Changes to the class User 2.5
The new User class should be used for user provisioning and retrieving information about users.
Security settings on the user
- The
user rolesspecified on the user are used to limit certainactionsto users owning a certainuser role - The
user groupsspecified on the user indicate to which user groups he/she has access. The type of access is configured on the folder by specifying which user groups haveread accessand which user groups havewrite access.
Changes in database structure and behavior
- Moving users out of the user group container
-
In previous versions, all users were grouped in user groups. The side-effect of this was that you had to access the users via the user groups and that each user had always access to its owning user group.
Starting from SDL Trisoft 9.2.0 , users no longer belong to one user group. So, user groups are just metadata on an user specifying to which user groups the user has access. This also means that an administrator will be able to revoke access rights for every user group from any user.
- Changes in naming
-
SDL LiveContent Architect had various legacy terminology. Starting with the
Web Services 2.5, we made terminology consistent. In order to do this, the element names of some objects are changed.The following table gives an overview of those changes:Object type Old element name New element name Description Field FISHCAPABILITIES FISHUSERROLES The field on the user containing the user roles
- Introducing a display name on the user
-
An user's username and (external) id are mostly unreadable identifiers. Starting from SDL Trisoft 9.2.0 , we have introduced a display name (=
FISHUSERDISPLAYNAME) which can be used by user interfaces to show a more readable name for the user
- Enabling central authentication
-
There are 2 new fields to enable Windows Authentication:
- The
FISHEXTERNALIDfield links the name of the external system (e.g. Windows Authentication) with a SDL LiveContent Architect user - The
FISHUSERTYPEfield indicates whether the user is aninternalSDL LiveContent Architect user with a SDL LiveContent Architect Password OR anexternaluser with an ExternalId
- The
- Introducing the option to enable/disable an user
-
Starting from SDL Trisoft 9.2.0 , an administrator can block an user from logging in by setting the (new)
FISHUSERDISABLEDfield onTRUE.
- Introducing the option to activate/deactivate an user
-
We introduced a new field
FISHOBJECTACTIVEto allow an administrator to deactivate an user. The user has still full access to the SDL LiveContent Architect system, but the field can be used to reduce user lists. Normally, an administrator will deactivate an disabled user, but the 2 fields are not linked.
- Enabling 'My Favorites' folder for each user
-
Starting from SDL Trisoft 9.2.0 , we always create a My Favorites folder during the creation of a new user.
SDL LiveContent Architect password
- The SDL LiveContent Architect password is only used for
internalSDL LiveContent Architect users. Starting from SDL Trisoft 9.2.0 , the password is no longer trimmed when setting the password or during login.
- During validation of a new SDL LiveContent Architect password, the password still needs to be valid according to the Password Complexity rules which are specified in the registry (see Login settings)
- We still use the same proprietary encryption for the password.
Changes in methods
Web Services 2.5 you must use the new User class for user provisioning and retrieving information about user. The API methods work similar to the API calls of Output Format and Baseline:
- The users are uniquely identified using an element name which starts with the prefix
VUSER - The standard
MetadataXML structure (with levelnone) can be used for retrieving or setting fields - The retrieve methods will return an
ishobjectlist xml with objects of typeISHUser<ishobjects> <ishobject ishref="VUSERDDEMEYER" ishtype="ISHUser" ishuserref="362114"> <ishfields> <ishfield name="USERNAME" level="none">ddemeyer</ishfield> <ishfield name="FISHUSERDISPLAYNAME" level="none">Dave De Meyer</ishfield> <ishfield name="CREATED-ON" level="none">22/06/2011 16:56:16</ishfield> <ishfield name="MODIFIED-ON" level="none">24/06/2011 09:31:26</ishfield> <ishfield name="FUSERGROUP" level="none">Qualtiy Assurance, Default Department, System management, Project team, Training Department, Sales Marketing, Research and Development</ishfield> <ishfield name="FISHEXTERNALID" level="none">GLOBAL\ddemeyer</ishfield> <ishfield name="FISHUSERTYPE" level="none">External</ishfield> <ishfield name="FISHEMAIL" level="none">ddemeyer@sdl.com</ishfield> <ishfield name="FISHUSERDISABLED" level="none">No</ishfield> <ishfield name="FISHUSERROLES" level="none">Administrator, Author, Planning, Reviewer, Translator</ishfield> <ishfield name="FISHUSERLANGUAGE" level="none">en</ishfield> <ishfield name="FISHOBJECTACTIVE" level="none" ishvaluetype="element">TRUE</ishfield> </ishfields> </ishobject> <ishobject ishref="VUSERGUEST" ishtype="ISHUser" ishuserref="4483"> <ishfields> <ishfield name="USERNAME" level="none">Guest</ishfield> <ishfield name="FISHUSERDISPLAYNAME" level="none">Guest</ishfield> <ishfield name="CREATED-ON" level="none">22/06/2011 16:56:16</ishfield> <ishfield name="MODIFIED-ON" level="none">24/06/2011 09:31:26</ishfield> <ishfield name="FUSERGROUP" level="none">Default Department</ishfield> <ishfield name="FISHEXTERNALID" level="none"></ishfield> <ishfield name="FISHUSERTYPE" level="none">Internal</ishfield> <ishfield name="FISHEMAIL" level="none"></ishfield> <ishfield name="FISHUSERDISABLED" level="none">No</ishfield> <ishfield name="FISHUSERROLES" level="none">Author, Planning, Reviewer, Translator</ishfield> <ishfield name="FISHUSERLANGUAGE" level="none">en</ishfield> <ishfield name="FISHOBJECTACTIVE" level="none" ishvaluetype="element">TRUE</ishfield> </ishfields> </ishobject> </ishobjects>