Khoros Community

Advisor
Advisor

Can you automatically apply a role to a member

I would like the employee role to be assigned to anyone with our domain in their email address.

Has anyone successfully automated the application of a role based on email or any other criteria?

 

0 Kudos
6 Replies 6
Honored Contributor
Honored Contributor

Re: Can you automatically apply a role to a member

@mhock - Yes, you can do some customisation here:

Below is the reference code:

 

 <#if !user.anonymous>
    <#assign userEmail = rest("/users/id/${user.id}/").user  />
  </#if>
  <#list userEmail as getEmail>
      <#assign spiltEmail = getEmail.email?split("@") />
      <#assign getSplittedEmail = spiltEmail[1]?split(".") />
      <#assign SplittedEmail = getSplittedEmail[0] />
  </#list>
    <#assign getUserRole = restadmin("/users/id/${user.id}/roles").roles.role  />
    <#assign rolesA = [] />
   <#list getUserRole as role >
      <#assign rolesA = rolesA + [role.name?js_string] />
   </#list>


 

With the above code, you will get user email and user role, after that use the following query and check if user email contains a particular domain or not.

<#assign addRole = restadmin("/roles/name/[roleName]/users/add?role.user=id/${userID}") />

Please let me know if you have any questions.

Thanks!

Reply
Loading...
Khoros Guru
Khoros Guru

Re: Can you automatically apply a role to a member

As an additional layer of security you would want to assign the role only, if the corporate email in the community profile has also been verified. So only if the following value is true:

<#assign email_verification = rest("/users/self/settings/name/user.email_verified").value />

Otherwise an unverified bogus email ending with the corporate domain could grant malintended visitors access to the staff role.



If you appreciate my efforts, please give me a kudo ↓
Accept as solution to help others find it faster.
Reply
Loading...
Frequent Advisor
Frequent Advisor

Re: Can you automatically apply a role to a member

The above are good solutions.

We do something similar, but because we use SSO we obtain a user profile value representing our Enterprise ID (EID) for each user and then have a bit of an expanded customization to apply/remove various roles via an EID-role mapping list we access within the Admin Console. Fundamentally it is similar to the above code, with some additional customizations to allow us to define additional EIDs-role mappings and remove roles based on EID as well.

Since we know the EID of our internal users, we can apply this role to our employees based on that EID.

We also use this same EID-role mapping to grant access to various customers to beta content and discussions, and other private section by their account EID.

Maybe more complicated an approach than what you need, but it might be useful to think about if you have broader use cases for roles than employees vs everyone else.

Reply
Loading...
Honored Contributor
Honored Contributor

Re: Can you automatically apply a role to a member

We've generally done it via an SSO implementation, which is a bit more of an undertaking, but you can do a lot with it.


Becky Scott
Community Engagement Manager
Cloudera
Reply
Loading...
Advisor
Advisor

Re: Can you automatically apply a role to a member

@Payal @sdodds @lolagoetz @ClaudiusH 

Thank you ALL so much for chiming in.  We have SSO and are a private Community so I will be using this post to see what our development team can produce.

Thanks again and HAPPY Friday!

Melissa

Reply
Loading...
Honored Contributor
Honored Contributor

Re: Can you automatically apply a role to a member

That's awesome, Melissa. There's some config on the Khoros side, too, so
it'll require an engagement with them to get it activated / set up. You
should know that as you're planning.

Becky Scott
Community Engagement Manager
Cloudera
Reply
Loading...