Tweet
Good day,
i have been trying to create new users using an API call.
To achieve this, I wrote an extension with basically two files
1. application/Espo/Custom/Acl/User.php
and 2. application/Espo/Resources/metadata/scopes/User.json
I could then assign the "create" permission to a new role and assign this role to a user (and respectively an api user).
However, even in the front-end I cannot create a new user with a non-admin user, having the appropriate role. I can access the form to create a new user, however, I cannot assign either a username, a role or a team (see attached figure).
A call to the REST-API yields a "400 Bad Request" error with "X-Status-Reason →Not valid data. Field: 'userName', type: required.".
My request body looks like this:
Unfortunately my logging does not seem to work properly, that is why I cannot track the incoming request.
Does anybody have an idea, why this approach does not work or where I can find access permissions for the userName field?
Best wishes and many thanks in advance
Simon
i have been trying to create new users using an API call.
To achieve this, I wrote an extension with basically two files
1. application/Espo/Custom/Acl/User.php
PHP Code:
<?php
namespace Espo\Custom\Acl;
use \Espo\Entities\User as EntityUser;
use \Espo\ORM\Entity;
class User extends \Espo\Core\Acl\Base {
public function checkEntityCreate(EntityUser $user, Entity $entity, $data) {
return $this->checkEntity($user, $entity, $data, 'create');
}
}
?>
Code:
{
"entity": true,
"layouts": true,
"tab": true,
"acl": true,
"aclActionList": ["create", "read", "edit"],
"aclActionLevelListMap": {
"edit": ["all", "own", "no"]
},
"customizable": true,
"object": true
}
However, even in the front-end I cannot create a new user with a non-admin user, having the appropriate role. I can access the form to create a new user, however, I cannot assign either a username, a role or a team (see attached figure).
A call to the REST-API yields a "400 Bad Request" error with "X-Status-Reason →Not valid data. Field: 'userName', type: required.".
My request body looks like this:
Code:
{
"type": "regular",
"firstName": "fasd",
"lastName": "fdasd",
"isActive": true,
"isSuperAdmin": false,
"teams": {
"teamsIds": []
},
"gender": "",
"userName": "mustermann3",
"salutationName": "Ms.",
"password": "1qay",
"passwordPreview": "",
"passwordConfirm": "1qay",
"title": null,
"emailAddressData": [],
"emailAddress": null,
"emailAddressIsOptedOut": null,
"phoneNumberData": [],
"phoneNumber": null,
"phoneNumberIsOptedOut": null,
"defaultTeamName": null,
"defaultTeamId": null,
"rolesIds": [],
"rolesNames": {},
"teamsIds": [],
"teamsNames": {},
"teamsColumns": {}
}
Does anybody have an idea, why this approach does not work or where I can find access permissions for the userName field?
Best wishes and many thanks in advance
Simon