This example demonstrates how to find and add a new user and roles in Pyramid, when using Active Directory authentication.
The example uses API authentication driven from JavaScript. See Authentication APIs for alternatives.
var pyramidURL = "http://mysite.com/api3/";
let token = callApi("authentication/authenticateUserWindows",{},"",false);
log("got token "+token);
let defaultTenantResult = callApi("access/getDefaultTenant",{},
token
);
let tenantId = defaultTenantResult;
log("default tenant, id= "+tenantId);
let searchUsers=callApi("access/searchExternalUsers",{
"domainName":"myAdDomain",
"searchValue":"Smith",
"externalSearchType": 0,
},token
);
let adUser = searchUsers[0];
log("adUser = "+adUser.firstName);
let createUser = callApi("access/createUsersFromSearch",[
{
"userName": adUser.username,
"adminType": 0,
"clientLicenseType": 100,
"statusID": 1,
"tenantId": tenantId,
"domainName":"myAdDomain"
}
],token );
let userId = createUser.modifiedList[0].id;
log("created user "+userId);
let updateUser=callApi("access/updateUsersFromSearch",[{
"userName": adUser.username,
"adDomainName":"myAdDomain",
"clientLicenseType": 200,
}],token );
let createRole=callApi("access/createRoles",[{
"roleName": "role1",
"tenantId": tenantId,
"isGroupRole": false
},{
"roleName": "role2",
"tenantId": tenantId,
"isGroupRole": false
}],token);
let role1 = createRole.modifiedList[0].id;
let role2 = createRole.modifiedList[1].id;
log("created roles "+role1+","+role2);
let addUserToRole=callApi("access/addUserToRole",{
"userId":userId,
"roleId":role1
},token );
let groups=callApi("access/searchUserGroups",{
"domainName":"myAdDomain",
"username":adUser.username
},token );
log("groups of " + adUser.username+" + "+JSON.stringify(groups));
let selectedGroup=groups[0];
let addRoleToAdGroup=callApi("access/updateRoleGroups",{
roleId:"role2",
"groupsToAdd":[{
"domainName":selectedGroup.domainAddress,
"groupName":selectedGroup.name
}]
},token );
log("addRoleToAdGroup "+JSON.stringify(addRoleToAdGroup));
let groupsFound=callApi("access/getRoleGroups",role2,token );
log("found group "+groupsFound[0].name);
function log(msg){
document.write(msg);
console.log(msg);
}
function callApi(path,data,token="",parseResult=true){
var xhttp = new XMLHttpRequest();
xhttp.withCredentials = true;
xhttp.open("POST", pyramidURL+path, false);
xhttp.setRequestHeader("paToken",token)
xhttp.send(JSON.stringify(data));
if(parseResult){
return JSON.parse(xhttp.responseText);
}else{
return xhttp.responseText;
}
}