[Building Sakai] How to create user using Sql Queries
Jehan
jeehaaan at gmail.com
Tue Jun 24 02:29:45 PDT 2014
Dear Steve
It print same error (*UserPermissionException:* e.printStackTrace() )
whether I comment or remove following code for unlocking,
When I print System.out.println(SecurityService.unlock("user.upd.any",
site.getReference())) then it return "*true*" value, its mean locking is
working fine.
/*
if (!SecurityService.isSuperUser(usession.getUserId()) &&
!SecurityService.unlock("user.upd.any", site.getReference())
)
{
System.out.println(" Permission denied. Must be super user for updating a
user in site in which you are not a maintainer.");
return ERROR_LOCK;
}
else
{
*/
UserEdit userEdit = null;
try {
*userEdit = UserDirectoryService.editUser(userid); //here exception is
throwing*
userEdit.setFirstName(decorateStudent.first_name);
userEdit.setLastName(decorateStudent.last_name);
userEdit.setEmail(decorateStudent.email);
userEdit.setPassword(decorateStudent.password);
UserDirectoryService.commitEdit(userEdit);
System.out.println("Successfully updated ");
}
*catch (org.sakaiproject.user.api.UserPermissionException ex)*
* {*
* //UserDirectoryService.cancelEdit(userEdit);*
* e.printStackTrace(); //following exception is printing by this code
fragment*
*
// org.sakaiproject.user.api.User PermissionException user=david
function=user.upd.any resource=/user/stewart1*
* // at
org.sakaiproject.user.impl.BaseUserDirectoryService.unlock( ..............*
* }*
catch (org.sakaiproject.user.api.UserLockedException ex1)
{
UserDirectoryService.cancelEdit(userEdit);
e.printStackTrace();
}
catch (Exception e) {
UserDirectoryService.cancelEdit(userEdit);
e.printStackTrace();
}
return SUCCESS;
//}
On Mon, Jun 23, 2014 at 6:54 PM, Steve Swinsburg <steve.swinsburg at gmail.com>
wrote:
> Can you show your actual code for this piece? I have a feeling your unlock
> isn't being done correctly.
>
> cheers,
> Steve
>
>
> On Mon, Jun 23, 2014 at 7:18 PM, Jehan <jeehaaan at gmail.com> wrote:
>
>> Why I am facing following exception though I have assigned permission
>> user.upd.any to user "david"
>>
>> New user successfully inserting but updation create problem
>>
>> org.sakaiproject.user.api.*UserPermissionException *user=*david *
>> function=*user.upd.any* resource=*/user/stewart1*
>> at
>> org.sakaiproject.user.impl.BaseUserDirectoryService.unlock(BaseUserDi
>> rectoryService.java:270)
>> at
>> org.sakaiproject.user.impl.BaseUserDirectoryService.editUser(BaseUser
>> DirectoryService.java:1085)
>> at
>> org.sakaiproject.user.cover.UserDirectoryService.editUser(UserDirecto
>> ryService.java:156)
>> at
>> org.sakaiproject.tool.qarnet.QarnetTool.CreateUpdateSakaiUser(QarnetT
>> ool.java:3825)
>> at
>> org.sakaiproject.tool.qarnet.QarnetTool.processCreateStudent(QarnetTo
>> ol.java:3760)
>> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>> at
>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
>> java:39)
>> at
>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
>> sorImpl.java:25)
>> at java.lang.reflect.Method.invoke(Method.java:597)
>> at
>> com.sun.faces.el.MethodBindingImpl.invoke(MethodBindingImpl.java:146)
>>
>> at
>> com.sun.faces.application.ActionListenerImpl.processAction(ActionList
>> enerImpl.java:92)
>> at javax.faces.component.UICommand.broadcast(UICommand.java:332)
>> at
>> javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:287)
>>
>> at
>> javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:4
>> 01)
>> at
>> com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicat
>> ionPhase.java:95)
>> at
>> com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:268)
>> at
>> com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:110)
>>
>> at javax.faces.webapp.FacesServlet.service(FacesServlet.java:213)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
>> icationFilterChain.java:305)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
>> ilterChain.java:210)
>> at
>> org.sakaiproject.util.RequestFilter.doFilter(RequestFilter.java:634)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
>> icationFilterChain.java:243)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
>> ilterChain.java:210)
>> at
>> org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDisp
>> atcher.java:749)
>> at
>> org.apache.catalina.core.ApplicationDispatcher.processRequest(Applica
>> tionDispatcher.java:487)
>> at
>> org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationD
>> ispatcher.java:412)
>> at
>> org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDis
>> patcher.java:339)
>> at
>> org.sakaiproject.tool.qarnet.QarnetFilePickerServlet.dispatch(QarnetF
>> ilePickerServlet.java:158)
>> at org.sakaiproject.jsf.util.JsfTool.doPost(JsfTool.java:256)
>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:647)
>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
>> icationFilterChain.java:305)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
>> ilterChain.java:210)
>> at
>> org.sakaiproject.util.RequestFilter.doFilter(RequestFilter.java:634)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
>> icationFilterChain.java:243)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
>> ilterChain.java:210)
>> at
>> org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDisp
>> atcher.java:749)
>> at
>> org.apache.catalina.core.ApplicationDispatcher.processRequest(Applica
>> tionDispatcher.java:487)
>> at
>> org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationD
>> ispatcher.java:379)
>> at
>> org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDis
>> patcher.java:339)
>> at
>> org.sakaiproject.tool.impl.ActiveToolComponent$MyActiveTool.forward(A
>> ctiveToolComponent.java:511)
>> at
>> org.sakaiproject.portal.charon.SkinnableCharonPortal.forwardTool(Skin
>> nableCharonPortal.java:1483)
>> at
>> org.sakaiproject.portal.charon.handlers.ToolHandler.doTool(ToolHandle
>> r.java:213)
>> at
>> org.sakaiproject.portal.charon.handlers.ToolHandler.doGet(ToolHandler
>> .java:96)
>> at
>> org.sakaiproject.portal.charon.handlers.ToolHandler.doPost(ToolHandle
>> r.java:73)
>> at
>> org.sakaiproject.portal.charon.SkinnableCharonPortal.doPost(Skinnable
>> CharonPortal.java:1273)
>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:647)
>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
>> icationFilterChain.java:305)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
>> ilterChain.java:210)
>> at
>> org.sakaiproject.util.RequestFilter.doFilter(RequestFilter.java:695)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
>> icationFilterChain.java:243)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
>> ilterChain.java:210)
>> at
>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
>> alve.java:222)
>> at
>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
>> alve.java:123)
>> at
>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica
>> torBase.java:472)
>> at
>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
>> ava:171)
>> at
>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
>> ava:99)
>> at
>> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:
>> 947)
>> at
>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
>> ve.java:118)
>> at
>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
>> a:408)
>> at
>> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp
>> 11Processor.java:1009)
>> at
>> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(
>> AbstractProtocol.java:589)
>> at
>> org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoin
>> t.java:312)
>> at
>> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExec
>> utor.java:886)
>> at
>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor
>> .java:908)
>> at java.lang.Thread.run(Thread.java:619)
>>
>>
>>
>>
>> On Mon, Jun 23, 2014 at 1:35 PM, Jehan <jeehaaan at gmail.com> wrote:
>>
>>> Everything works fine,
>>>
>>> but following error log is generating when creating new user or
>>> updating existing user
>>>
>>>
>>>
>>> Jun 23, 2014 2:32:08 PM org.apache.catalina.loader.WebappClassLoader
>>> loadClass
>>> INFO: Illegal access: this web application instance has been stopped
>>> already. C
>>> ould not load org.sakaiproject.sitestats.impl.ServerStatImpl. The
>>> eventual foll
>>> owing stack trace is caused by an error thrown for debugging purposes as
>>> well as
>>> to attempt to terminate the thread which caused the illegal access, and
>>> has no
>>> functional impact.
>>> java.lang.IllegalStateException
>>> at
>>> org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoa
>>> der.java:1599)
>>> at
>>> org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoa
>>> der.java:1558)
>>> at
>>> org.hibernate.util.ReflectHelper.classForName(ReflectHelper.java:164)
>>>
>>> at
>>> org.hibernate.impl.SessionFactoryImpl.getImplementors(SessionFactoryI
>>> mpl.java:730)
>>> at org.hibernate.impl.SessionImpl.list(SessionImpl.java:1544)
>>> at org.hibernate.impl.CriteriaImpl.list(CriteriaImpl.java:283)
>>> at
>>> org.hibernate.impl.CriteriaImpl.uniqueResult(CriteriaImpl.java:305)
>>> at
>>> org.sakaiproject.sitestats.impl.StatsUpdateManagerImpl.doUpdateServer
>>> StatObjects(StatsUpdateManagerImpl.java:1157)
>>> at
>>> org.sakaiproject.sitestats.impl.StatsUpdateManagerImpl.access$1400(St
>>> atsUpdateManagerImpl.java:76)
>>> at
>>> org.sakaiproject.sitestats.impl.StatsUpdateManagerImpl$4.doInHibernat
>>> e(StatsUpdateManagerImpl.java:878)
>>> at
>>> org.springframework.orm.hibernate3.HibernateTemplate.doExecute(Hibern
>>> ateTemplate.java:419)
>>> at
>>> org.springframework.orm.hibernate3.HibernateTemplate.execute(Hibernat
>>> eTemplate.java:339)
>>> at
>>> org.sakaiproject.sitestats.impl.StatsUpdateManagerImpl.doUpdateConsol
>>> idatedEvents(StatsUpdateManagerImpl.java:805)
>>> at
>>> org.sakaiproject.sitestats.impl.StatsUpdateManagerImpl.run(StatsUpdat
>>> eManagerImpl.java:484)
>>> at java.lang.Thread.run(Thread.java:619)
>>>
>>>
>>>
>>> On Mon, Jun 23, 2014 at 1:04 PM, Jehan <jeehaaan at gmail.com> wrote:
>>>
>>>> Thanks! problem resolved, it was realm entry missing.
>>>>
>>>>
>>>>
>>>> On Mon, Jun 23, 2014 at 10:24 AM, Jehan <jeehaaan at gmail.com> wrote:
>>>>
>>>>> Dear Metthew Jhones!
>>>>>
>>>>> Yes! I want to create new tool for some users who will create new user
>>>>> accounts only.
>>>>>
>>>>> Yes! I am using UserDirectoryService.
>>>>>
>>>>> New tool is added to a project site, and that user i.g., "DAVID" is
>>>>> added with maintain role.
>>>>>
>>>>>
>>>>> When "DAVID" attempt to create new user then face
>>>>> permission/security exception. I don't want to give access of !admin
>>>>> (Administrator Workspace) to that user.
>>>>>
>>>>> How to resolve permission exception.
>>>>>
>>>>> Thanks
>>>>>
>>>>>
>>>>>
>>>>> On Mon, Jun 23, 2014 at 8:50 AM, Steve Swinsburg <
>>>>> steve.swinsburg at gmail.com> wrote:
>>>>>
>>>>>> As others have suggested, use the api.
>>>>>>
>>>>>> Rule of thumb: unless your tool owns the database tables, dont touch
>>>>>> them with SQL.
>>>>>>
>>>>>> You can wrap the api calls with session escalation if required. Know
>>>>>> what you are doing before you do that though, and how to cleanup.
>>>>>>
>>>>>> Cheers
>>>>>> Steve
>>>>>>
>>>>>> sent from my mobile device
>>>>>> On 21/06/2014 3:09 PM, "Jehan" <jeehaaan at gmail.com> wrote:
>>>>>>
>>>>>>> Dear Johan
>>>>>>>
>>>>>>> I want to create a new tool for user creation and password
>>>>>>> resetting, that tool permission will be given to an academic assistant, who
>>>>>>> will be able to change password and create new user of his department
>>>>>>> only, we cannot give him admin rights/realm, and without admin rights
>>>>>>> webservices gives permission exception while creating new user.
>>>>>>>
>>>>>>> Can you help.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Fri, Jun 20, 2014 at 8:06 PM, John Bush <jbush at anisakai.com>
>>>>>>> wrote:
>>>>>>>
>>>>>>>> yes but I think it would be several sql calls, but its the wrong way
>>>>>>>> to do it, so I'm not going to give you any details to shoot
>>>>>>>> yourself
>>>>>>>> in the foot with.
>>>>>>>>
>>>>>>>> On Fri, Jun 20, 2014 at 3:06 AM, Jehan <jeehaaan at gmail.com> wrote:
>>>>>>>> > Dear All
>>>>>>>> >
>>>>>>>> >
>>>>>>>> > Is it possible to create new user using Sql Query instead of using
>>>>>>>> > web-service call.
>>>>>>>> >
>>>>>>>> > Thanks
>>>>>>>> >
>>>>>>>> > _______________________________________________
>>>>>>>> > sakai-dev mailing list
>>>>>>>> > sakai-dev at collab.sakaiproject.org
>>>>>>>> > http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>>>>>>>> >
>>>>>>>> > TO UNSUBSCRIBE: send email to
>>>>>>>> sakai-dev-unsubscribe at collab.sakaiproject.org
>>>>>>>> > with a subject of "unsubscribe"
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> John Bush
>>>>>>>> 602-490-0470
>>>>>>>>
>>>>>>>> ** This message is neither private nor confidential in fact the US
>>>>>>>> government is storing it in a warehouse located in Utah for future
>>>>>>>> data mining use cases should they arise. **
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> sakai-dev mailing list
>>>>>>> sakai-dev at collab.sakaiproject.org
>>>>>>> http://collab.sakaiproject.org/mailman/listinfo/sakai-dev
>>>>>>>
>>>>>>> TO UNSUBSCRIBE: send email to
>>>>>>> sakai-dev-unsubscribe at collab.sakaiproject.org with a subject of
>>>>>>> "unsubscribe"
>>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://collab.sakaiproject.org/pipermail/sakai-dev/attachments/20140624/6fc41a9b/attachment.html
More information about the sakai-dev
mailing list