Query regarding /api/users

   1. Is there an any way to delete a user using the API?

You should be able to delete a user by doing a DELETE request to

/api/users/UID in 2.15, be aware that there might be some foreign keys etc
getting in the way, so another solution might be to disable the user

   1. We want "admin" user to update the details of other users using the
   API. Currently it requires the password of the user which is getting
   updated. Without the user's password, "admin" can't do an update. Is there
   any other way to do it?

Currently, no.. but it should be trivial to include a parameter,

"ignorePassword" or something like that.. that would simply continue using
the old password, feel free to provide a patch :slight_smile:

···

--
Morten

   1.

If the community feels both these cases are general enough to be included
in DHIS, we would like to submit patches in case this functionality is not
available.

Thanks,
Mahendra
*Thought*Works

That code is located in AbstractCrudController

···


Morten

On Mon, Apr 14, 2014 at 3:05 PM, Mahendra Kariya mahendra.kariya@thoughtworks.com wrote:

Hi Morten,

Thank you for the prompt reply.

I don’t see any code (in trunk) in UserController.java that supports the delete functionality. Could you please tell us when should we expect to have this in trunk?

We will submit a patch for point 2 ASAP.

Thanks,

Mahendra

ThoughtWorks

On Mon, Apr 14, 2014 at 12:57 PM, Morten Olav Hansen mortenoh@gmail.com wrote:

  1. Is there an any way to delete a user using the API?

You should be able to delete a user by doing a DELETE request to /api/users/UID in 2.15, be aware that there might be some foreign keys etc getting in the way, so another solution might be to disable the user

  1. We want “admin” user to update the details of other users using the API. Currently it requires the password of the user which is getting updated. Without the user’s password, “admin” can’t do an update. Is there any other way to do it?

Currently, no… but it should be trivial to include a parameter, “ignorePassword” or something like that… that would simply continue using the old password, feel free to provide a patch :slight_smile:

Morten

If the community feels both these cases are general enough to be included in DHIS, we would like to submit patches in case this functionality is not available.

Thanks,

Mahendra

ThoughtWorks

Hi

We don’t provide any web-api service for directly disabling a user, but you can update the user with userCredentials.disabled = true, which will disallow the user to login.

···


Morten

On Mon, Apr 14, 2014 at 3:30 PM, Mahendra Kariya mahendra.kariya@thoughtworks.com wrote:

Thanks! We are running into foreign key issues when we are trying to delete a user. Could you please point us to the API with which we can disable the user?

On Mon, Apr 14, 2014 at 1:39 PM, Morten Olav Hansen mortenoh@gmail.com wrote:

That code is located in AbstractCrudController


Morten

On Mon, Apr 14, 2014 at 3:05 PM, Mahendra Kariya mahendra.kariya@thoughtworks.com wrote:

Hi Morten,

Thank you for the prompt reply.

I don’t see any code (in trunk) in UserController.java that supports the delete functionality. Could you please tell us when should we expect to have this in trunk?

We will submit a patch for point 2 ASAP.

Thanks,

Mahendra

ThoughtWorks

On Mon, Apr 14, 2014 at 12:57 PM, Morten Olav Hansen mortenoh@gmail.com wrote:

  1. Is there an any way to delete a user using the API?

You should be able to delete a user by doing a DELETE request to /api/users/UID in 2.15, be aware that there might be some foreign keys etc getting in the way, so another solution might be to disable the user

  1. We want “admin” user to update the details of other users using the API. Currently it requires the password of the user which is getting updated. Without the user’s password, “admin” can’t do an update. Is there any other way to do it?

Currently, no… but it should be trivial to include a parameter, “ignorePassword” or something like that… that would simply continue using the old password, feel free to provide a patch :slight_smile:

Morten

If the community feels both these cases are general enough to be included in DHIS, we would like to submit patches in case this functionality is not available.

Thanks,

Mahendra

ThoughtWorks

This should now be fixed in rev 14867.

···


Morten

On Mon, Apr 14, 2014 at 8:02 PM, Mahendra Kariya mahendra.kariya@thoughtworks.com wrote:

Hi Morten,

We are trying to disable the user using PUT on /api/users/{id}. But when we are doing a HTTP GET on the user, we are not able to see the updated value. We debugged the code, but got lost somewhere at DefaultIdentifiableObjectImporter.reattachField(). Could you please help us out?

The JSON payload that we are sending is as follows.

