AnsweredAssumed Answered

{Is now working} Has anyone successfully used PersonPersister to create a user account, set system role and password?

Question asked by LumHonPeng on Dec 6, 2016
Latest reply on Dec 9, 2016 by malcolm.murray

Hi,

 

It's embarrassing. It appears that I have missed something when trying to create a student account. I keep getting the following error message when i try to create a user, set GUEST system role, set password:

java.security.AccessControlException: access denied ("blackboard.data.AttributePermission" "user.authinfo" "set")

 

The use-case is to allow the instructor (on access) via course tools to create a guest student account - set the password & login id to display to the instructor for dissemination to their students. It needs to set the System Role to guest to restrict access only to content. This use-case facilitates a workaround for another issue that is more business / timing related (that is not easily changed).

 

Thank you for your replies. Managed to get it to work. It is embarrassing - my mistake - cause:

  1. After uploading the module, I did not perform a "services.appserver.restart" after installing the module
  2. Did not add <permission type="attribute" name="user.personalinfo" actions="get,set" /> - this did not show up until i restarted the application server.
  3. Using <permission type="attribute" name="*.*" actions="get,set" /> does not appear to work for the above - although i remember seeing some cases which use name="*"

 

Updated below is the final permissions list & code.

 

Regards,

Lum

bb-manifest.xml
{UPDATED} Updated to grant access to all tools, objects.

    <!-- code permissions required for proper operation -->

    <permissions>

        <permission type="blackboard.data.AttributePermission" name="sessionmanager" actions="get" />

        <permission type="attribute" name="user.authinfo" actions="get,set" />

        <permission type="attribute" name="user.personalinfo" actions="get,set" />

        <permission type="persist" name="user" actions="create,modify" />

        <permission type="persist" name="userrole" actions="create,modify,delete" />

        <permission type="persist" name="coursemembership" actions="create,modify,delete" />

        <permission type="persist" name="enrollment" actions="create,modify,delete" />

        <permission type="persist" name="enrollment.rowstatus" actions="create,modify,delete" />

        <permission type="java.io.FilePermission" name="${java.home}/lib/*" actions="read" />

        <permission type="java.io.FilePermission" name="BB_HOME/logs/-" actions="read,write" />

        <permission type="socket" name="*" actions="connect,resolve"/>

    </permissions>

 

Code Fragment
{UPDATED} Method for creating the guest account is as follows

 

 

protected boolean createGuestStudent(ServletContext application, HttpServletRequest request,

  Course currentCrs, String gsUserName, String gsPwd, StringBuffer errorSB, LogService LogManager)

{

  boolean isCreated = false;

  if (gsUserName==null){

  errorSB = errorSB.append("Unable to retrieve course ID to formulate guest student id.");

  return false;

  }

  if (gsPwd==null){

  errorSB = errorSB.append("Unable to generate password for guest student account.");

  return false;

  }

  if (currentCrs==null){

  errorSB = errorSB.append("Unable to retrieve current course information.");

  return false;

  }

 

  // ## Step 3 - get User ID & Password

  PersonLoader pLoader = null; //deprecated in 9.1 Q2 2016

  PersonPersister pSaver = null; //deprecated in 9.1 Q2 2016

  Person guestPerson = null;

  PortalRole pRole = null;

  PortalRoleDbLoader prLoader = null;

  DataSource dsk = null;

  DataSourceLoader dsLoader = null;

  String crsBatchUid = currentCrs.getBatchUid();

  // ## Step 3b - create user

  try{

  try{

  dsLoader = DataSourceLoader.Default.getInstance();

  dsk = dsLoader.loadByBatchUid("SYSTEM");

  }catch(Exception e2){

  dsk = null;

  if (LogManager!=null){

  LogManager.logError(myRefName+" Load SYSTEM Data Source Error: " + e2.getMessage());

  }

  }

  prLoader = PortalRoleDbLoader.Default.getInstance();

  try{

  pRole = prLoader.loadByRoleId("STUDENT");

 

  // #### Start - for debugging

  List<PortalRole> allPR = prLoader.loadAll();

  String prNameList = "";

  Iterator<PortalRole> debugPRIter = allPR!=null && !allPR.isEmpty()? allPR.iterator(): null;

  while(debugPRIter.hasNext()){

  PortalRole debugOnePR = debugPRIter.next();

  prNameList += debugOnePR.getRoleID() +"-"+ debugOnePR.getRoleName() +", ";

  }

  // #### End - for debugging

 

  }catch(Exception e2){

  pRole = null;

  if (LogManager!=null){

  LogManager.logError(myRefName+" Load STUDENT Portal Role by Role Id Error: " + e2.getMessage());

  }

  }

 

 

  // Create person object. Reference:

  // https://en-us.help.blackboard.com/Learn/9.1_Older_Versions/9.1_2014_and_2015/Administrator/070_Server_Management_and_Integrations/System_Integration/SIS/070_Command_Line_Tools/010_Snapshot_CL_Tool/Elements/User_Elements

  guestPerson = new Person();

  guestPerson.setBatchUid(gsUserName); // case sensitive?

  guestPerson.setUserName(gsUserName); // case insensitive

 

 

  guestPerson.setDepartment("Guest Student");

  guestPerson.setIsAvailable(true);

  if (dsk!=null) guestPerson.setDataSourceId(dsk.getId());

