Ok Maxim.
I checked the tables and confirmed as you said. The "external" user is in
it certainly.
The following is my om_user tables data.
mysql> select firstname,login,password,status,externalUserId from om_user;
+-----------+-------+----------------------------------+--------+-------------------------------------------------+
| firstname | login | password |
status | externalUserId |
+-----------+-------+----------------------------------+--------+-------------------------------------------------+
| firstname | onoke | 5f4dcc3b5aa765d61d8327deb882cf99 | 1 | NULL
|
| ono3 | onoke | d41d8cd98f00b204e9800998ecf8427e | 0 | 1
|
| ono2 | ono2 | 5f4dcc3b5aa765d61d8327deb882cf99 | 1 | 4
|
+-----------+-------+----------------------------------+--------+-------------------------------------------------+
"firstname" is admin, "ono3" is registered by using loginUser(), "ono2" is
registered by using addNewUserWithExternalType().
I think the strict of "external" user is judged from status, right ?
And "ono3"'s login field is as same as admin, dose it correct?
2013/10/28 Maxim Solodovnik <solomax...@gmail.com>
> "external" users are added to the "om_user" database (on the first
> secureHash link use, mean no user is created UNLESS hash is used)
> All users has their private file inaccessible to others
> As soon as files are shared to the room they are accessible by others
>
> Your assumption regarding files seems to be based on some specific steps
> etc.
>
>
>
> On Mon, Oct 28, 2013 at 5:45 PM, 小野圭二 <onoke...@gmail.com> wrote:
>
>> To confirm, the important thing the "external" user difference with
>> "real" one is that need to register into om_user table or not, i guess.
>> In my test, a "external" user dose not need to register in the table.
>> And he has a private file repository in a room.
>> I would like to know what the relation between "external" user and it's
>> private file repository.
>>
>> -Ono
>>
>>
>>
>> 2013/10/28 Maxim Solodovnik <solomax...@gmail.com>
>>
>>> As I understand the current process
>>> "external" users are not temporary, but limited.
>>> 1) they are unable to login via GUI
>>> 2) they are unable to change their password
>>> 3) usually dashboard is not accessible to them.
>>>
>>> Document upload download should work for them as expected
>>>
>>>
>>>
>>> On Mon, Oct 28, 2013 at 3:58 PM, 小野圭二 <onoke...@gmail.com> wrote:
>>>
>>>> Thx Maxim,
>>>>
>>>> I got the user type clearly, maybe.
>>>> So the external users account dose not need to register in OM user
>>>> tables, right?
>>>> It looks like temporally user, dose not it?
>>>> If so, it is right that external user have not document repository.
>>>>
>>>> My understanding is correct?
>>>>
>>>> -Ono
>>>>
>>>>
>>>>
>>>> 2013/10/28 Maxim Solodovnik <solomax...@gmail.com>
>>>>
>>>>> It seems to be misunderstanding (maybe because of my English :( )
>>>>>
>>>>> There are 2 types of the user accounts in OM 2.x:
>>>>> 1) "real" users: users of different types (user, admin, soap) created
>>>>> by admin via OM GUI (Administration->Users menu)
>>>>> 2) external users, users created via REST/SOAP
>>>>>
>>>>> It doesn't really matter if you use REST or SOAP they should act
>>>>> identically
>>>>>
>>>>> Then you call loginUser you performing login by "real" OM user (see
>>>>> above)
>>>>> Then you access OM using secureHash generated you login as
>>>>> externalUser (was created/updated while generating hash)
>>>>>
>>>>> To perform REST/SOAP calls you can use "real" OM user with admin OR
>>>>> soap rights (user with soap rights is unable to login into OM GUI)
>>>>>
>>>>> This is why "all auto login users login with admin account" is not
>>>>> correct
>>>>>
>>>>>
>>>>>
>>>>> On Mon, Oct 28, 2013 at 3:16 PM, 小野圭二 <onoke...@gmail.com> wrote:
>>>>>
>>>>>> I do not use SOAP. Just using REST.
>>>>>> The procedure was the same as you said, but the only difference is at
>>>>>> (2).
>>>>>> Dose "real" user mean ordinary user ?
>>>>>> In fact, REST' loginUser() dose not authorize any ordinary user. So i
>>>>>> use a admin user account.
