Creates a new regular user. Current user's UST must belong to a super-user.
create_user(self, cid, data, current_ust, current_app, remote_addr)
cid: Correlation ID used by audit logdata: A dictionary of key/values to create a new user from. On output, the dictionary will be enriched with defaults assigned during the creation process.current_ust: Current user's USTcurrent_app: Name of application the current user is issuing the call fromremote_addr: User's remote addressReturns: None - the input 'data' dictionary is modified in placeKeys accepted by the 'data' dictionary:
| Key | Optional | Default | Notes |
|---|---|---|---|
| username | --- | --- | Must be unique among all users |
| password | Yes | 192 bits | If not given, a random string of 192 bits will be assigned |
| password_must_change | Yes | False | Is the user required to change the password before they log in |
| display_name | Yes | --- | Display name |
| first_name | Yes | --- | First name |
| middle_name | Yes | --- | Middle name |
| last_name | Yes | --- | Last name |
| Yes | --- | User's email | |
| is_locked | Yes | --- | Should the account be locked upon creation, i.e. logging in will not be possible |
| sign_up_status | Yes | final | User's initial signup status, by default it is 'final' meaning the user is fully signed up |
| is_totp_enabled | Yes | False | Should TOTP-based two factor authentication be enabled for user |
| totp_key | Yes | Auto-generated | User's TOTP key, one will be auto-generated for user if it is not given on input, even if is_totp_enabled is False |
| totp_label | Yes | <default-label> | An arbitrary label assigned to user's TOTP key for convenience |
# -*- coding: utf-8 -*-
# Zato
from zato.server.service import Service
class CreateUser(Service):
def handle(self):
# Request metadata
current_ust = 'gAAAAABalo6MX7z62Pyo416OFfDJ-4MuTMmSpIqAmvOXWckG...'
current_app = 'CRM'
remote_addr = '127.0.0.1'
# Creation data
data = {
'username': 'user1',
'password': '<password>',
'password_must_change': True,
'display_name': 'My User'
}
# Create user
self.sso.user.create_user(self.cid, data, current_ust, current_app, remote_addr)
# The input dictionary will have been updated in place
self.logger.info(data)
INFO {
'display_name': 'My User',
'is_active': True,
'is_internal': False,
'is_super_user': True,
'is_approval_needed': True,
'approval_status': 'before_decision',
'approval_status_mod_by': 'zusr3qnafn39208krbt0vt2nypx2ta',
'approval_status_mod_time': datetime.datetime(2022, 2, 28, 11, 33, 13, 359733),
'is_locked': False,
'password_expiry': datetime.datetime(2031, 2, 28, 11, 33, 13, 359733),
'password_must_change': True,
'password_last_set': datetime.datetime(2031, 2, 28, 11, 33, 13, 359733),
'sign_up_time': datetime.datetime(2031, 2, 28, 11, 33, 13, 359733),
'sign_up_status': 'final',
'username': 'user1',
'user_id': 'zusr1e2xwnk9p89ty8y0skcpy795c9'
}