IdmCreateUserState
This AuthState is a processing AuthState.
This plug-in creates a nevisIDM user with the specified user attributes and user scope properties in the specified target unit.
Topic | Description |
---|---|
Class | ch.nevis.idm.authstate.IdmCreateUserState |
Logging | IdmAuth |
Auditing | None |
Marker | NevisIDM:mutation |
Properties | user.attribute. (String, -) Define user attributes. The AuthState knows where to take the attribute input from. Note that every user attribute has to be declared as either optional or mandatory by adding it to the property user.attributes.optional resp. user.attributes.mandatory (see below).The following attributes are allowed: loginId, extId, clientExtId, clientName, firstName, name, remarks, sex, gender (has precedence over sex), birthDate, title, telephone, email, telefax, mobile, addressLine1, addressLine2, postalCode, city, country, language, Street, houseNumber, dwellingNumber, postOfficeBoxNumber, postOfficeBoxText, locality |
user.attributes.mandatory (String, -) Comma-separated list of mandatory user attributes to gather. If the referred input field remains empty, inputMissing transition will be generated. Only attributes that have been defined explicitly with user.attribute.* can be classified as mandatory. | |
user.attributes.optional (String, -) Comma-separated list of optional user attributes to gather. Only attributes that have been defined explicitly with user.atribute.* can be classified as optional. | |
loginIdMode ([auto,email,value], auto) auto: user loginId is automatically generated. loginIdGenerator,enabled=true has to be set in client policy; email: user e-mail attribute is used for loginId. user.attribute.email has to be set; value: user.attribute.loginId has to be set explicitly | |
user.property.* (String, -) Define user scope properties. After the prefix, the name of the user scope property should be set. Example: user.property.USER_SCOPE_PROPERTY | |
user.property.mandatory (String, -) Comma-separated list of mandatory user scope properties to gather. If the input field remains empty, inputMissing transition will be generated. Only properties that have been defined explicitly with user.property.* can be classified as mandatory. | |
user.property.optional (String, -) Comma-separated list of optional user scope properties to gather. Only properties that have been defined explicitly with user.property.* can be classified as optional. | |
targetUnitId (String,-) Mandatory parameter that sets the extId of the unit to which the user’s default profile belongs. It has to be an existing unit extId. | |
loadUser (boolean, false) If set to "true", the extId, loginId, profileExtId, clientExtId and clientName properties of the newly created user object are set in the user DTO and stored in the session. To refresh all properties in the session, the IdmGetPropertiesState AuthState must be called afterwards. | |
Methods | process (all events) |
Input | None |
Transitions | ok: Gathered attributes and user scope properties are stored, transition to AuthDone expected. |
inputMissing: If the input field remains empty, inputMissing transition will be generated. | |
inputInvalid: If the input validation fails, inputInvalid transition will be generated. To display a localized input validation error message, nevisauth litdict (/var/opt/nevisauth/default/conf/LitDict.properties) has to be extended.Currently, the following message key is generated: errors.invalidParameter) | |
clientNotFound: user uses an unsupported client ID or the "default" client ID (see input above) is not available | |
loginIdExists: user with the given loginId exists in the given client | |
emailExists: user with the given e-mail address exists | |
userIdExists: user with the given extId exists | |
Output | None |
Errors | None |
Notes | For the input field GUI elements, use the user.<user_attribute>.label (user.email.label, user.name.label, ...) labels. These are language-dependent labels. |
Example
<AuthState name="TestIdmCreateUser"
class="ch.nevis.idm.authstate.IdmCreateUserState" >
<ResultCond name="ok" next="IdmPostProcessing"/>
<ResultCond name="inputMissing" next="TestIdmCreateUser"/>
<ResultCond name="inputInvalid" next="TestIdmCreateUser"/>
<ResultCond name="loginIdExists" next="TestIdmCreateUser"/>
<ResultCond name="emailExists" next="TestIdmCreateUser"/>
<ResultCond name="userIdExists" next="TestIdmCreateUser"/>
<Response value="AUTH_CONTINUE">
<Gui name="AuthStepupDialog" label="login.setuserprop.label">
<GuiElem name="lasterror" type="error"
label="${notes:lasterrorinfo}" value="${notes:lasterror}"/>
<GuiElem name="errordetail" type="info"
label="${notes:lasterrorinfo}"/>
<GuiElem name="email" type="text" label="user.email.label"
optional="false"/>
<GuiElem name="lastname" type="text"
label="user.lastname.label"
optional="false"/>
<GuiElem name="firstname" type="text"
label="user.firstname.label" optional="false"/>
<GuiElem name="remarks" type="text"
label="user.remarks.label"
optional="false" />
<GuiElem name="addressLine1" type="text"
label="user.addressLine1.label" optional="true"/>
<GuiElem name="postalCode" type="text"
label="user.postalCode.label" optional="true"/>
<GuiElem name="userProperty1" type="text"
label="userProperty1"
optional="false"/>
<GuiElem name="userProperty2" type="text"
label="userProperty2"
optional="true"/>
<GuiElem name="submit" type="button"
label="submit.button.label"
value="continue"/>
</Gui>
</Response>
<property name="user.attributes.mandatory"
value="email,addressLine1,firstName,name"/>
<property name="user.attributes.optional"
value="remarks,postalCode"/>
<property name="user.attribute.email" value="${inargs:email}"/>
<property name="user.attribute.name" value="${inargs:lastname}"/>
<property name="user.attribute.firstName"
value="${inargs:firstname}"/>
<property name="user.attribute.remarks" value="${inargs:remarks}"/>
<property name="user.attribute.addressLine1"
value="${inargs:addressLine1}"/>
<property name="user.attribute.postalCode"
value="${inargs:postalCode}"/>
<property name="user.property.mandatory" value="userProperty1"/>
<property name="user.property.optional" value="userProperty2"/>
<property name="user.property.userProperty1"
value="${inargs:userProperty1}"/>
<property name="user.property.userProperty2"
value="${inargs:userProperty2}"/>
<property name="targetUnitId" value="100"/>
<property name="loginIdMode" value="email"/>
</AuthState>