| | 298 | * StringValue - a string containing the element's value |
| | 299 | * '''Return Values:''' |
| | 300 | * The userid actually created |
| | 301 | |
| | 302 | Note that all non-optional fields must be provided, so this is best preceeded by a call to getProfileDescription to learn the fields. |
| | 303 | |
| | 304 | A base userid is constructed, either from the userid presented or from a required field in the profile. If that base userid is available, that a user with that userid is created. Otherwise the userid is disambiguated until there are no collisions. The userid actually created is returned. |
| | 305 | |
| | 306 | The user is created without membership in any projects and without a password. A password reset challenge (equivalent to one issued by requestPasswordReset) is issued and the challenge e-mailed to the user at the address in the profile. |
| | 307 | |
| | 308 | Administrators can create users without the confirmation step: |
| | 309 | |
| | 310 | * '''Service:''' Users |
| | 311 | * '''Operation:''' createUserNoConfirm |
| | 312 | * '''Input Parameters:''' |
| | 313 | * Userid - the requested userid (optional) |
| | 314 | * A list of profile elements each containing |
| | 315 | * Name - a string, the element's name |
| | 397 | === Changing Project Membership === |
| | 398 | |
| | 399 | Each of these changes propagates to the linked circle that controls resource permissions for the project. In particular, the permissions fields should include the union of the project and circle rights to set |
| | 400 | |
| | 401 | With appropriate rights a user can add another user to a project they are in. |
| | 402 | The user being added must confirm this addition (below). As a result of this call, users being added will be sent a notification including a challenge id to respond to, similar to a password change URL. The prefix for that URL can be passed in here. |
| | 403 | |
| | 404 | * '''Service:''' Projects |
| | 405 | * '''Operation:''' addUser |
| | 406 | * '''Input Parameters:''' |
| | 407 | * ProjectID - the project |
| | 408 | * Uids - the userids to add |
| | 409 | * Perms - the permissions to grant the user in this project. The values are given here. |
| | 410 | * urlPrefix - a prefix to direct the user to a specific web interface to respond to the challenge. |
| | 411 | * '''Return Values:''' |
| | 412 | * A list of results of the form |
| | 413 | * Name - the uid being added |
| | 414 | * Success - a flag indicating success or failure |
| | 415 | * Reason - the reason for a failure |
| | 416 | |
| | 417 | For each user successfully added, a notification is sent. To respond to that notification the UI must call: |
| | 418 | |
| | 419 | * '''Service:''' Projects |
| | 420 | * '''Operation:''' addUserConfirm |
| | 421 | * '''Input Parameters:''' |
| | 422 | * ChallengeID - the challenge being responded to |
| | 423 | * '''Return Values:''' |
| | 424 | * true if the user was subsequently added. A fault is thrown on errors. |
| | 425 | |
| | 426 | Users can also request to join a project. This requires some member of the project with ADD_USER rights to agree, so a notification is sent to all such users. |
| | 427 | |
| | 428 | * '''Service:''' Projects |
| | 429 | * '''Operation:''' JoinProject |
| | 430 | * '''Input Parameters:''' |
| | 431 | * Uid - the uid to add |
| | 432 | * ProjectID - the project to join |
| | 433 | * urlPrefix - a prefix to direct the user to a specific web interface to respond to the challenge. |
| | 434 | * '''Return Values:''' |
| | 435 | * None |
| | 436 | |
| | 437 | The join succeeds when a user with appropriate permissions calls joinProjectConfirm. |
| | 438 | Note that the user calling joinProjectConfirm sets the new user's project permissions. |
| | 439 | |
| | 440 | * '''Service:''' Projects |
| | 441 | * '''Operation:''' addUserConfirm |
| | 442 | * '''Input Parameters:''' |
