Versions Compared

Version Old Version 104 New Version Current
Changes made by

Stefan Spiegel

Devin Hebert

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Updated URLs via script

...

Table of Content Zone

Table of Contents

Configuration

The new user importer tool is completely configured via Org NavPage /wiki/spaces/CMD/pages/5432397461. (Page attributes, NOT Link attributes).  It is available as of 3.4.0.

App.Config

Core.UserImporterInterval - (in min) set the interval to run the automatic user importer thread. Default: 15 min (3.9.0+: 120min). Only used if AUTO-USER-IMPORT is enabled.

NavPage Attributes

There are new attributes used to configure the User Importer for an organization:

...

"System.Customer.UserImportExpireInitialPassword" -  Optional attribute.   A boolean to configure if the initial password needs to be immediately force changed.  True will force change the password on first login. To make ForcePasswordChange (or expire initial password) work, the following 2 NavPage attributes System.Security.PasswordExpiry.ExpiryDuration and System.Security.PasswordExpiry.ExpiryWarningDuration must be configured (see Attribute Definitions for details).

.


System.Customer.

UserImportUsePasswordOnCreate

System.Customer.

UserImportUseRandomPasswordIfNotProvided

Translation Mapping CSV Column to Password exists?

Predicate exist in UserImportNewUserPasswordFormat?

(a Predicate mandates the existence of a Translation Mapping Column from CSV to Password)

Action
falsefalsefalseTruecreate user via password format, if enabled via System.Customer.UserImportNewUserPasswordFormat. Otherwise, don't create user and log error (but continue CSV file processing) (so if no password format is provided, will an error be logged for each user?)
falsefalsetrueTrue

create user via password format, if enabled via System.Customer.UserImportNewUserPasswordFormat. Otherwise, don't create user and log error (but continue CSV file processing).

Note: It doesn't matter whether a password is provided or is empty/white spaces - the behaviour is the same. (you could represent this with one row in this table and "n/a" for the translation column).

falsetruefalseTrue

create user via password format, if enabled via System.Customer.UserImportNewUserPasswordFormat. Otherwise, create user with random password (Guid)

Note: It doesn't matter whether a password is provided or is empty/white spaces - the behaviour is the same.

falsetruetrueTrue

create user via password format, if enabled via System.Customer.UserImportNewUserPasswordFormat. Otherwise, create user with random password (Guid)

Note: It doesn't matter whether a password is provided or is empty/white spaces - the behaviour is the same.

truefalsefalseTruecreate user via password field in CSV (provided it meets the complexity requirements), build if enabled via System.Customer.UserImportNewUserPasswordFormat. Otherwise, don't create user and log error (but continue with CSV file processing)
truefalsetrueTrue

pwd provided: create user with provided password

pwd empty/white spaces: create user via password format, if enabled via System.Customer.UserImportNewUserPasswordFormat. Otherwise, don't create user and log error (but continue with CSV file processing)

truetruefalseTruecreate user via password format, if enabled via System.Customer.UserImportNewUserPasswordFormat. Otherwise, create user with random password (Guid)
truetruetrueTrue

pwd provided: create user with provided password

pwd empty/white spaces: create user via password format, if enabled via System.Customer.UserImportNewUserPasswordFormat. Otherwise, create user with random password (Guid)

...

"System.Customer.UserImporterRankOrgProfileFieldName" - Mandatory attribute for RankBasedValuesByRank.json Stores the name of the "Rank" OrgProfile field for the org (E.g. "Rank" for Carnival, "Job Description" for BCF).

"System.Customer.UserImporterRankBasedValuesByRank" - Mandatory attribute for RankBasedValuesByRank.json This is a JSON value which maps ranks to sets of profile field values for those ranks (previously was Customer.CUK.RankBasedValuesByRank)

  • see 2016.07.07 - RankBasedValuesByRank.json for an example
  • Upload the specific JSON file via "File Upload" tool on /pages/dev for mapping purpose, and the location of the upload file will be in directory \CoreWebTemporaryUpload\
  • To update (or create) these values in a live system you will need access to the live server as well as a super admin for that page. Once you have that, from the Client tool on /pages/dev usage is:
                             CreateOrUpdateNavPageAttributeFromFile "/Root/Carnival/CCL/-File/templates/HomePage.cshtml" System.Customer.UserImporterRankBasedValuesByRank CarnivalRanks.json
    • The JSON file will be exported or imported from D:\MarineLMS\Carnival\CoreWebTemporaryUpload\

Customer Specific Attributes

CMG

"System.Customer.CMG.UserImportSourceToOperatingLineMapping" - Mandatory attribute for CMGUserImporter.  Maps the import source in CMG files to an Operating line.  Current configuration as of 3.7.0 is “Import Source=Operating Line:CST_MISTRAL=Costa,AID_MISTRAL=AIDA,CST_NAMES1=Costa,AID_LOGA=AIDA”

...

