Expand my Community achievements bar.

Dive into Adobe Summit 2024! Explore curated list of AEM sessions & labs, register, connect with experts, ask questions, engage, and share insights. Don't miss the excitement.

UserManagement / Authorization API: Create role => Missing role id in database

Avatar

Level 1

Hello all,

As part of LiveCycle evaluation, I am trying to create roles automatically via the API. On the first invocation, the role gets created. For subsequent runs, I want to check that the role does not exist prior to creating it and thus I use the findRoles() api with a RoleSearchFilter: 

   RoleSearchFilter rsf = new RoleSearchFilter();

   // rsf.setMatchExactCriteria(false);

   rsf.setRoleId(roleName);

   // rsf.setRoleName(roleName);

   // rsf.setRoleType(RoleSearchFilter.ROLE_TYPE_ALL);

   // rsf.setResultsMax(1000);

   List<RoleImpl> foundRoles = amClient.findRoles(rsf); // amClient = AuthorizationManagerServiceClient instance

But the filter run never returns anything. Also, I have to force the roleId criteria otherwise LiveCycle complains: 'key must not be null'. Inspecting the database (EDCPRINCIPALENTITY table), I see that the created role has a null value for the canonical_name field (which apparently maps the role id in the principal's table).

If I update this field for testing, then the filter works.

So now: What can I do to fix this ? I would like to forcefully update the created role by setting the canonical name (via the principal api) but there's no such "update" API.

Any idea?  The issue is that any call to role / permissions lookup APIs fails (I guess because of not finding the role in the first place). For example: amClient.getAllRolePermissions(roleId)

Regards,

Using: LiveCycle ES4 - Version: 11.0.0, GM Service Pack Version: N/A Patch Version: N/A

1 Reply

Avatar

Employee Advisor

I'm able to get all the roles using below code :

RoleSearchFilter rsf = new RoleSearchFilter();

rsf.setRoleType(RoleSearchFilter.ROLE_TYPE_ALL);

rsf.setResultsMax(1000);

List roleList = amClient.findRoles(rsf);
Iterator rit = roleList.iterator();
String roleId1 = "";
while(rit.hasNext())
{
// Obtain the role identifier
roleId1 = ((Role)rit.next()).getId();

System.out.println("Role Found  " + (roleId1));

}

Output :

Role Found  BASIC_ROLE_ADMIN_CONSOLE

Role Found  BASIC_ROLE_APPLICATION_ADMINISTRATOR

Role Found  BASIC_ROLE_DOCUMENT_SERVICES_ADMINISTRATOR

Role Found  Document Upload Application Users

Role Found  AdobeFormsAdmin

Role Found  WF.PROCESS.ADMIN

Role Found  WF.PROCESS.DEV

Role Found  AdobeWorkspaceAdmin

Role Found  AdobeWorkspaceUser

Role Found  AdobeOutputAdmin

Role Found  PDFG_ROLE_ADMIN

Role Found  PDFG_ROLE_USER

Role Found  BASIC_ROLE_PROCESS_ADMIN

Role Found  ROLE_READER_EXTENSIONS_WEB_APPLICATION

Role Found  BASIC_ROLE_RESOURCE_ADMIN

Role Found  RIGHTS_MANAGEMENT_ADMINISTRATOR

Role Found  RIGHTS_MANAGEMENT_ENDUSER_CONSOLE

Role Found  RIGHTS_MANAGEMENT_INVITE_EXTERNAL_USER

Role Found  RIGHTS_MANAGEMENT_MANAGE_INVITED_AND_LOCAL_USERS

Role Found  RIGHTS_MANAGEMENT_POLICYSET_ADMINISTRATOR

Role Found  RIGHTS_MANAGEMENT_SUPERADMIN

Role Found  BASIC_ROLE_SECURITY_ADMINISTRATOR

Role Found  BASIC_ROLE_ADOBE_SERVICES_USER

Role Found  BASIC_ROLE_ADMINISTRATOR

Role Found  TestRole

Role Found  BASIC_ROLE_TRUST_ADMINISTRATOR

Could you please tell me how you are creating roles using API, to completely test your scenerio ?

Thanks,

Wasil