API REST - User Manager

PEREZ_OMAR · October 24, 2023, 2:09am

For remote management, we need to create/update new users calling a remote Rest service with request values in json (user, pass)

What are the posible steps to make this functionality?

Endpoints:
Create User, Update User, User Status

wlandgraf · October 24, 2023, 1:44pm

You can create a XData server to do that, and inside the XData method implementations, you call Sphinx regular methods to create user, update user, etc.

PEREZ_OMAR · October 24, 2023, 6:27pm

I create a testing implementation for XData but when I get IUserManager, if it is inside other API (my second xData), Assertion failure - exception is received.

I attached my source code

-------------- sample testing code --------------

unit SSO.Services.ServiceUsersImplementation;

interface

uses
  XData.Server.Module,
  XData.Service.Common,
  SSO.Services.ServiceUsers, SSO.Server.MainComponents;

type // ISSOServiceUsers

  [ServiceImplementation]
  TSSOServiceUsers = class(TInterfacedObject, ISSOServiceUsers)
  private
    function CreateUser(AUser, APass: string): string;
  end;

implementation

uses
  Sphinx.Context, Sphinx.UserManager, Sphinx.Entities;

function TSSOServiceUsers.CreateUser(AUser, APass: string): string;
var
  LContext: Sphinx.Context.ISphinxContext;
  LUsrMgr: Sphinx.UserManager.IUserManager;
  LUser: Sphinx.Entities.TUser;
begin
  { *** Testing xdata second api *** }

  LContext := SSOServerMainComponents.SphinxServer1.CreateContext;
  /// ////////////
  /// next line create exception <<<<<<<<<<<<<<<
  /// "Assertion failure (C:\\Desarrollo\\Delphi Components\\TMS Sphinx\\source\\core\\Sphinx.UserManager.Impl.pas, line 435)"
  LUsrMgr := LContext.UserManager;
  ///
  /// ////////////
  LUser := LUsrMgr.CreateUserInstance;
  LContext.AddOwnership(LUser);
  LUser.Email := 'test@test.com';
  LUser.EmailConfirmed := True;
  LContext.UserManager.CreateUser(LUser, '12345');

end;

initialization

RegisterServiceType(TSSOServiceUsers);

end.

wlandgraf · October 25, 2023, 12:34am

Do not create the context from the Sphinx server, as your XData server is another, different server than Sphinx. Instead, use this:

uses Sphinx.Config.CoreOptions, Sphinx.Context.Impl;

...
LContext := TSphinxContext.Create(
  TConfigCoreOptions.Create(SSOServerMainComponents.SphinxServer1.Config),
  TXDataOperationContext.Current.GetConnectionPool);

Alexander_Pastuhov · October 28, 2023, 10:40pm

I think in any real life implementation, some kind of user management will have to be implemented. You guys have all the components for that - both server-side & GUI-side, would you be able to put together a demo showing how it can be done the easiest way, using your components?

At the same time, Group class should probably be made extensible, like the User class is. And there should be some provisions added for access rights management. Even a basic "user" vs. "admin" access differentiation that can be assigned to groups, per Tenant, so that "admin" group members can manage user properties in the same Tenant, but "user" group members cannot.

wlandgraf · October 30, 2023, 6:58pm

It's something that can be provided in a future release, of course. But it's not available right now. And users can do it (with some effort of course), it's not a blocking issue.

Alexander_Pastuhov · October 31, 2023, 2:49am

Not blocking, yes. But for someone not too familiar with your many lines of products, it would be a lot of effort. Maybe you could create a simple demo using your WEB front-end product (or two - I believe you can do this in like 3 different ways at least)...