// Generic User Import File Field Names (keys for dictionary)
private const string DeactivateUserKey = "Deactivate (X)";
private const string OrgPathKey = "OrgPath";
private const string OrgLoginKey = "OrgLoginID";
private const string LoginKey = "LoginID";   //This can be UserName or EmailAddress
private const string PasswordKey = "Password";
private const string FirstNameKey = "FirstName";
private const string LastNameKey = "LastName";
private const string EmailAddressKey = "EmailAddress";
private const string ContactEmailKey = "ContactEmail";
private const string CanViewReportsKey = "CanViewReports";
private const string ForcePasswordChangeKey = "ForcePasswordChange";

NoteNotes

  • OrgProfileFields are grabbed from that organization's repository, so the CSV header name must match the OrgProfileField DB Key (e.g. Vessel, Role, etc...), otherwise that column will be ignored (as the importer won't know what to do with it)

Example of a configured org:

  • To make ForcePasswordChange work, the following 2 NavPage attributes System.Security.PasswordExpiry.ExpiryDuration and System.Security.PasswordExpiry.ExpiryWarningDuration must be configured (see Attribute Definitions for details).

Example of a configured org:

Example CSV:

Default CSV Format:

Note: Order does not matter.

...

Deactivate (X): The first column indicates whether a user should be deleted (D) or deactivated (X). Leave empty to create/update and activate the user
OrgPath: is optional if no OrgLoginId has been set. Add user to this organization
OrgLoginId: is optional if LoginId has been set. Don't update if empty. Used as a secondary look up key to find an existing user (if LoginId is empty)
LoginId: can be user name or email address. Optional if OrgLoginId has been set. Used as a primary look up key to find an existing user
Password: if the user already exists and left empty - the password is not updated
FirstName: will not be updated if empty
LastName: will not be updated if empty
EmailAddress: will not be updated if empty
ContactEmail: will not be updated if empty
CanViewReports: 'True' or 'False'. Anything not 'True' (e.g. empty) for new users will be interpreted as 'False'. For updates, will not be updated if not 'True' or 'False'.
ForcePasswordChange: 'True' or 'False'. Anything not 'True' (e.g. empty) for new users will be interpreted as 'False'. For updates, will not be updated if not 'True' or 'False'.
OrgProfileFieldName: all active OrgProfileFieldNames

Notes:

...

  • The importer NEEDS that the headers are in the file.  The user importer uses the first line of the CSV to create it's mapping to the DB.  If the keys in the CSV do not match the keys in the previous section, then a mapping must be added to the translation attribute (also above).

...

  • Default Passwords - currently uses the user guid. force change is true for newly created user unless a password is specified in the file or the attribute.  Passwords will never update for existing users.

Creating a New User VS Updating an Existing User

The order of priority for finding an existing user is as follows. If a different implementation is required, it must use a custom integration (see next section):

...

3) Email - If an email is found, but doesn't match the OrgLoginID, an error is generated.

Default Existing User check:


Auto User Importer (via background thread)

To enable auto user import the following 3 NavPage attributes must be configured:

...

  1. If it is a zip file, it is extracted.
  2. The CSV file is processed (users are imported)
  3. The zip/CSV file is moved to the configured directory (set by the attribute: System.Customer.UserImportBackupFilePath) for historical purposes.
  4. An email is sent reporting success/warnings/errors to email addresses configured by the attribute: System.Customer.UserImportEmailNotification.
  5. The backed up zip/csv file from (3) is deleted after 7 days, unless configured otherwise in the App.Config.

Manual User Importer

The new user importer can be manually used via Core client command importUsers or pages/dev Upload User tab. If no order is specified (as per above) default order is assumed.

...

importUsers /Root/Moran "c:\test\newusers.csv" true truetrue 

Note: If ImportUsers does not work, try ImportUser

New User Importer

The current user importer is less flexible than we would like it to be and some functions like sanitization requires external Powershell preprocessing of a user csv file. In order to have a better set of features we have decided to implement the user importer from scratch.

The current specification of the new user importer can be found at https://docs.google.com/document/d/1hfPRyPDzbaCiTgTM6BCOzVPCOn31l5oFXEF_hjmQ3qs/edit