| | 443 | * ChallengeID - the challenge being responded to |
| | 444 | * Perms - the permissions to grant the user in this project. The values are given here. |
| | 445 | * '''Return Values:''' |
| | 446 | * true if the user was subsequently added. A fault is thrown on errors. |
| | 447 | |
| | 448 | |
| | 449 | Users can be removed from projects: |
| | 450 | |
| | 451 | * '''Service:''' Projects |
| | 452 | * '''Operation:''' removeUsers |
| | 453 | * '''Input Parameters:''' |
| | 454 | * ProjectName - the project to change |
| | 455 | * Uids - uids to remove |
| | 456 | * '''Return Values:''' |
| | 457 | * A list of results of the form |
| | 458 | * Name - the uid being added |
| | 459 | * Success - a flag indicating success or failure |
| | 460 | * Reason - the reason for a failure |
| | 461 | |
| | 462 | If a user has the right to both add and remove a user, that user can change a user's permissions: |
| | 463 | |
| | 464 | * '''Service:''' Projects |
| | 465 | * '''Operation:''' changePermissions |
| | 466 | * '''Input Parameters:''' |
| | 467 | * ProjectName - the project to change |
| | 468 | * Uids - the uids to manipulate |
| | 469 | * Rights - a 32-bit integer encoding the user's rights (each a flag) |
| | 470 | * '''Return Values:''' |
| | 471 | * A list of results of the form |
| | 472 | * Name - the uid being added |
| | 473 | * Success - a flag indicating success or failure |
| | 474 | * Reason - the reason for a failure |
| | 475 | |
| 372 | | |
| 373 | | With appropriate rights a user can add another user to a project they are in: |
| 374 | | |
| 375 | | * '''Service:''' Projects |
| 376 | | * '''Operation:''' addUser |
| 377 | | * '''Input Parameters:''' |
| 378 | | * Userid - the requester's userid |
| 379 | | * ProjectName - the project to change |
| 380 | | * NewUser - the uid to add to the group |
| 381 | | * '''Return Values:''' |
| 382 | | * None |
| 383 | | |
| 384 | | If this fails, a fault is sent. A call to {{{viewProjects}}} will confirm the change. |
| 385 | | |
| 386 | | Similarly, a user can be removed: |
| 387 | | |
| 388 | | * '''Service:''' Projects |
| 389 | | * '''Operation:''' removeUser |
| 390 | | * '''Input Parameters:''' |
| 391 | | * Userid - the requester's userid |
| 392 | | * ProjectName - the project to change |
| 393 | | * RemoveUser - the uid to remove from the group |
| 394 | | * '''Return Values:''' |
| 395 | | * None |
| 396 | | |
| 397 | | If a user has the right to both add and remove a user, that user can change a user's permissions: |
| 398 | | |
| 399 | | * '''Service:''' Projects |
| 400 | | * '''Operation:''' changePermissions |
| 401 | | * '''Input Parameters:''' |
| 402 | | * Userid - the requester's userid |
| 403 | | * ProjectName - the project to change |
| 404 | | * TargetUser - the uid to manipulate |
| 405 | | * Rights - a 32-bit integer encoding the user's rights (each a flag) |
| 406 | | * ADD_USER - right to add a user to this group |
| 407 | | * REMOVE_USER - right to remove a user from this group |
| 408 | | * REALIZE_EXPERIMENT - the right to realize an experiment under this group |
| 409 | | * '''Return Values:''' |
| 410 | | * None |
| 423 | | A user may request to join an existing project. Note that the user need not be able to view or manipulate the project to make a request. The request will send a notification to users in the target group that can add users. |
| 424 | | |
| 425 | | * '''Service:''' Projects |
| 426 | | * '''Operation:''' requestJoin |
| 427 | | * '''Input Parameters:''' |
| 428 | | * Userid - the requester's userid |
| 429 | | * ProjectName - the project to join |
| 430 | | * '''Return Values:''' |
| 431 | | * None |
| 432 | | |
| 433 | | === Creating and Deleting Projects === |
| 434 | | |
| 435 | | Non-vetting projects can be created and deleted with little overhead: |
| 436 | | |
| 437 | | * '''Service:''' Projects |
| 438 | | * '''Operation:''' createProject |
