UM : API Details and Queries

Login, Logout, Change Password, Reset Password API

Application deploys with default 1 admin user with all permission over all data models of user management as well as applications. Admin user can login and create more users and define other roles with capabilities. Admin user can grant ReadWrite, ReadOnly and Hidden permission to the data models. Admin user can give ReadWrite access to the other roles also for creation of roles, capabilities and users.

Default username/Password : Admin/Pass@123

userToken and appName : Requester can provide this values in headers or URL arguments.

Type	API URL	Request	Header	Response	Remark
Login	https://<server>:<port>/fid-Authentication/login	Empty	Authorization: Basic Username : Admin Password : Pass@123	Response <Auth> <Status>Success</Status> <Message>Login Successful</Message> <Token>uqhjrf7ba4qauv7i1551009679429</Token> <Expiry>1551020479429</Expiry> <RoleID>AdminRoleId</RoleID> </Auth>
Logout	https://<server>:<port>/fid-Authentication/logout	Empty	userToken:{{userToken}}	Response <Auth> <Status>Success</Status> <Message>User session ended successfully.</Message> </Auth>
Change Password	http://<server>:<port>/fid-UserManagement	Request <ChangePassword> <userName>Admin</userName> <oldPassword>Pass@123</oldPassword> <password>Jack@123</password> </ChangePassword>	Content-Type:application/xml userToken:{{userToken}} appName:UM	Response <Auth> <Status>Success</Status> <Message>Password changed successfully.</Message> </Auth>	userToken and appName could be given in headers or URL arguments. Change validates old password and new password should follow password policy. Please check password policy under user management section.
Reset Password	http://<server>:<port>/fid-UserManagement	Request <ResetPassword> <userName>Admin</userName> </ResetPassword>	Content-Type:application/xml userToken:{{superUser}} appName:UM	Response <Auth> <Status>Success</Status> <Message>Password reset successfully.</Message> </Auth>	username is required to reset password. Password will set to Pass@123 and auto mail will triggered to the user mail id.

