Skip to content

Users

Purpose

Platform 6 user (P6User) enquiry and update.

A collection of methods to list and maintain the users of your Platform 6 instance

A read-only P6User object has the following structure:

Type Name
String email
String firstName
String lastName
String jsonProfile
Map[String:String] properties
List[P6PermissionSet] permissionSetDetails

The read-only P6PermissionSet object has the following structure:

Type Name
String name
String description
List[String] permissions

Additional Instance Permissions

In order for your Platform 6 instance to access the centralized user repository of P6Auth, your Platform 6 Integration definition will require additional permissions.

The required permissions for each method are listed below.

Methods

Binding name: p6.users


Method: P6User associate(String userEmail, List[String] assignedPermissionSetNames, String orgTreePath)

Associates the given user email with your instance. This will send an account activation email to the user allowing them to select a password and login. The assignedPermissionSetNames will be used to assign an initial set of permissions for the associated used and your instance.

The optional orgTreePath argument allows the newly associated user to be automatically assigned to the given path in the instances organisational tree.

Required permissions: [instance]:users=edit

Note

If using the ‘DEV’ infrastructure you must modify the resource property as follows: email.setpassword.url: “https://dev.portal.amalto.com/#/set-password” Otherwise a new user following the activation email link will fail to set an initial password


Method: P6User associate(String userEmail, String ssoConnectionId)

Associates the given new user email with your instance.
This will create a new user with the given email address as though they were created by an auto-provisioning Single Sign On

Required permissions: [instance]:users=edit


Method: P6User disassociate(String userEmail)

Disassociate the given user email from your instance.

Note

If the user is not associated with any other instance following this action, the User is deleted from the central repository.

Required permissions: [instance]:users=edit


Method: P6User remove(String userEmail)

Warning

This requires a super admin level permission as the given user may be associated with other Platform 6 instances other than your own! Consider using disassociate instead.

Required permissions: *:users=delete


Method: boolean exists(String userEmail)

Checks if the given user email is associated with your instance.

Required permissions: [instance]:users=read(“./*”)


Method: P6User get(String userEmail)

Gets the P6User associated with your instance given the user’s email address.

Required permissions: [instance]:users=read(“./*”)


Method: List<P6User> getAll()

Lists all the users associated with your instance.

Required permissions: [instance]:users=read(“./*”)


Method: P6User updatePermissions(String userEmail, List[String] assignedPermissionSetNames)

The permissions supplied via assignedPermissionSetNames will be used to replace all permissions the given user email has for your instance.

Required permissions: [instance]:users=edit


Method: P6User updateProfile(String userEmail, String firstName, String lastName, String jsonProfile, Properties properties)

Required permissions: *:users=edit

Warning

This requires a super admin level permission as the given user may be associated with other Platform 6 instances other than your own!

Examples

// Easy P6USer creation using the tap() method and showing the JSON String format of this object

def user = new P6User().tap {
    email = 'simon.temple+test1@amalto.com'
    firstName = 'Simon'
}

user['lastName'] = 'Temple'

println user
// Listing all P6Users

def lstUsers = p6.users.getAll()
lstUsers.each {
    println "User: $it"
}
// Test a user exists before reading their details
def userEmail = 'simon.temple+test1@amalto.com'
if (p6.users.exists(userEmail)) {
    println p6.users.get(userEmail)
}
// Associating a new user with your instance and assigning them the `InvoiceApprover` permission 

p6.users.associate('simon.temple+dsl@amalto.com',['InvoiceApprover'])
// Disassociate a given user printing their details when complete

println 'Disassociated user: ' + p6.users.disassociate('simon.temple+dsl@amalto.com')
// Update the profile and permissions for user simon.temple

println 'Updated user permissions: ' + p6.users.updatePermissions('simon.temple@amalto.com', ['ApproverDelegate', 'InvoiceApprover'])

println 'Updated user profile: ' + p6.users.updateProfile('simon.temple@amalto.com', 'Simon','Temple', null, ['title':'Mr', 'city':'Exeter', 'random': 'anything!'])

Users DSL via HTTP Endpoints

The Users DSL functions are also available via a pre-built set of HTTP endpoints that can be inspected with Swagger:

Users Endpoints