>>>>>> Cause of it, all auto login users login with admin account. bu-
>>>>>>
>>>>>> -Ono
>>>>>>
>>>>>>
>>>>>> 2013/10/28 Maxim Solodovnik <solomax...@gmail.com>
>>>>>>
>>>>>>> I'm not sure I got your question :(
>>>>>>>
>>>>>>> The actual procedure of using SOAP is:
>>>>>>> *1)* get session ID (not authorized)
>>>>>>> *2)* authorize session using "real" OM user
>>>>>>> NOTE each call will check if rights are sufficient, so you can
>>>>>>> authorize with "user" successfully but will be unable to perform almost
>>>>>>> all
>>>>>>> actions
>>>>>>>
>>>>>>> *3) *generate secureHash for given "external" user.
>>>>>>> It is impossible to login into OM for the external user (no
>>>>>>> password). External user is being debined by following data:
>>>>>>> 1. externalUserType (unique name of your system)
>>>>>>> 2. externalUserId (unique identifier inside "externalUserType"
>>>>>>> system)
>>>>>>> 3. login/email should still be unique inside OM (possibly need to
>>>>>>> be redesigned)
>>>>>>>
>>>>>>> files uploaded into room and not made public only available to the
>>>>>>> user upload them.
>>>>>>> I'm not sure what do you mean bu "cut the room", in case it is
>>>>>>> delete all files are not accessible.
>>>>>>>
>>>>>>>
>>>>>>> On Mon, Oct 28, 2013 at 12:25 PM, 小野圭二 <onoke...@gmail.com> wrote:
>>>>>>>
>>>>>>>> In this case, whose thing dose a upload file belong?
>>>>>>>> From my test, when into room by auto login, for example login with
>>>>>>>> admin but set 'user1' in setUserObjectAndGenerateRoomHash(), both of
>>>>>>>> them
>>>>>>>> have not the upload file.
>>>>>>>> The test procedure as following.
>>>>>>>>
>>>>>>>> 1.do auto login with admin but set 'user1'
>>>>>>>> 2.do upload a file to private folder
>>>>>>>> 3.cut this room instance
>>>>>>>> 4.login with admin from OM login panel
>>>>>>>> but there is not the file in private folder
>>>>>>>> 5.login with 'user1' from OM login panel
>>>>>>>> but there is also not the file in one
>>>>>>>> 6.do 1 agan
>>>>>>>> there is , wow.
>>>>>>>>
>>>>>>>> I am little confusing. ;-)
>>>>>>>>
>>>>>>>> -Ono
>>>>>>>>
>>>>>>>>
>>>>>>>> 2013/10/27 Maxim Solodovnik <solomax...@gmail.com>
>>>>>>>>
>>>>>>>>> Actually you need user with admin or soap level to use soap/rest
>>>>>>>>> API.
>>>>>>>>>
>>>>>>>>> All parameters being set later in setuserobject... method should
>>>>>>>>> be for external user being set (usually joomla, moodle, WordPress
>>>>>>>>> etc. User)
>>>>>>>>> On Oct 26, 2013 11:49 AM, "Jacob C. Gaiski" <jgai...@emich.edu>
>>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>>> The user requesting the secure hash must have admin permissions
>>>>>>>>>> regardless of the user object attributed to the user.
>>>>>>>>>>
>>>>>>>>>> Attributing an admin user to a user object will grant admin
>>>>>>>>>> permissions, granting anonymous user attributes will grant anonymous
>>>>>>>>>> action.
>>>>>>>>>>
>>>>>>>>>> I'm fairly certain I'm correct. Please correct me if I'm wrong.
>>>>>>>>>>
>>>>>>>>>> On Oct 26, 2013, at 12:40 AM, 小野圭二 <onoke...@gmail.com> wrote:
>>>>>>>>>>
>>>>>>>>>> I would like to confirm for auto login procedure.
>>>>>>>>>>
>>>>>>>>>> It seems like the username parameter of loginUser() must be a
>>>>>>>>>> admin account.
>>>>>>>>>> Dose it correct?
>>>>>>>>>> If so, ordinary user (om_user.level_id=1) can not enter into any
>>>>>>>>>> room by auto login.
>>>>>>>>>> The procedure is as following.