| 439 | | * '''Input Parameters:''' |
| 440 | | * Userid - the requester's userid |
| 441 | | * Name - the new project's name |
| 442 | | * '''Return Values:''' |
| 443 | | * None |
| 444 | | |
| 445 | | On success the new project is created with the calling user as owner and sole member. The user has all rights. |
| 446 | | |
| 447 | | * '''Service:''' Projects |
| 448 | | * '''Operation:''' removeProject |
| 449 | | * '''Input Parameters:''' |
| 450 | | * Userid - the requester's userid |
| 451 | | * Name - the new project's name |
| 452 | | * '''Return Values:''' |
| 453 | | * None |
| 454 | | |
| 455 | | Generally an owner can remove a project, but removing a vetting project requires a testbed administrator. |
| 456 | | |
| 457 | | Because creating a vetting project may require review, it is more involved. First the user retrieves the testbed's schema for information to supply: |
| 458 | | |
| 459 | | * '''Service:''' Projects |
| 460 | | * '''Operation:''' getVettingRequirements |
| 461 | | * '''Input Parameters:''' |
| 462 | | * '''Return Values:''' |
| 463 | | * A list of requirements elements each containing |
| | 489 | === Project Profiles === |
| | 490 | |
| | 491 | The calls for manipulating a project profile are very similar to user profiles: |
| | 492 | |
| | 493 | To get a profile schema, for example to create an empty web page, |
| | 494 | |
| | 495 | * '''Service:''' Projects |
| | 496 | * '''Operation:''' getProfileDescription |
| | 497 | * '''Input Parameters:''' |
| | 498 | * '''Return Values:''' |
| | 499 | * Projectid - always empty |
| | 500 | * A list of profile elements each containing |
| 474 | | |
| 475 | | A web interface will gather this interface and call: |
| 476 | | |
| 477 | | * '''Service:''' Projects |
| 478 | | * '''Operation:''' createVettingProject |
| | 515 | * Format - a regular expression that can be used to validate the field entry (may be null, and generally is for optional fields) |
| | 516 | * FormatDescription - A brief, natural language description of the field input constraints, e.g. "A valid e-mail address" or "only numbers and spaces". |
| | 517 | * OrderingHint - an integer suggesting where to present the attribute. Lower numbers come first |
| | 518 | * LengthHint - an integer suggesting how long an input firld should be presented |
| | 519 | |
| | 520 | To read a project's profile. |
| | 521 | |
| | 522 | * '''Service:''' Projects |
| | 523 | * '''Operation:''' getProjectProfile |
| | 524 | * '''Input Parameters:''' |
| | 525 | * userid - a string naming the user to be retrieved |
| | 526 | * '''Return Values:''' |
| | 527 | * Projectid - the user whose profile is returned |
| | 528 | * A list of profile elements each containing |
| | 529 | * Name - a string, the element's name |
| | 530 | * DataType - a string giving the element's |
| | 531 | * string |
| | 532 | * integer |
| | 533 | * double |
| | 534 | * binary/opaque |
| | 535 | * Value - a string containing the element's value |
| | 536 | * Access - a 32-bit integer describing the access values (values at [http://www.isi.edu/~faber/tmp/doc/net/deterlab/testbed/user/UserAttribute.html Attribute's javadoc]) |
| | 537 | * READ_WRITE |
| | 538 | * READ_ONLY |
| | 539 | * WRITE_ONLY (e.g., password) |
| | 540 | * Optional - a flag true if the field is optional (must be present but may be empty) |
| | 541 | * Removable - a flag true if the field can be removed |
| | 542 | * Description - a string explaining the field |
| | 543 | * Format - a regular expression that can be used to validate the field entry (may be null, and generally is for optional fields) |
| | 544 | * FormatDescription - A brief, natural language description of the field input constraints, e.g. "A valid e-mail address" or "only numbers and spaces". |
| | 545 | * OrderingHint - an integer suggesting where to present the attribute. Lower numbers come first |
