dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #29448
Re: Query regarding /api/users
Great :)
--
Morten
On Tue, Apr 15, 2014 at 4:26 PM, Mahendra Kariya <
mahendra.kariya@xxxxxxxxxxxxxxxx> wrote:
> Its working! :-)
> There was some issue with the DHIS build. It was picking up the old war
> file all this time.
>
> Thanks a ton!
>
>
> On Tue, Apr 15, 2014 at 2:24 PM, Morten Olav Hansen <mortenoh@xxxxxxxxx>wrote:
>
>> What values are you trying to change? It's working fine here.. Tested
>> with disabled etc
>> On Apr 15, 2014 3:30 PM, "Mahendra Kariya" <
>> mahendra.kariya@xxxxxxxxxxxxxxxx> wrote:
>>
>>> Sorry Morten. This is not working.
>>>
>>> After line 585 in DefaultIdentifiableObjectImporter is executed
>>> successfully, the values in the expression *((User)
>>> persistedObject).getUserCredentials()* are not changing.
>>>
>>>
>>>
>>> Thanks,
>>> Mahendra
>>> *Thought*Works
>>>
>>>
>>>
>>> On Tue, Apr 15, 2014 at 1:13 PM, Morten Olav Hansen <mortenoh@xxxxxxxxx>wrote:
>>>
>>>> This should now be fixed in rev 14867.
>>>>
>>>> --
>>>> Morten
>>>>
>>>>
>>>> On Mon, Apr 14, 2014 at 8:02 PM, Mahendra Kariya <
>>>> mahendra.kariya@xxxxxxxxxxxxxxxx> wrote:
>>>>
>>>>> Hi Morten,
>>>>>
>>>>> We are trying to disable the user using PUT on /api/users/{id}. But
>>>>> when we are doing a HTTP GET on the user, we are not able to see the
>>>>> updated value. We debugged the code, but got lost somewhere at
>>>>> DefaultIdentifiableObjectImporter.reattachField(). Could you please help us
>>>>> out?
>>>>>
>>>>>
>>>>> The JSON payload that we are sending is as follows.
>>>>>
>>>>>
>>>>> {
>>>>> "name": "Name Name",
>>>>> "surname": "Name",
>>>>> "firstName": "Name",
>>>>> "email": "name.name@xxxxxxxxx",
>>>>> "organisationUnits": [
>>>>> {
>>>>> "name": "org",
>>>>> "id": "company_0"
>>>>> }
>>>>> ],
>>>>> "userCredentials": {
>>>>> "username": "name.name@xxxxxxxxx",
>>>>> "userAuthorityGroups": [
>>>>> {
>>>>> "name": "HQ",
>>>>> "id": "hq"
>>>>> }
>>>>> ],
>>>>> "selfRegistered": false,
>>>>> "password": "Password1",
>>>>> "disabled": true
>>>>> },
>>>>> "id": "nWSreYohGrM"
>>>>> }
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> Thanks,
>>>>> Mahendra
>>>>> *Thought*Works
>>>>>
>>>>>
>>>>>
>>>>> On Mon, Apr 14, 2014 at 2:05 PM, Morten Olav Hansen <
>>>>> mortenoh@xxxxxxxxx> wrote:
>>>>>
>>>>>> Hi
>>>>>>
>>>>>> We don't provide any web-api service for directly disabling a user,
>>>>>> but you can update the user with userCredentials.disabled = true, which
>>>>>> will disallow the user to login.
>>>>>>
>>>>>> --
>>>>>> Morten
>>>>>>
>>>>>>
>>>>>> On Mon, Apr 14, 2014 at 3:30 PM, Mahendra Kariya <
>>>>>> mahendra.kariya@xxxxxxxxxxxxxxxx> wrote:
>>>>>>
>>>>>>> Thanks! We are running into foreign key issues when we are trying to
>>>>>>> delete a user. Could you please point us to the API with which we can
>>>>>>> disable the user?
>>>>>>>
>>>>>>>
>>>>>>> On Mon, Apr 14, 2014 at 1:39 PM, Morten Olav Hansen <
>>>>>>> mortenoh@xxxxxxxxx> wrote:
>>>>>>>
>>>>>>>> That code is located in AbstractCrudController
>>>>>>>>
>>>>>>>> --
>>>>>>>> Morten
>>>>>>>>
>>>>>>>>
>>>>>>>> On Mon, Apr 14, 2014 at 3:05 PM, Mahendra Kariya <
>>>>>>>> mahendra.kariya@xxxxxxxxxxxxxxxx> wrote:
>>>>>>>>
>>>>>>>>> Hi Morten,
>>>>>>>>>
>>>>>>>>> Thank you for the prompt reply.
>>>>>>>>> I don't see any code (in trunk) in UserController.java that
>>>>>>>>> supports the delete functionality. Could you please tell us when should we
>>>>>>>>> expect to have this in trunk?
>>>>>>>>>
>>>>>>>>> We will submit a patch for point 2 ASAP.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Thanks,
>>>>>>>>> Mahendra
>>>>>>>>> *Thought*Works
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Mon, Apr 14, 2014 at 12:57 PM, Morten Olav Hansen <
>>>>>>>>> mortenoh@xxxxxxxxx> wrote:
>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>> 1. Is there an any way to delete a user using the API?
>>>>>>>>>>>
>>>>>>>>>>> You should be able to delete a user by doing a DELETE request to
>>>>>>>>>> /api/users/UID in 2.15, be aware that there might be some foreign keys etc
>>>>>>>>>> getting in the way, so another solution might be to disable the user
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> 1. We want "admin" user to update the details of other users
>>>>>>>>>>> using the API. Currently it requires the password of the user which is
>>>>>>>>>>> getting updated. Without the user's password, "admin" can't do an update.
>>>>>>>>>>> Is there any other way to do it?
>>>>>>>>>>>
>>>>>>>>>>> Currently, no.. but it should be trivial to include a parameter,
>>>>>>>>>> "ignorePassword" or something like that.. that would simply continue using
>>>>>>>>>> the old password, feel free to provide a patch :-)
>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>>> Morten
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> 1.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> If the community feels both these cases are general enough to be
>>>>>>>>>>> included in DHIS, we would like to submit patches in case this
>>>>>>>>>>> functionality is not available.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Thanks,
>>>>>>>>>>> Mahendra
>>>>>>>>>>> *Thought*Works
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>
References