>>>>>>>>>> 1.get session data by using getSession()
>>>>>>>>>> 2.login to om by using loginUser() with the admin account
>>>>>>>>>> 3.set user object by using setUserObjectAndGenerateRoomHash().
>>>>>>>>>> 4.then redirect to om with the hash data that get by 3
>>>>>>>>>>
>>>>>>>>>> If using ordinary account at 2, it get error code -26 that is
>>>>>>>>>> mean "need admin role".
>>>>>>>>>> I expect loginUser() can handle a ordinary account.
>>>>>>>>>> Is this spec or bug?
>>>>>>>>>> If it is bug, i try to fix it.
>>>>>>>>>>
>>>>>>>>>> LFR
>>>>>>>>>>
>>>>>>>>>> -Ono
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> 2013/10/26 小野圭二 <onoke...@gmail.com>
>>>>>>>>>>
>>>>>>>>>>> HI Maxim,
>>>>>>>>>>>
>>>>>>>>>>> I have just tried one, and works fine.
>>>>>>>>>>> Great.
>>>>>>>>>>> Many thanks about your suggestion.
>>>>>>>>>>>
>>>>>>>>>>> So, have this procedure been opened where else, that like a wiki
>>>>>>>>>>> and/or tutorial ?
>>>>>>>>>>> I could not find it.
>>>>>>>>>>> If there is not yet, why not i write it on wiki ?
>>>>>>>>>>>
>>>>>>>>>>> -Ono
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> 2013/10/25 小野圭二 <onoke...@gmail.com>
>>>>>>>>>>>
>>>>>>>>>>>> Thank you, Maxim.
>>>>>>>>>>>> I will try it tomorrow. :)
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> 2013/10/25 Maxim Solodovnik <solomax...@gmail.com>
>>>>>>>>>>>>
>>>>>>>>>>>>> Yes
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> On Fri, Oct 25, 2013 at 7:37 PM, 小野圭二 <onoke...@gmail.com>wrote:
>>>>>>>>>>>>>
>>>>>>>>>>>>>> >>you should use URL like this
>>>>>>>>>>>>>> >>http://localhos:5080/openmeetings/?secureHash=<
>>>>>>>>>>>>>> hash_created>&language=1
>>>>>>>>>>>>>> to enter the room
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> Is the "<hash_created>" the value of "<ns:return>" ?
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> <ns:setUserObjectAndGenerateRoomHashResponse xmlns:ns="
>>>>>>>>>>>>>> http://services.axis.openmeetings.apache.org";><ns:return>
>>>>>>>>>>>>>> a8e844da497727d8a0ec1db4447d9d60</ns:return></ns:
>>>>>>>>>>>>>> setUserObjectAndGenerateRoomHashResponse>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> -Ono
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>> 2013/10/25 Maxim Solodovnik <solomax...@gmail.com>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> you should use URL like this
>>>>>>>>>>>>>>> http://localhos:5080/openmeetings/?secureHash=<
>>>>>>>>>>>>>>> hash_created>&language=1
>>>>>>>>>>>>>>> to enter the room
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> On Fri, Oct 25, 2013 at 3:37 PM, 小野圭二 <onoke...@gmail.com>wrote:
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> I have made a external user by
>>>>>>>>>>>>>>>> using addNewUserWithExternalType(). It was fine.
>>>>>>>>>>>>>>>> Then auto login, fuum not work on me. I checked it and got
>>>>>>>>>>>>>>>> the return as following.
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> <ns:setUserObjectAndGenerateRoomHashResponse xmlns:ns="
>>>>>>>>>>>>>>>> http://services.axis.openmeetings.apache.org
>>>>>>>>>>>>>>>> "><ns:return>a8e844da497727d8a0ec1db4447d9d60</ns:return></ns:setUserObjectAndGenerateRoomHashResponse>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> It seems like containing a hash code. Should i use it to
>>>>>>>>>>>>>>>> redirect process?
>>>>>>>>>>>>>>>> Now i redirect to OM top simply without any query.
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> Thx a lot Maxim, very often.