| | 546 | * LengthHint - an integer suggesting how long an input field should be presented |
| | 547 | |
| | 548 | Finally a user can modify a project profile: |
| | 549 | |
| | 550 | * '''Service:''' Projects |
| | 551 | * '''Operation:''' changeProjectProfile |
| | 552 | * '''Input Parameters:''' |
| | 553 | * ProjectId - the project's profile to modify |
| | 554 | * A list of change requests. Each request contains |
| | 555 | * Name - the name of the field to change |
| | 556 | * Value - the new value of the field |
| | 557 | * Delete - a flag, if true delete the field rather than modify it |
| | 558 | * '''Return Values:''' |
| | 559 | * A list of responses each containing |
| | 560 | * Name - astring with the name of the field |
| | 561 | * Success - a flag indicating if the request succeeded |
| | 562 | * Reason - a string indicating the reason if Success is false |
| | 563 | |
| | 564 | === Creating and Deleting Projects === |
| | 565 | |
| | 566 | Creating and removing projects are also similar to creating and removing users: |
| | 567 | |
| | 568 | * '''Service:''' Projects |
| | 569 | * '''Operation:''' createProject |
| | 570 | * '''Input Parameters:''' |
| | 571 | * ProjectId - the new project's name |
| | 572 | * Uid - the new owner's uid (usually the caller) |
| | 573 | * profile - a list of attributes that will make up the project's profile |
| | 574 | * A list of profile elements each containing |
| | 575 | * Name - a string, the element's name |
| | 576 | * StringValue - a string containing the element's value |
| | 577 | * '''Return Values:''' |
| | 578 | * None |
| | 579 | |
| | 580 | As with users, all required (non-optional) fields in the profile must be provided. The project will be created, but have no rights until approved. |
| | 581 | |
| | 582 | Approval is a result of the testbed's vetting process. The user will be sent a notification when their project is approved. When approved this call is made by an admin. |
| | 583 | |
| | 584 | * '''Service:''' Projects |
| | 585 | * '''Operation:''' approveProject |
| | 586 | * '''Input Parameters:''' |
| | 587 | * ProjectID - the project's name |
| | 588 | * approved - a boolean, the new approval state |
| | 589 | * '''Return Values:''' |
| | 590 | * None |
| | 591 | |
| | 592 | Note that this call can be used to un-approve a previously approved project. |
| | 593 | |
| | 594 | On success the new project is created with the calling user as owner and sole member. The user has all rights. |
| | 595 | |
| | 596 | * '''Service:''' Projects |
| | 597 | * '''Operation:''' removeProject |
| 481 | | * Name - a string containing the project name |
| 482 | | * A (possibly empty) list of vetting info fields requests. Each request contains |
| 483 | | * Name - the name of the field supplied |
| 484 | | * StringValue - the value of the field if this is not an opaque/binary field |
| 485 | | * BinaryValue - the value of the field if this is an opaque/binary field |
| 486 | | * '''Return Values:''' |
| 487 | | * None |
| 488 | | |
| 489 | | When this succeeds the data will be passed into the testbed's vetting process. The user will be notified out of band if the project was created. Behind the scenes the project is created by an admin using {{{createProject}}} and this call is made on it by the admin: |
| 490 | | |
| 491 | | * '''Service:''' Projects |
| 492 | | * '''Operation:''' makeProjectVetting |
| 493 | | * '''Input Parameters:''' |
| 494 | | * Userid - the requester's userid |
| 495 | | * Name - the project's name |
| 496 | | * '''Return Values:''' |
| 497 | | * None |
| 498 | | |
| 499 | | And then the admin adds the requesting user to the project makes them owner and removes themselves. |
| | 600 | * Name - the new project's name |
| | 601 | * '''Return Values:''' |
| | 602 | * None |
| | 603 | |
| | 604 | Generally an removing a project requires a testbed administrator. |
| | 605 | |
| | 606 | |
| | 607 | |
