dhis2-devs team mailing list archive

Thread
Date

Re: Query regarding /api/users

To: Mahendra Kariya <mahendra.kariya@xxxxxxxxxxxxxxxx>
From: Morten Olav Hansen <mortenoh@xxxxxxxxx>
Date: Tue, 15 Apr 2014 15:54:55 +0700
Cc: twmsf <twmsf@xxxxxxxxxxxxxxxx>, DHIS 2 Developers list <dhis2-devs@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <CALCHnJ-Pvkou6=y6n9w=z6j60moMJKECcG5i4bE6-USYNU5_MQ@mail.gmail.com>

What values are you trying to change? It's working fine here.. Tested with
disabled etc
On Apr 15, 2014 3:30 PM, "Mahendra Kariya" <mahendra.kariya@xxxxxxxxxxxxxxxx>
wrote:

> Sorry Morten. This is not working.
>
> After line 585 in DefaultIdentifiableObjectImporter is executed
> successfully, the values in the expression *((User)
> persistedObject).getUserCredentials()* are not changing.
>
>
>
> Thanks,
> Mahendra
> *Thought*Works
>
>
>
> On Tue, Apr 15, 2014 at 1:13 PM, Morten Olav Hansen <mortenoh@xxxxxxxxx>wrote:
>
>> This should now be fixed in rev 14867.
>>
>> --
>> Morten
>>
>>
>> On Mon, Apr 14, 2014 at 8:02 PM, Mahendra Kariya <
>> mahendra.kariya@xxxxxxxxxxxxxxxx> wrote:
>>
>>> Hi Morten,
>>>
>>> We are trying to disable the user using PUT on /api/users/{id}. But when
>>> we are doing a HTTP GET on the user, we are not able to see the updated
>>> value. We debugged the code, but got lost somewhere at
>>> DefaultIdentifiableObjectImporter.reattachField(). Could you please help us
>>> out?
>>>
>>>
>>> The JSON payload that we are sending is as follows.
>>>
>>>
>>> {
>>>     "name": "Name Name",
>>>     "surname": "Name",
>>>     "firstName": "Name",
>>>     "email": "name.name@xxxxxxxxx",
>>>     "organisationUnits": [
>>>         {
>>>             "name": "org",
>>>             "id": "company_0"
>>>         }
>>>     ],
>>>     "userCredentials": {
>>>         "username": "name.name@xxxxxxxxx",
>>>         "userAuthorityGroups": [
>>>             {
>>>                 "name": "HQ",
>>>                 "id": "hq"
>>>             }
>>>         ],
>>>         "selfRegistered": false,
>>>         "password": "Password1",
>>>       "disabled": true
>>>     },
>>>     "id": "nWSreYohGrM"
>>> }
>>>
>>>
>>>
>>>
>>> Thanks,
>>> Mahendra
>>> *Thought*Works
>>>
>>>
>>>
>>> On Mon, Apr 14, 2014 at 2:05 PM, Morten Olav Hansen <mortenoh@xxxxxxxxx>wrote:
>>>
>>>> Hi
>>>>
>>>> We don't provide any web-api service for directly disabling a user, but
>>>> you can update the user with userCredentials.disabled = true, which will
>>>> disallow the user to login.
>>>>
>>>> --
>>>> Morten
>>>>
>>>>
>>>> On Mon, Apr 14, 2014 at 3:30 PM, Mahendra Kariya <
>>>> mahendra.kariya@xxxxxxxxxxxxxxxx> wrote:
>>>>
>>>>> Thanks! We are running into foreign key issues when we are trying to
>>>>> delete a user. Could you please point us to the API with which we can
>>>>> disable the user?
>>>>>
>>>>>
>>>>> On Mon, Apr 14, 2014 at 1:39 PM, Morten Olav Hansen <
>>>>> mortenoh@xxxxxxxxx> wrote:
>>>>>
>>>>>> That code is located in AbstractCrudController
>>>>>>
>>>>>> --
>>>>>> Morten
>>>>>>
>>>>>>
>>>>>> On Mon, Apr 14, 2014 at 3:05 PM, Mahendra Kariya <
>>>>>> mahendra.kariya@xxxxxxxxxxxxxxxx> wrote:
>>>>>>
>>>>>>> Hi Morten,
>>>>>>>
>>>>>>> Thank you for the prompt reply.
>>>>>>> I don't see any code (in trunk) in UserController.java that supports
>>>>>>> the delete functionality. Could you please tell us when should we expect to
>>>>>>> have this in trunk?
>>>>>>>
>>>>>>> We will submit a patch for point 2 ASAP.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Thanks,
>>>>>>> Mahendra
>>>>>>> *Thought*Works
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Mon, Apr 14, 2014 at 12:57 PM, Morten Olav Hansen <
>>>>>>> mortenoh@xxxxxxxxx> wrote:
>>>>>>>
>>>>>>>>
>>>>>>>>>    1. Is there an any way to delete a user using the API?
>>>>>>>>>
>>>>>>>>> You should be able to delete a user by doing a DELETE request to
>>>>>>>> /api/users/UID in 2.15, be aware that there might be some foreign keys etc
>>>>>>>> getting in the way, so another solution might be to disable the user
>>>>>>>>
>>>>>>>>
>>>>>>>>>
>>>>>>>>>    1. We want "admin" user to update the details of other users
>>>>>>>>>    using the API. Currently it requires the password of the user which is
>>>>>>>>>    getting updated. Without the user's password, "admin" can't do an update.
>>>>>>>>>    Is there any other way to do it?
>>>>>>>>>
>>>>>>>>> Currently, no.. but it should be trivial to include a parameter,
>>>>>>>> "ignorePassword" or something like that.. that would simply continue using
>>>>>>>> the old password, feel free to provide a patch :-)
>>>>>>>>
>>>>>>>> --
>>>>>>>> Morten
>>>>>>>>
>>>>>>>>
>>>>>>>>>
>>>>>>>>>    1.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> If the community feels both these cases are general enough to be
>>>>>>>>> included in DHIS, we would like to submit patches in case this
>>>>>>>>> functionality is not available.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Thanks,
>>>>>>>>> Mahendra
>>>>>>>>> *Thought*Works
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>

References

Re: Query regarding /api/users
From: Morten Olav Hansen, 2014-04-14
Re: Query regarding /api/users
From: Morten Olav Hansen, 2014-04-14
Re: Query regarding /api/users
From: Morten Olav Hansen, 2014-04-14
Re: Query regarding /api/users
From: Morten Olav Hansen, 2014-04-15