Forum Discussion

jdbrownl's avatar
jdbrownl
Guide
13 years ago

Setting group via REST for multiple community members

I need to set the group membership for the staff of my organization and of course remove it when someone leaves the organization.  It's important to us that comments by staff members are shown as suc...
xorrkaz's avatar
xorrkaz
Genius
13 years ago

We do a lot of off-box scripting of Lithium (mainly in PHP 5.x), and what you want sounds rather doable.  We use SSO, too, but we had Li setup some local users for us for REST access.  I assume you mean you're looking to do role assignment as opposed to groups?  If so, this code may help you.  While I pride myself on knowing quite a few languages, C# is not one of them.  Hopefully this PHP code will make sense (if only as pseudo-code).

 

/* 
 * Authenticate the REST API session
 * $this->param['h'] is the Lithium community URL
 * $this->param['u2'] is the Li username authorized to use REST (local user that doesn't go through SSO)
 * $this->param['p2'] is the password of the Li user
 */
        function getCookie() {
                if ($this->wsCookie) return $this->wsCookie;

                $url = $this->param['h'] . '/restapi/vc/authentication/sessions/login';
                $p = array('authentication' =>
                        array(
                              'post' =>
                                  array('user.login'    => $this->param['u2'],
                                        'user.password' => $this->param['p2']),
                                        'get' => array('xslt'=>'json.xsl'));
                $res = $this->fetchURL($url, $p);
                $raw = json_decode($res, true);
                if ($raw) {
                        $this->wsCookie = $raw['response']['value']['$'];
                if ($raw) {
                        $this->wsCookie = $raw['response']['value']['$'];
                        return $this->wsCookie;
                }
                return false;
        }

/*
 * Assign a user to a role.
 * User is specified as either id/ID or login/LOGIN
 * Role is specified either as name/NAME or id/ID
 */
function assignUserToRole($user, $role) {
    $url = $this->param['h'] . '/roles/' . $role . '/users/add';

    $p = $this->default_params;
    $p['post']['role.user'] = $user;

    $raw = $this->getREST($url, $p);

    return ($raw === NULL) ? false : true;
}

/*
 * Remove a user from a role.
 * User is specified as either id/ID or login/LOGIN
 * Role is specified either as name/NAME or id/ID
 */
function removeUserFromRole($user, $role) {
    $url = $this->param['h'] . '/roles/' . $role . '/users/remove';

    $p = $this->default_params;
    $p['post']['role.user'] = $user;

    $raw = $this->getREST($url, $p);

    return ($raw === NULL) ? false : true;
}

 

So, if you had a role, say Employee, a user Bob that needed to be added, and  a user Alice that needed to be removed, the code would end up calling:

 

POST http://community.example.com/restapi/vc/roles/name/Employee/users/add?xslt=json.xsl

role.user=login/Bob

 

POST http://community.example.com/restapi/vc/roles/name/Employee/users/remove?xslt=json.xsl

role.user=login/Alice