Create User, Role, Capability, Mappings, Permission

Type	API URL	Request	Header	Response	Remark
User	http://<server>:<port>/fid-UserManagement	Request <CreateUser> <firstName>Tony</firstName> <lastName>Stark</lastName> <userName>Stark</userName> <emailId>Stark@gmail.com</emailId> <roleId>OperatorRoleId</roleId> </CreateUser>	userToken:{{userToken}} Content-Type:application/xml appName:UM	Response <Create> <Status> Success </Status> <Message> User Created Successfully </Message> <UserId> udbshj </UserId> </Create>	username should be unique and role associated with Id should be created before creating user.
User Details	http://<server>:<port>/fid-UserManagement	Request <find only="username,firstname, lastname, emailId, roleid"> <User> <username>Admin</username> </User> </find>	userToken:{{userToken}} Content-Type:application/xml appName:UM	Response <Find Status="Success"> <Result> <User> <emailId>kishorekislay007@gmail.com</emailId> <lastName>Admin</lastName> <roleId>AdminRoleId</roleId> <userName>Admin</userName> <firstName>Admin</firstName> </User> </Result> </Find>	Password is encrypted and hidden.
Delete User	http://<server>:<port>/fid-UserManagement	Request <DeleteUser> <username>Tony.Stark</username> </DeleteUser>	userToken:{{userToken}} Content-Type:application/xml appName:UM	Response <Status>User Deleted Successfully</Status>	Username should be provided.
Update User	http://<server>:<port>/fid-UserManagement	Request <Save mode="unsafe"> <User> <username>Tony.Stark</username> <emailId>Stark@gmail.com</emailId> <roleId>OperatorRoleId</roleId> <firstName>Tony</firstName> <lastName>Stark</lastName> </User> </Save>	userToken:{{userToken}} Content-Type:application/xml appName:UM	Update Response	Only admin user should use this query with roleId. As there is ReadWrite access for every Role on User model. Any user can change roleId and make it as AdminRoleId and can access to the application models. So, this query should only be used by admin user.
Role	http://<server>:<port>/fid-UserManagement	Request <Create> <Role> <SysId>OperatorRoleId</SysId> <roleName>Operator</roleName> <description>Operator</description> <createDate>[:$Now():]</createDate> </Role> </Create>	Content-Type:application/xml userToken:{{userToken}} appName:UM	Create Success Response Message	RoleName should be unique.
Role Details	http://<server>:<port>/fid-UserManagement	Request <find> <role> <sysid>AdminRoleId</sysid> </role> </find>	Content-Type:application/xml userToken:{{userToken}} appName:UM	Response <Find Status="Success"> <Result> <Role> <sysId>AdminRoleId</sysId> <roleName>Admin</roleName> <description>Administrator</description> <createDate>1550934717348</createDate> </Role> </Result> </Find>
Delete Role	http://<server>:<port>/fid-UserManagement	Request <DeleteAll> <Role> <sysid eq="OperatorRoleId"/> </Role> </DeleteAll>	Content-Type:application/xml userToken:{{userToken}} appName:UM	Delete Response Message	Ideally we shouldn't delete any role. As, there may be chances that some user with that role is already created. If we are deleting Role then all those users should also be deleted. Also, all mappings related with that role should be deleted from everywhere.
Update Role					There is nothing in role update except for description and there is no use for that anywhere. We shouldn't update Rolename , RoleId etc as these are used in mapping and will effect while creating cache modifiers.
Capability	http://<server>:<port>/fid-UserManagement	Request <Create> <Capability> <SysId> OperatorMonitoringCapability </SysId> <capabilityName> OperatorMonitoringCapability </capabilityName> <description> ReadWrite Capabilities for all roles </description> <createDate>[:$Now():]</createDate> </Capability> </Create>	Content-Type:text/xml userToken:{{userToken}} appName:UM	Create Success Response Message	capabilityName should be unique.
Mappings	http://<server>:<port>/fid-UserManagement	Request <Create> <RoleCapabilityMapping> <SysId>OperatorControlMapping</SysId> <roleId>OperatorRoleId</roleId> <capabilityId>OperatorMonitoringCapability</capabilityId> <permission>ReadWrite</permission> </RoleCapabilityMapping> <CapabilityModelAssociation> <capabilityId>OperatorMonitoringCapability</capabilityId> <associationData>Atomiton.UserManagement.User</associationData> <resolveIndex>1</resolveIndex> <appModel>false</appModel> </CapabilityModelAssociation> </Create> <RoleBasedModelModifiersHTTP> <roleKey>OperatorRoleId</roleKey> </RoleBasedModelModifiersHTTP> <AppModelModifiersHTTP> <roleKey>OperatorRoleId</roleKey> <appName>HelloTQL</appName> </AppModelModifiersHTTP>	Content-Type:application/xml userToken:{{userToken}} appName:UM	Create Success Response Message	RoleBasedModelModifiersHTTP and AppModelModifiersHTTP should be called at end as these macros will create cache modifiers at user management and application. In RoleCapabilityMapping we map role with capability and provide access for that. In CapabilityModelAssociation we map Capability with model. Here we need association data that is fully qualified name for data model. There is 1 macro ListAllModels that lists all models with QName and that is required while mapping. ResolveIndex should default set to 1. AppModel should be set to true only if the datamodel belongs to application else false. If AppModel is true then we need to provide appName for that.
Create RoleTab Mapping	http://<server>:<port>/fid-UserManagement	Request <Create> <RoleMenuTabMapping> <roleID>AdminRoleId</roleID> <menuTabName>UMFunctionality</menuTabName> </RoleMenuTabMapping> </Create>	Content-Type:application/xml userToken:{{userToken}} appName:UM	Create Success Response Message	This model is used for group of tabs that should be visible for the role. This will be used at UI side for displaying tabs after logging in.
Find RoleTab Mapping	http://<server>:<port>/fid-UserManagement	Reuqest <find> <RoleMenuTabMapping> <roleID>AdminRoleId</roleID> </RoleMenuTabMapping> </find>	Content-Type:application/xml userToken:{{userToken}} appName:UM	Response <Find Status="Success"> <Result> <RoleMenuTabMapping> <sysId>NEXSBB23AAAKYHY5WTS6LWLD</sysId> <menuTabName>UMFunctionality</menuTabName> <roleID>AdminRoleId</roleID> </RoleMenuTabMapping> </Result> </Find>	While logging in do find query over RoleMenuTabMapping to get the list of tabs that should be visible for that role.
List All models	http://<server>:<port>/fid-UserManagement	Request <ListAllModels/>	Content-Type:application/xml userToken:{{userToken}} appName:UM	Response with list of all models(Applications + user management) Response <modelsList> <UM> <Data> <Name>UserPasswords</Name> <QName>Atomiton.UserManagement.UserPasswords</QName> </Data> </UM> <HelloTQL> <Data> <Name>HiddenModel</Name> <QName>Atomiton.Sensors.HiddenModel</QName> </Data> </HelloTQL> </modelsList> Here, UM is user management tag and HelloTQL is application tag, HelloTQL is application name and inside that there is Name i.e model name and Qname is fully qualified name i.e used as associationData in mapping.	This will be used for the mapping purpose.

Other Requests

Type	API URL	Request	Header	Response
Application Requests	http://<server>:<port>/fid-UserManagement	Request <find> <RGBModel> <rgbId ne=""/> </RGBModel> </find> <find> <VendorInfo> <vendorId ne=""/> </VendorInfo> </find> <find> <HiddenModel> <Id ne=""/> </HiddenModel> </find>	Content-Type:text/xml userToken:{{userToken}} appName:{{appName}}	Application Request response
UM Requests	http://<server>:<port>/fid-UserManagement	Request <find> <UserPasswords> <sysid ne=""/> </UserPasswords> </find>	Content-Type:application/xml userToken:{{userToken}} appName:UM	User Management Request response