{

“name”: “Name Name”,

“surname”: “Name”,

“firstName”: “Name”,

“email”: "name.name@email.org",

“organisationUnits”: [

{

“name”: “org”,

“id”: “company_0”

}

],

“userCredentials”: {

“username”: "name.name@email.org",

“userAuthorityGroups”: [

{

“name”: “HQ”,

“id”: “hq”

}

],

“selfRegistered”: false,

“password”: “Password1”,

“disabled”: true

},

“id”: “nWSreYohGrM”

}

Thanks,

Mahendra

ThoughtWorks

On Mon, Apr 14, 2014 at 2:05 PM, Morten Olav Hansen mortenoh@gmail.com wrote:

Hi

We don’t provide any web-api service for directly disabling a user, but you can update the user with userCredentials.disabled = true, which will disallow the user to login.


Morten

On Mon, Apr 14, 2014 at 3:30 PM, Mahendra Kariya mahendra.kariya@thoughtworks.com wrote:

Thanks! We are running into foreign key issues when we are trying to delete a user. Could you please point us to the API with which we can disable the user?

On Mon, Apr 14, 2014 at 1:39 PM, Morten Olav Hansen mortenoh@gmail.com wrote:

That code is located in AbstractCrudController


Morten

On Mon, Apr 14, 2014 at 3:05 PM, Mahendra Kariya mahendra.kariya@thoughtworks.com wrote:

Hi Morten,

Thank you for the prompt reply.

I don’t see any code (in trunk) in UserController.java that supports the delete functionality. Could you please tell us when should we expect to have this in trunk?

We will submit a patch for point 2 ASAP.

Thanks,

Mahendra

ThoughtWorks

On Mon, Apr 14, 2014 at 12:57 PM, Morten Olav Hansen mortenoh@gmail.com wrote:

  1. Is there an any way to delete a user using the API?

You should be able to delete a user by doing a DELETE request to /api/users/UID in 2.15, be aware that there might be some foreign keys etc getting in the way, so another solution might be to disable the user

  1. We want “admin” user to update the details of other users using the API. Currently it requires the password of the user which is getting updated. Without the user’s password, “admin” can’t do an update. Is there any other way to do it?

Currently, no… but it should be trivial to include a parameter, “ignorePassword” or something like that… that would simply continue using the old password, feel free to provide a patch :slight_smile:

Morten

If the community feels both these cases are general enough to be included in DHIS, we would like to submit patches in case this functionality is not available.

Thanks,

Mahendra

ThoughtWorks

What values are you trying to change? It’s working fine here… Tested with disabled etc

···

On Tue, Apr 15, 2014 at 1:13 PM, Morten Olav Hansen mortenoh@gmail.com wrote:

This should now be fixed in rev 14867.


Morten

On Mon, Apr 14, 2014 at 8:02 PM, Mahendra Kariya mahendra.kariya@thoughtworks.com wrote:

Hi Morten,

We are trying to disable the user using PUT on /api/users/{id}. But when we are doing a HTTP GET on the user, we are not able to see the updated value. We debugged the code, but got lost somewhere at DefaultIdentifiableObjectImporter.reattachField(). Could you please help us out?

The JSON payload that we are sending is as follows.

{

“name”: “Name Name”,

“surname”: “Name”,

“firstName”: “Name”,

“email”: "name.name@email.org",

“organisationUnits”: [

{

“name”: “org”,

“id”: “company_0”

}

],

“userCredentials”: {

“username”: "name.name@email.org",

“userAuthorityGroups”: [

{

“name”: “HQ”,

“id”: “hq”

}

],

“selfRegistered”: false,

“password”: “Password1”,

“disabled”: true

},

“id”: “nWSreYohGrM”

}

Thanks,

Mahendra

ThoughtWorks

On Mon, Apr 14, 2014 at 2:05 PM, Morten Olav Hansen mortenoh@gmail.com wrote:

Hi

We don’t provide any web-api service for directly disabling a user, but you can update the user with userCredentials.disabled = true, which will disallow the user to login.


Morten

On Mon, Apr 14, 2014 at 3:30 PM, Mahendra Kariya mahendra.kariya@thoughtworks.com wrote:

Thanks! We are running into foreign key issues when we are trying to delete a user. Could you please point us to the API with which we can disable the user?

On Mon, Apr 14, 2014 at 1:39 PM, Morten Olav Hansen mortenoh@gmail.com wrote:

That code is located in AbstractCrudController


Morten

On Mon, Apr 14, 2014 at 3:05 PM, Mahendra Kariya mahendra.kariya@thoughtworks.com wrote:

Hi Morten,

Thank you for the prompt reply.

I don’t see any code (in trunk) in UserController.java that supports the delete functionality. Could you please tell us when should we expect to have this in trunk?

We will submit a patch for point 2 ASAP.

