This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

Create user by code
#1
Hello,

I know that user info is stored in /etc/config/httpd.

How can I create new user for http-Auth by lua-code?
It is some API for that?


Thank you
Reply
#2
You cannot create users this way. Normal users are stored in the main database. The only way for now is to use http requests to local web server, the same way as UI does it. The only thing that can be complex if you need ACL instead of full or no access to visualization, trends and schedulers.
Reply
#3
Ok, thanks.

It is any documentation about access to main database?
Reply
#4
This cannot be done with DB access. Here's an example of HTTP request which creates a new user. Change admin password in socket.http.request call.

Code:
require('json')
require('socket.http')
require('socket.url')

data = {
  name = 'test', -- full name
  login = 'testtest', -- login
  password = '123456', -- password
  password_repeat = '123456', -- must match password
  access_vis = 'F', -- full access to visualization
  access_schedulers = '', -- no access to schedulers
  access_trends = 'F', -- full access to trends
}

post = 'data=' .. socket.url.escape(json.encode(data))
res, err = socket.http.request('http://admin:admin@127.0.0.1/scada-main/users/save', post)
log(res, err)
Reply
#5
Good, use this script and it worked without any problem. But in my case, if I have created the users and the pages that can be displayed, but I need to change the passwords of these users, by code and with the help of a 250 byte input object String the password is modified or it is random , if the above could be?
Reply
#6
If you want to edit an existing user then you need to pass user ID in data table:
Code:
data = {
  id = 123,
  name = 'test',
  ...

You can get user IDs via a script:
Code:
users = db:getall('SELECT id, login FROM users')
log(users)
Reply
#7
Admin, thanks for answering. Request the user ID and with this help, I could change the password of the user, the inconvenience is that I only want to change your password, but I want to keep the pages that user could see. Try to create the user previously, giving permission to certain pages, then executing the code but in the access_vis = part change it to 'P'. When observing that he executed the code correctly, I verify the user Access and I notice that the pages that I had enabled for that user are disabled.
Reply
#8
Hi,

This is never possible without a reload as the browser is not aware of the changes made in the DB that runs server side.

Only with a reload the client (browser) will receive the updated information..

BR,

Erwin
Reply
#9
Hello, thanks for answering. As you can see in the video (link https://mega.nz/#!E8wj2AIY!d7sbLTXKBLWSI...SzwQGl7p4E) I reload the page, but it continues disabling the pages that I had previously enabled. Thank you and I will be attentive to your comments. Taking advantage of this thread, I would like to know if there is a manual where one can have information to all this part of the database, because in the manual of the logic machine lite 5, nothing of these internal operations appears (access to the base of data and others).
Reply
#10
For partial access you have to also pass IDs for items that use has access to. If you only need to change the password then it can be done via a .lp script. I'll post an example later.

Internal functions are not documented because they are internal Smile
Reply
#11
Ready, I'm attentive to your answers. On the other hand, apart from just changing the password but keeping the pages that the user has access to see, it would be very interesting to know how to modify which pages the user can see and which ones not through the script. Thank you.
Reply


Forum Jump: