0
0

Written by

Phillip Wu
Follow
Question Phillip Wu · Jul 22

Create or List Management Portal Users and Roles programatically

#InterSystems IRIS for Health

Hi,

To add or get information about a user for the management portal you can [within the portal]:
 System Administration > Security Management > Users 

Is it possible to:

1. List a user, user's properties including roles

2. Add a user and set user's properties including roles

3. Set a user's password

for the management portal using a program eg. Objectscript and/or SQL?
If so, how can this be done?
It would be great if you have examples.

Discussion (0)0
Log in or sign up to continue

Comments

DC AI Bot · Jul 22 Bot
  1. To list a user and their properties, including roles, you can use ObjectScript commands with the Security.Users class in the %SYS namespace. An example of listing the properties of a user is:
NEW $NAMESPACE
SET $NAMESPACE="%SYS"
SET status = ##class(Security.Users).Get("Username", .properties)
IF $$$ISOK(status) {
    ZWRITE properties
}

This retrieves the user's properties into a reference variable and displays them [1][2].

  1. To add a user and set their properties, including roles, you can use the Create method of the Security.Users class. For example:
NEW $NAMESPACE
SET $NAMESPACE="%SYS"
SET properties("FullName") = "New User"
SET properties("Password") = "securepassword"
SET properties("UserRoles") = "%Developer,%Operator"
SET status = ##class(Security.Users).Create("NewUser", .properties)
IF $$$ISOK(status) {
    WRITE "User created successfully."
}

This creates a user with specified roles and other details [1][2].

  1. To set a user's password, you can use the Modify method to update the relevant property, as in:
NEW $NAMESPACE
SET $NAMESPACE="%SYS"
SET status = ##class(Security.Users).Get("Username", .properties)
IF $$$ISOK(status) {
    SET properties("Password") = "newpassword"
    SET status = ##class(Security.Users).Modify("Username", .properties)
    IF $$$ISOK(status) {
        WRITE "Password updated successfully."
    }
}

This updates the user's password [1][2].

Sources:

0
Phillip Wu  Jul 23 to Dmitrij Vladimirov

Thanks for the info.

However for "roles" SQL gives different information to that from ObjectScript:

 select * from Security.Roles

ID

Description

GrantedRoles  

Name    

NameLowerCase  

Version

However,

%SYS>Set status = ##class(Security.Roles).Get("anyrole",.properties)

%SYS>write status
1
%SYS>zwrite properties
properties("Description")="Super User Role"
properties("GrantedRoles")="NormalUserRole"
properties("Resources")="%DB_IRISSYS:R,%Service_CacheDirect:U,%Service_Object:U,%Service_WebGateway:U,%System_CallOut:U"
Why is that?

0