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> -Ono
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>> 2013/10/25 Maxim Solodovnik <solomax...@gmail.com>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> The order should be:
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> 1) getSession
>>>>>>>>>>>>>>>>> 2) loginUser
>>>>>>>>>>>>>>>>> 3) setUserObject..... NOTE externalUserId and
>>>>>>>>>>>>>>>>> externalUserType are mandatory parameters
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> by loginUser you authorizing your script
>>>>>>>>>>>>>>>>> by setUserObject... you are creating/editing "externaal"
>>>>>>>>>>>>>>>>> user and creating hash for entering the room as this user
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> On Fri, Oct 25, 2013 at 2:41 PM, 小野圭二
>>>>>>>>>>>>>>>>> <onoke...@gmail.com>wrote:
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> Thx Maxim,
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> I tried setUserObj...() , but the return was error code
>>>>>>>>>>>>>>>>>> that mean "Admin authorization required".
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> <ns:setUserObjectAndGenerateRoomHashResponse xmlns:ns="
>>>>>>>>>>>>>>>>>> http://services.axis.openmeetings.apache.org
>>>>>>>>>>>>>>>>>> "><ns:return>-26</ns:return></ns:setUserObjectAndGenerateRoomHashResponse>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> This is the REST url that i called.
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> http://localhost:5080/openmeetings/services/UserService/setUserObjectAndGenerateRoomHash?SID=
>>>>>>>>>>>>>>>>>> ".$sessionID."&username=onoke&firstname=ono&lastname=keiji&profilePictureUrl=&email=
>>>>>>>>>>>>>>>>>> o...@net8.co.jp
>>>>>>>>>>>>>>>>>> &externalUserId=&externalUserType=&room_id=3&becomeModeratorAsInt=0&showAudioVideoTestAsInt=0
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> *$sessionID was gotten by getSession()
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> Something lack? :-<
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> -Ono
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>> 2013/10/25 Maxim Solodovnik <solomax...@gmail.com>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> you need to call
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> http://openmeetings.apache.org/UserService.html#setUserObjectAndGenerateRoomHash
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> then redirect to
>>>>>>>>>>>>>>>>>>> http://localhos:5080/openmeetings/?secureHash=
>>>>>>>>>>>>>>>>>>> <hash_created>&language=1
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> On Fri, Oct 25, 2013 at 1:23 PM, 小野圭二 <
>>>>>>>>>>>>>>>>>>> onoke...@gmail.com> wrote:
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>> Hi,
>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>> Let me know what should i do after loginUser() was
>>>>>>>>>>>>>>>>>>>> success.
>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>> I am testing loginUser() for auto login from external
>>>>>>>>>>>>>>>>>>>> site.
>>>>>>>>>>>>>>>>>>>> At first, i got a session id by using getSession(),
>>>>>>>>>>>>>>>>>>>> then called loginUser() with setting the session id.
>>>>>>>>>>>>>>>>>>>> So the return was as following.
>>>>>>>>>>>>>>>>>>>> <ns:loginUserResponse xmlns:ns="
>>>>>>>>>>>>>>>>>>>> http://services.axis.openmeetings.apache.org
>>>>>>>>>>>>>>>>>>>> "><ns:return>1</ns:return></ns:loginUserResponse>
>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>> In the element value was 1. I thought i got a success
>>>>>>>>>>>>>>>>>>>> to auto login as it was positive.
>>>>>>>>>>>>>>>>>>>> Then i redirected to OpenMeetings, but the login combo
>>>>>>>>>>>>>>>>>>>> appeared on it.
>>>>>>>>>>>>>>>>>>>> Are there any wrong procedure on me?
>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>> Thanks in advance.
>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>> Ono
>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>> --
>>>>>>>>>>>>>>>>>>> WBR
>>>>>>>>>>>>>>>>>>> Maxim aka solomax
>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>> --
>>>>>>>>>>>>>>>>> WBR
>>>>>>>>>>>>>>>>> Maxim aka solomax
>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>> --
>>>>>>>>>>>>>>> WBR
>>>>>>>>>>>>>>> Maxim aka solomax
>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>>
>>>>>>>>>>>>> --
>>>>>>>>>>>>> WBR
>>>>>>>>>>>>> Maxim aka solomax
>>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> WBR
>>>>>>> Maxim aka solomax
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> WBR
>>>>> Maxim aka solomax
>>>>>
>>>>
>>>>
>>>
>>>
>>> --
>>> WBR
>>> Maxim aka solomax
>>>
>>
>>
>
>
> --
> WBR
> Maxim aka solomax
>
