Thread: Creating users using the API
View Single Post
  #2 (permalink)  
Old 07-20-2007, 08:01 AM
ncushing ncushing is offline
Administrator
  
Join Date: Mar 2007
Location: Prezza Technologies
Posts: 187
Default
Shane,

The first issue is that the User Management Web Services layer will be part of Checkbox 4.3, which is currently in QA and expected to be released in the first half of next month. This is likely why you can't find the services folder or the WebServiceProxy.dll.

There should be a document (WebServiceDeveloper.pdf) that describes how to build a Visual Studio project that consumes a web service. If you do not have this document, please contact support. Since it is new to version 4.3, it may not have been provided as part of the developer documentation package.

To answer your specific questions:
1) Checkbox allows users and user profile information to be stored separately. As a result, you would create the user first then store the profile. If you are using the web services, you can do this all in one step via the CreateUser(...) method.

2) Outside of a web service, you would use the RoleManager.AddIdentityToRole(userName, roleID) method. Using the Web Services API, you would call SetUserRoles(...). Both of these appear to have been omitted from the documentation, so I'll make sure they get into the documentation for 4.3.

??) This is somethign we've fixed in 4.3. Some of the user group management functions performed auth checks that hindered using the API via web services or some other method. These methods expected that a user principal had been logged-in via the UserManager.AuthenticateUser(...) which is usually only the case when modifying the Checkbox web application, not when writing third party apps. As I stated above, this limitation has been addressed in 4.3.

3) Permission checks are done in two parts. The first is to check that a user is in a role that allows the operation, and the second is to check the ACL permission on the resource for the actual object to be modified. To create a group, a user needs to be in the Group Administrator role and to edit a group, a user should have Group.Edit permission on a particular group's ACL.

4) Sorry for any confusion here. It looks like the documentation you recieved was a little bit ahead of the release.

-Noah
Reply With Quote