The User Management system application provides some integration points for APS applications as considered here.
In this document:
There are two main parts to manage users in the platform:
There are typical operations to provide and configure services for users that an application can integrate with:
The User Management application exposes the following placeholders for plugging views and view-plugins of other APS applications:
| PLACEHOLDER | View Type | Purpose |
|---|---|---|
http://www.aps-standard.org/ui/service/suwizard.new/2 |
View | Assign service during user creation |
http://www.parallels.com/ccp-users#usersview |
View-plugin | Service information in the list of users |
http://www.parallels.com/ccp-users#userInfo |
View-plugin | Service management in user profile |
Note
To plug into a User Management placeholder, the corresponding APS type must implement the APS core user service type. This implementation also adds a strong relation with the APS core user type.
Generally, an APS application is integrated with the User Management through the following steps.
In metadata, declare navigation trees separately for the integrated views (using the <view> </view> pair) and for view-plugins (using the <view-plugin> </view-plugin> pair), like in this example:
<navigation id="suwizard">
<view id="addUserService" label="Add VPS"
src="ui/addUserService.js">
<plugs-to id="http://www.aps-standard.org/ui/service/suwizard.new/2" />
</view>
</navigation>
<navigation id="plugins">
<view-plugin id="vpsUserListPlugin" src="ui/plugins/vpsUserListPlugin.js">
<plugs-to id="http://www.parallels.com/ccp-users#usersview" />
</view-plugin>
<view-plugin id="vpsUserPlugin"
src="ui/plugins/vpsUserPlugin.js">
<plugs-to id="http://www.parallels.com/ccp-users#userInfo" />
</view-plugin>
</navigation>
Each view or view-plugin that is going to use the Business API to interact with the User Management must declare the special placeholder to make the respective system module plug to this placeholder:
<plugin-placeholder id=“http://www.aps-standard.org/core/package#biz" />
To comply with the requirements to the APS type, the latter must implement the APS core user service type to have a relation with the APS core user type. Declare it using the PHP runtime as in the following example:
/**
* @type("http://aps-standard.org/samples/suwizard1p/vps/1.0")
* @implements("http://aps-standard.org/types/core/user/service/1.0")
*/
class vps extends APS\ResourceBase {
...
}
or directly in the *.schema file:
"implements": [
"http://aps-standard.org/types/core/user/service/1.0"
],
In the plugged JavaScript sources, define the methods that the User Management application calls when executing its own operations. The methods are described in this document.
Take into account the following mechanisms of assigning permissions for a user to an assigned service:
referrer role when
operating the assigned service and it is possible to specify explicitly another role (owner or admin) for users
whom the service will be assigned to.referrer role is able
to read the properties of an assigned resource and run the operations defined through the GET verb.
The owner and admin roles are granted all permissions to the resource, its properties, and operations.
Using the access attributes, it is possible to redefine permissions for the roles.As follows from the above, you can provide the following ways for users to manage assigned resources:
referrer role to users
is quite enough. In the User Management demo project, the start and stop operations allow users
to change server state.referrer role directly by means of the
access attributes.
In this case, a user can change resource properties by sending PUT requests or even delete them
by sending DELETE requests.owner role to users by means of the assign object
in the user relation that
links a resource with a user. In this case, you grant the users all permissions unless you do not redefine
them by the access attribute.Role assignment is demonstrated in the optional proof of concepts section of the User Management demo project.