  // set STUDENT institution role

  if (pRole!=null){

  guestPerson.setPortalRoleId(pRole.getId());

  }else{

  if (LogManager!=null){

  LogManager.logError(myRefName+" Cannot find PortalRole(Student) for "+gsUserName);

  }

  guestPerson.setInstitutionRole(User.InstRole.STUDENT);

  }

  LogManager.logError(myRefName+" Portal Role: " + pRole);

 

 

 

  guestPerson.setGivenName("Guest Student of ");

  guestPerson.setFamilyName(crsBatchUid );

 

  // Ensure that account is enabled.

  try{

  guestPerson.setRowStatus(IAdminObject.RowStatus.ENABLED);

  }catch(Exception e2){

  if (LogManager!=null){

  LogManager.logError(myRefName+" Enable Status Error: " + e2.getMessage(), e2);

  }

  }

  guestPerson.validate();

  try{

  pSaver = PersonPersister.Default.getInstance();

  pSaver.save(guestPerson);

  isCreated = true;

  }catch(Exception e2){

  isCreated = false;

  if (LogManager!=null){

  LogManager.logError(myRefName+" Save Person Error: " + e2.getMessage(), e2);

  }

  }

 

  }catch(Exception e){

  guestPerson = null;

  isCreated = false;

  errorSB = errorSB.append("<li>Unable to create Guest Student account.</li>");

  if (LogManager!=null){

  LogManager.logError(myRefName+" Create Person Error. Person Id="+

  gsUserName +": "+e.getMessage(), e);

  }

 

 

  }

  if (guestPerson == null) return false;

  if (LogManager!=null){

  LogManager.logError(myRefName+" Created/Updated Person. Person Id="+

  gsUserName +", Pwd="+gsPwd);

  }

  UserDbLoader uLoader = null;

  UserDbPersister uSaver = null;

  User bbUser = null;

  try{

  uLoader = UserDbLoader.Default.getInstance();

  bbUser  = uLoader.loadByBatchUid(gsUserName);

  // ## Set password ##

  try{

  String hashedGsPwd = SecurityUtil.encodePassword(gsPwd);

  bbUser.setPassword(hashedGsPwd);

  }catch(Exception e2){

  if (LogManager!=null){

  LogManager.logError(myRefName+" Set Password Error: " + e2.getMessage());

  }

  }

  // ## set GUEST system role ##

  try{

  bbUser.setSystemRole(User.SystemRole.GUEST);

  }catch(Exception e2){

  if (LogManager!=null){

  LogManager.logError(myRefName+" Set System Role Error: " + e2.getMessage());

  }

  }

  // ## Save changes ##

  try{

  bbUser.validate();

  uSaver = UserDbPersister.Default.getInstance();

  uSaver.persist(bbUser);

  }catch(Exception e2){

  if (LogManager!=null){

  LogManager.logError(myRefName+" Save Person Error: " + e2.getMessage());

  }

  }

  }catch(Exception e){

  if (LogManager!=null){

  LogManager.logError(myRefName+" Load User Error: " + e.getMessage());

  }

  }

 

  String personBatchUid = guestPerson.getBatchUid();

  Id personId = guestPerson.getId(), crsId = currentCrs.getId();

  if (personBatchUid == null || crsBatchUid == null) return false;

 

 

  // ## Step 3c - ensure that user has membership to this course

  CourseMembership cEnroll = null;

  blackboard.persist.course.CourseMembershipDbLoader ceLoader = null;

  blackboard.persist.course.CourseMembershipDbPersister ceSaver = null;

 

 

  try{

  ceLoader = blackboard.persist.course.CourseMembershipDbLoader.Default.getInstance();

  cEnroll  = ceLoader.loadByCourseAndUserId(crsId, personId);

  }catch(Exception e){

  cEnroll = null;

  if (LogManager!=null){

  LogManager.logError(myRefName+" Load Enrolment Error. Course, Person BUID="+

  crsBatchUid+","+personBatchUid +": "+e.getMessage());

  }

 

 

  }

  if (cEnroll == null){

  cEnroll = new CourseMembership();

  cEnroll.setCourseId(crsId);

  cEnroll.setUserId(personId);

  cEnroll.setUser(guestPerson);

  }

  try{

  // create membership

  cEnroll.setIsAvailable(true);

// cEnroll.setRowStatus(IAdminObject.RowStatus.ENABLED);

  cEnroll.setRole(CourseMembership.Role.STUDENT);

  if (dsk!=null) cEnroll.setDataSourceId(dsk.getId());

  cEnroll.validate();

  // Save membership

  ceSaver = blackboard.persist.course.CourseMembershipDbPersister.Default.getInstance();

  ceSaver.persist(cEnroll);

  }catch(Exception e){

  cEnroll = null;

  isCreated = false;

  errorSB = errorSB.append("<li>Unable to enroll Guest Student ").append(gsUserName).append(" to this Course.</li>");

  if (LogManager!=null){

  LogManager.logError(myRefName+" Create Enrolment Error. Course, Person BUID="+

  crsBatchUid+","+personBatchUid +": "+e.getMessage(),e);

  }

  }

  return isCreated;

}// createGuestStudent

 

Message was edited by: Lum Hon Peng

Outcomes