User Management

  • concept
    +
    The SDK lets you programmatically create users, assign them roles and associated privileges, and remove them from the system.

    This is an overview of the user management API’s capabilities.

    Creating a User

    The syntax required for creating a user varies according to language, and is covered for each SDK in the management documentation. The basic form is as follows:

    boolean upsertUser (String userid, UserSettings settings)

    The method upsertUser creates a user and adds the user to the Couchbase Cluster. The user will subsequently be visible in the Security panel of the Couchbase Web Console. Note that successful user-addition results in a user locally defined, with username and password stored on Couchbase Server: external users (whose credentials reside on a network-available server, possibly accessed by means of LDAP) should not be created by this SDK method. If the local user created by upsertUser already exists, the previous definition is overwritten.

    The method takes two arguments. The first, a String is the user ID of the user to be created: for example, johnsmith0325, or user734. This must be specified.

    The second is a UserSettings object. This takes the following form:

    UserSettings {
        String password;
        String name;
        Role[] roles;
    }

    The object contains three data-members. The first is a String that specifies the user’s password: this must be provided. The second is a String that specifies the user’s name (for example, John Smith): this is optional, and so may be omitted. The third is an array of Role objects: this must be specified. Each Role object takes the following form:

    Role {
        String role;
        String bucket_name;
    }

    The object’s two data-members are both Strings, and must both be specified. The String specified as the role must correspond to a role supported by Couchbase Server. The String specified as the bucket_name must either correspond to a bucket currently defined on Couchbase Server; or be the asterisk character (*), meaning all buckets.

    The method returns a boolean, which is true if the operation is successful, otherwise false.

    Listing Users

    The basic form of the method used to return currently defined users is as follows:

    List<User> getUsers()

    The method returns a list of User objects, each of which takes the following form:

    User {
        String name;
        String id;
        String domain;
        Role[] roles;
    }

    The name is the full name of the user. The id is the user’s ID. The domain is either local or external. Each Role object in the Role-array has the form already described above, in Creating a User.

    Getting a User

    The basic form of the method used to return an already defined user is as follows:

    User getUser (String userid)

    The method returns a User object, which takes the following form:

    User {
        String name;
        String id;
        String domain;
        Role[] roles;
    }

    The name is the full name of the user. The id is the user’s ID. The domain is either local or external. Each Role object in the Role-array has the form described above, in Creating a User.

    Removing a User

    The basic form of the method used to remove users is as follows:

    boolean removeUser (String userid)

    The method’s sole argument is the id of the user to be removed from the system, specified as a String. The method returns a boolean, whose value is true if the operation is successful, otherwise false.