RTI_CREATE_USER_DETAILS function for OpenInsight 10.0.5 and above.
OpenInsight 10 provides support for login policies including locking out of users after a definable number of unsuccessful attempts, password construction requirements, etc. Sensitive data for policy and user information is stored in AES encrypted records. Policies and users are maintained via the OpenInsight 10 IDE.
OpenInsight 10.0.5 and above introduces a new function called RTI_CREATE_USER_DETAILS that allows developers the ability to create a new user or modify information about an existing user in the OpenInsight database.
Description: Creates a new user or modifies information about an existing user in the current database.
Note: Only Level 1 (Administrator) and Level 2 (System Administrator) users can create users. Level 0 (User) users can only change their own, existing information.
Syntax: RTI_CREATE_USER_DETAILS(userID, currentPwd, userpassword, fullName, validValue, disabledFlag, disabledDate, disabledTime, resetFlag, userType, userLevel, o4wLevel, expirval, expirdate, errDetails)
Return: “1” if the create or edit succeeded
Value: “” or “0” if the create or edit failed, and additional details are returned in the errDetails parameter.
Parameters: The function has the following parameters.
|userID||A user identifier. userID must begin with an alpha character, followed by any combination of characters, digits, and underscores and cannot include spaces.|
|currentPwd||If enhanced authentication is enabled on this OpenInsight system, then a User-level user who wishes to change any user information must pass in the current password in this parameter. This allows the system to verify that they are authorised to make changes to this user information.|
|userpassword||The new password for this user. If enhanced authentication is enabled, then the password must match the specified authentication policy. If legacy authentication is used instead, the password must be a string of characters, 6 to 20 characters in length, and – if not specified – the default is null, and a password is not required to access the database as this user.|
|fullName||The full name of the user.|
|validValue||This is a user-defined parameter that allows the developer to specify additional information that they would like returned if the user’s logged-in state is queried (for example, to implement additional permission levels and groups). By default, this value is “1”.|
|disabledFlag||If enhanced authentication is enabled on this OpenInsight system, then if set (value is “1”), the user will be disabled; if it is reset (value is “0”), the user will no longer be disabled. If the user is disabled, pass in the additional disabledDate and disabledTime parameters.|
|disabledDate||If enhanced authentication is enabled on this OpenInsight system, and the disabledFlag has been set, this parameter specifies the internal date that the user is disabled until.|
|disabledTime||If enhanced authentication is enabled on this OpenInsight system, and the disabledFlag has been set, this parameter specifies the internal time that the user is disabled until.|
|resetFlag||If this parameter is set (“1”), the user must reset their password at the next login.|
|userType||If this user should only be allowed to access the OpenInsight desktop interface, specify “0” for this parameter. If this user should only be allowed to access OpenInsight via O4W, specify “1” for this parameter. If the user should be able to access both desktop and O4W instances, specify “2” for this parameter.|
|Userlevel||If the user is defined as an OI user, or as both an OI and O4W user, specify the OI permissions level here. There are three levels of users. When the user is logged in, the value is stored in the system variable @ADMIN.
There is no default value for Userlevel. If you do not specify a value, execution fails, and an error is generated.
|o4wLevel||If the user is defined as an O4W user, or both an O4W and OI user, specify the O4W permissions level here. The valid values for O4W permission groups are customisable on a per-site basis.|
|expirval||Expiration parameter for the password. Possible values are:|
|0||Expires at next login|
|1||Never Expires (default)|
|2||Expires at the expiry date|
|expirdate||If expirval = 2, the expiration date (passed as a standard output converted date in a format such as mm/dd/yyyy). Only required if expirval = 2. Note that this value is only relevant when legacy authentication is used on the OpenInsight system; if enhanced authentication is enabled, expiration will be as per policy.|
|errDetails||If any errors are encountered during the execution of this function, they are returned in this parameter.|