated.
  • deletedRoles (Array) : list of roles to be removed.
  • newRoles (Array) : list of roles to be added.
updateUserListOfRole(rolename String, deletedUsers Array, newUsers Array)NoneThis method update the list of users of a given role. It accepts the following parameters:

  • rolename (String) : name of the role to be updated.
  • deletedUsers (Array) : list of users to be removed.
  • newUsers (Array) : list of users to be added.