The User endpoint allows you to manage the users in Open-AudIT.
A user entry can be created using the web interface if the current user logged in has a role that contains the user::create permission. Go to menu: Manage -> Users -> Create Users. Also can be created from the Users View, using the "Create" button.
To add a new user to Open-AudIT you have to provide the details of that person, assign the organization, select the relevant Roles (multiple roles can be selected), select if the user is active or not, etc. In addition, you must grand permission to that user to access one or more organisations. It is important to notice that selecting a parent organization will automatically provide access to its children.
Go to menu: Manage-> Users -> List Users.
The schema for the database is below. It can also be found in the application if the user has database::read permission by going to menu: Manage -> Database -> List, then clicking on the "users" table.
CREATE TABLE `users` ( `id` int(10) unsigned NOT NULL AUTO_INCREMENT, `name` varchar(200) NOT NULL, `org_id` int(10) unsigned NOT NULL DEFAULT '1', `password` varchar(250) NOT NULL, `full_name` varchar(100) NOT NULL, `email` varchar(100) NOT NULL, `roles` text NOT NULL, `orgs` text NOT NULL, `lang` enum('de','en','es','fr','pt-br') NOT NULL DEFAULT 'en', `active` varchar(1) NOT NULL DEFAULT 'y', `ldap` text NOT NULL, `edited_by` varchar(200) NOT NULL DEFAULT '', `edited_date` datetime NOT NULL DEFAULT '2000-01-01 00:00:00', PRIMARY KEY (`id`), KEY `user_id_index` (`id`) ) ENGINE=InnoDB AUTO_INCREMENT=5 DEFAULT CHARSET=utf8; |
A typical entry looks as below.
id: 1 name: admin org_id: 1 password: 0ab0a153e5bbcd80c50a02da8c97f3c87686eb8512f5457d30e328d2d4448c8968e9f4875c2eb61356197b851dd33f90658b20b32139233b217be54d903ca3b6 full_name: Administrator email: admin@openaudit roles: ["admin","org_admin"] orgs: [1] lang: en active: y ldap: edited_by: edited_date: 2000-01-01 00:00:00 |
You can access the /users collection using the normal Open-AudIT JSON based API. Just like any other collection. Please see the API documentation for further details.
Access is provided as part of a roles permissions. Users is a standard resource and can have create, read, update and delete permissions.
The API routes below are usable from both a JSON Restful API and the web interface. The Web application routes are specifically designed to be called from the web interface (a browser).
Request Method | ID | Action | Resulting Function | Permission Required | URL Example | Notes | Example Response |
---|---|---|---|---|---|---|---|
POST | n | create | users::create | /users | Insert a new user entry. | users_create.json | |
GET | y | read | users::read | /users/{id} | Returns a user details. | users_read.json | |
PATCH | y | update | users::update | /users/{id} | Update an attribute of a user entry. | users_update.json | |
DELETE | y | delete | users::delete | /users/{id} | Delete a user entry. | users_delete.json | |
GET | n | collection | users::read | /users | Returns a list of users. | users_collection.json |
Request Method | ID | Action | Resulting Function | Permission Required | URL Example | Notes |
---|---|---|---|---|---|---|
GET | n | create | create_form | users::create | /users/create | Displays a standard web form for submission to POST /users. |
GET | y | update | update_form | users::update | /users/{id}/update | Show the user details with the option to update attributes using PATCH to /users/{id} |