Thanks,

Mahendra

ThoughtWorks

On Mon, Apr 14, 2014 at 12:57 PM, Morten Olav Hansen mortenoh@gmail.com wrote:

  1. Is there an any way to delete a user using the API?

You should be able to delete a user by doing a DELETE request to /api/users/UID in 2.15, be aware that there might be some foreign keys etc getting in the way, so another solution might be to disable the user

  1. We want “admin” user to update the details of other users using the API. Currently it requires the password of the user which is getting updated. Without the user’s password, “admin” can’t do an update. Is there any other way to do it?

Currently, no… but it should be trivial to include a parameter, “ignorePassword” or something like that… that would simply continue using the old password, feel free to provide a patch :slight_smile:

Morten

If the community feels both these cases are general enough to be included in DHIS, we would like to submit patches in case this functionality is not available.

Thanks,

Mahendra

ThoughtWorks

Great :slight_smile:

···


Morten

On Tue, Apr 15, 2014 at 4:26 PM, Mahendra Kariya mahendra.kariya@thoughtworks.com wrote:

Its working! :slight_smile:
There was some issue with the DHIS build. It was picking up the old war file all this time.

Thanks a ton!

On Tue, Apr 15, 2014 at 2:24 PM, Morten Olav Hansen mortenoh@gmail.com wrote:

What values are you trying to change? It’s working fine here… Tested with disabled etc

On Apr 15, 2014 3:30 PM, “Mahendra Kariya” mahendra.kariya@thoughtworks.com wrote:

Sorry Morten. This is not working.

After line 585 in DefaultIdentifiableObjectImporter is executed successfully, the values in the expression ((User) persistedObject).getUserCredentials() are not changing.

Thanks,

Mahendra

ThoughtWorks

On Tue, Apr 15, 2014 at 1:13 PM, Morten Olav Hansen mortenoh@gmail.com wrote:

This should now be fixed in rev 14867.


Morten

On Mon, Apr 14, 2014 at 8:02 PM, Mahendra Kariya mahendra.kariya@thoughtworks.com wrote:

Hi Morten,

We are trying to disable the user using PUT on /api/users/{id}. But when we are doing a HTTP GET on the user, we are not able to see the updated value. We debugged the code, but got lost somewhere at DefaultIdentifiableObjectImporter.reattachField(). Could you please help us out?

The JSON payload that we are sending is as follows.

{

“name”: “Name Name”,

“surname”: “Name”,

“firstName”: “Name”,

“email”: "name.name@email.org",

“organisationUnits”: [

{

“name”: “org”,

“id”: “company_0”

}

],

“userCredentials”: {

“username”: "name.name@email.org",

“userAuthorityGroups”: [

{

“name”: “HQ”,

“id”: “hq”

}

],

“selfRegistered”: false,

“password”: “Password1”,

“disabled”: true

},

“id”: “nWSreYohGrM”

}

Thanks,

Mahendra

ThoughtWorks

On Mon, Apr 14, 2014 at 2:05 PM, Morten Olav Hansen mortenoh@gmail.com wrote:

Hi

We don’t provide any web-api service for directly disabling a user, but you can update the user with userCredentials.disabled = true, which will disallow the user to login.


Morten

On Mon, Apr 14, 2014 at 3:30 PM, Mahendra Kariya mahendra.kariya@thoughtworks.com wrote:

Thanks! We are running into foreign key issues when we are trying to delete a user. Could you please point us to the API with which we can disable the user?

On Mon, Apr 14, 2014 at 1:39 PM, Morten Olav Hansen mortenoh@gmail.com wrote:

That code is located in AbstractCrudController


Morten

On Mon, Apr 14, 2014 at 3:05 PM, Mahendra Kariya mahendra.kariya@thoughtworks.com wrote:

Hi Morten,

Thank you for the prompt reply.

I don’t see any code (in trunk) in UserController.java that supports the delete functionality. Could you please tell us when should we expect to have this in trunk?

We will submit a patch for point 2 ASAP.

Thanks,

Mahendra

ThoughtWorks

On Mon, Apr 14, 2014 at 12:57 PM, Morten Olav Hansen mortenoh@gmail.com wrote:

  1. Is there an any way to delete a user using the API?

You should be able to delete a user by doing a DELETE request to /api/users/UID in 2.15, be aware that there might be some foreign keys etc getting in the way, so another solution might be to disable the user

  1. We want “admin” user to update the details of other users using the API. Currently it requires the password of the user which is getting updated. Without the user’s password, “admin” can’t do an update. Is there any other way to do it?

Currently, no… but it should be trivial to include a parameter, “ignorePassword” or something like that… that would simply continue using the old password, feel free to provide a patch :slight_smile:

Morten

If the community feels both these cases are general enough to be included in DHIS, we would like to submit patches in case this functionality is not available.

Thanks,

Mahendra

ThoughtWorks