I'm successfully creating a new user using the valence API, setting the password and enrolling the new user into appropriate OUs.
(I've used the API reference at: http://docs.valence.desire2learn.com/reference.html)
I'm logged on using an account created for the application accessing the REST API.
I also want to set some of the profile fields for the new user;
I think I need to use the put profile function:
PUT /d2l/api/lp/(D2LVERSION: version)/profile/(D2LID: profileId)
My issue is how to find the profile id for the user i've just created.
It isn't returned in the user data for the created user and I can't see the API call which would let me retrieve the profile id of the newly created user.
Can anyone point me in the right direction?
Cheers
Alan
After creating a user you will have its user ID. If you make the following call (documentation)
GET /d2l/api/lp/(D2LVERSION: version)/enrollments/orgUnits/(D2LID: orgUnitId)/users/
You will get a list of all users enrolled in the provided org unit. Note that the result set of this call is paged (see the docs.) Each entry in the result is a Enrollment.OrgUnitUser, which contains a property "user" with a User.User value - which contains the users profile identifier.
You can skip ahead to the user you want by setting the bookmark value to the users userID. See the note in the green box in the documentation for the call for more information.
You can always use the root org for the orgUnitID parameter.
Related
How do i create a user and join that user into a channel with a friendly name ?
All the examples in the documentation located here assumes that a user with appropriate friendlyName is already present in the service instance.
So, if i want to join a user in my system to a channel, Do i need to first create a user using users rest api endpoint and then add that user as a member of a channel ?
channel.members.create(user.identity)
Above code above throws 409 conflict error if i re-create a user. So i am forced to fetch a user, see if the user exists then create the user. If user already exists, then I have to update the user with friendlyName.
I am forced to check if the user in my system exists in that service instance everytime that user joins a channel.
Is there a way I can join a user to a channel with friendly name so Twilio creates if the user doesn't exist and update friendly name if user already is in twilio service instance ?
This is the sequence of events I would like to see:
User in my system clicks join room button
Either from client side or server side, I join the user into that channel with identity and friendlyName.
Twilio creates a user/member in service instance and
channel if the user/member doesnt exist Twilio updates a
user/members friendly name if the user already exists.
2022 answer:
const participant = await conversation.getParticipantByIdentity(userIdentity);
if (!participant) {
await conversation.join();
}
And yes, yon need to use Conversation API.
Similar to the problem mentioned as below
How to implement ACL at a group level? E.g. only teachers in school A can update school A's calendar
I am trying to solve below scenario Using acl spring security
We got a scenario to share the students result to group of teachers.In this scenario when a teacher login he can see the result only if teacher have read permission on Result object.If we need to share the result to group of teachers having 10 members in the group with read permission we need to give 10 entires in ACL_Entry table .This would be complicated as entries will increase with increase in group members and increase in permissions.Is there any other way such that if i share the result to group there will only one acl entry with group having read permission on result object with which automatically the teachers should get permission to read the object.Can you also explain with example how the schema would be.
Please help
Possible duplicate:
spring-security-authorization-for-custom-usergroups
If you look at this question you will find this possible solution:
I am using user groups with ACL mechanism. Basically I make sure that when ACL is created for an object the owner is set. Then when another user tries to access this object the owner's groups are checked to see if there is a match.
This of course means that when user changes his groups then the object 'goes with him'.
If you don't want this behavior you can have group object's ACL as a parent acl for a secure object. Then when a user changes groups you should set the correct entries for group object ACL. This way the secure object is tied to the user group not the user himself.
Spring Security Domain Object Security (ACLs)
These are actually two other possibilities different to what is described in the question you linked.
There is also a brief conversation in the comments of the question I linked so make sure to read it if you are intrigued.
To sort out the above problem I used below approach.
I have users and user_role table in my schema.I m using db as authenticion manager in security context.
SchoolA is already the user of my application.
Whenever a teacher is added to schoolA Group .I m adding schoolA as role to the teacher along with user role.while sharing result object to the schoolA group with read permission .I m considering schoolA as a GrantedAuthoritySid instead of PrincpalSid. So principal column will be false for SchoolA sid in ACL_SID table.Whenever teacher logs in while getting the results we check whether the teacher has read permission on the result object.but as teacher has schoolA role and schoolA role is having read permission. I m able to get the result object when teacher logs in. In this way I solved my above problem.
I am using Umbraco 7.2.8. When a new Document of a specific type is saved, I am hooking into the ContentService.Saved event and I want to be able to set the Public Access to only allow a specific member group access to it. Just like I would do using the Gui here.
I see in the documentation here https://our.umbraco.org/documentation/Reference/Management/Services/ContentService There are a couple methods like
.AssignContentPermission(IContent content, char permission, IEnumerable userIds)
and
ReplaceContentPermissions(EntityPermissionSet permissionSet)
which both allow me to pass in a list of userIds users that have access but I am interested in setting the membership groups that have access as well as the Login Page and Error Page. How can I do this?
Used to do it like this. I think it still applies:
Access.ProtectPage(false,nodeIdOfPageToProtect,loginPageNodeId,errorPageNodeId);
Access.AddMembershipRoleToDocument(nodeIdOfPageToProtect,"roleName");
Methods are in umbraco.cms.businesslogic.web so make sure you set this for your page
using umbraco.cms.businesslogic.web;
Does that help?
This is probably a newbie question.
I have a table USER which contains info about login, pass and authorities. Depending on authority or role, detail information about each user can be found in one of following: Teacher, Student, Parent. When the User logs in, the information stored in USER table can be easly taken from security context.
I want to display first name and last name all the time in the header after log in - these can be fetched from the other tables.
My question is this: how do I handle storing one of these objects in session all the time? Or is it okay just to store User (its stored by spring) and then fetch particular table every time I need detail information?
I use spring security 3, hibernate, jsp, sitemash.
For more clarification:
I know how to deal with logged user and to restrict some content. Login details (id, pass, role) are stored in USER table and this is ok - I can fetch it and show whereever I want. The problem is that the details about a particular user (address, name, email, etc) are stored in in another table (STUDENT, TEACHER, PARENT - depending on the role in USER table). This is what I want to know on every page - for example to show his/her name.
TO cut it short -
1. you need to extend spring User to provide additional fields.
2. you need to implement UserDetailsService interface and reference it in the security context.
3. Now you can fetch your object in a controller like this: authentication.getPrincipal() - rememebr to cast to your type.
Additionaly - personally i always have AbstracController which is a base for every controller in my project. There, among others, I have method which returns current principal.
In the user api docs it is mentioned that to change the user's role at the organization level we need to use the schema "PUT /d2l/api/lp/(D2LVERSION: version)/users/(D2LID: userId)"
This requires UpdateUserData JSON block as input, but the UpdateUserData JSON block does not have a role id in it. How, then, will we pass the new role of the user?
Role applies to a particular level in the organization so is not an intrinsic property of a user but rather property of the relationship between a user and the org or user and the org unit (department, course etc).
So you could delete and then create the user’s enrollment at the org level . (Id for the org level is retrieved with org info call )
The operation to delete the enrollment is on the enrollment page. And the operation to create the enrollment is on the same page.
However, it is NOT typical for a user to have no enrollment at the org level (e.g. if there was a connection interrupt between delete and create it is not clear what that state of not being enrolled in the org would mean)
I am not sure this fits your application, but, more typical than adding and removing enrollments at the org level is to add and remove them in a particular org level. That way the user always has a presence in the org, but, you can govern permissions via that org unit.