This example demonstrates how to find and add a new user and roles in Pyramid, when using Active Directory authentication.
The example uses API authentication driven from JavaScript. See Authentication APIs for alternatives.
var pyramidURL = "http://mysite.com/api2/";
let token = callApi("auth/authenticateUserWindows",{},false);
log("got token "+token);
let defaultTenantResult = callApi("access/getDefaultTenant",{
"auth": token
});
let tenantId = defaultTenantResult.data;
log("default tenant, id= "+tenantId);
let searchUsers=callApi("access/searchAdUsers",{
"ldapUsersSearch":{
"domainNetBios":"myAdDomain",
"searchValue":"Smith",
"ldapSearchType": 0,
},
"auth": token
});
let adUser = searchUsers.data[0];
log("adUser = "+adUser.firstName);
let createUser = callApi("access/createUserAd",{
"newLdapUser": {
"userName": adUser.userName,
"adminType": 0,
"clientLicenseType": 100,
"tenantId": tenantId,
"adDomainName":"myAdDomain"
},
"auth": token
});
let userId = createUser.data.modifiedList[0].id;
log("created user "+userId);
let updateUser=callApi("access/updateUsersAd",{
"updateLdapUser":[{
"id": userId,
"adDomainName":"myAdDomain"
}],
"auth": token
});
let createRole=callApi("access/createRoles",{
"data": [{
"roleName": "role1",
"tenantId": tenantId
},{
"roleName": "role2",
"tenantId": tenantId
}],
"auth": token
});
let role1 = createRole.data.modifiedList[0].id;
let role2 = createRole.data.modifiedList[1].id;
log("created roles "+role1+","+role2);
let addUserToRole=callApi("access/addUserToRole",{
"addUserRoleData": {
"userId":userId,
"roleId":role1
},
"auth": token
});
let groups=callApi("access/searchAdGroupsForUser",{
"searchData": {
"domainNetBios":"myAdDomain",
"userName":adUser.userName
},
"auth": token
});
log("groups of " + adUser.userName" + "+JSON.stringify(groups.data));
let selectedGroup=groups.data[0];
let addRoleToAdGroup=callApi("access/changeRoleAdGroupMembership",{
"roleAdGroups": {
"roleId":role2,
"groupsToAdd":[{
"domainNetBios":selectedGroup.domainAddress,
"groupName":selectedGroup.name
}]
},
"auth": token
});
log("addRoleToAdGroup "+JSON.stringify(addRoleToAdGroup));
let groupsFound=callApi("access/getGroupsByRole",{
"roleId":role2,
"auth": token
});
log("found group "+groupsFound.data[0].name);
function log(msg){
document.write(msg);
console.log(msg);
}
function callApi(path,data,parseResult=true){
var xhttp = new XMLHttpRequest();
xhttp.withCredentials = true;
xhttp.open("POST", pyramidURL+path, false);
xhttp.send(JSON.stringify(data));
if(parseResult){
return JSON.parse(xhttp.responseText);
}else{
return xhttp.responseText;
}
}